ГлавнаяБаза уязвимостей БДУ → BDU:2015-00982
7.8высокая

BDU:2015-00982 (CVE-2005-4811)

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
Опубликовано: 2016-07-06
Описание

Множественные уязвимости пакета kernel-patch-debian-2.6.8 операционной системы Debian GNU/Linux, эксплуатация которых может привести к нарушению доступности защищаемой информации. Эксплуатация уязвимостей может быть осуществлена удаленно.

Затрагиваемое ПО и версии
Debian GNU/Linux (до 3.1)
Способ устранения

Проблема может быть решена обновлением операционной системы до следующих версий пакетов в зависимости от архитектуры:
Debian GNU/Linux 3.1:
ppc:
kernel-build-2.6.8-4-power3 - 2.6.8-12sarge7
kernel-build-2.6.8-4-power3-smp - 2.6.8-12sarge7
kernel-build-2.6.8-4-power4 - 2.6.8-12sarge7
kernel-build-2.6.8-4-power4-smp - 2.6.8-12sarge7
kernel-build-2.6.8-4-powerpc - 2.6.8-12sarge7
kernel-build-2.6.8-4-powerpc-smp - 2.6.8-12sarge7
kernel-headers-2.6.8-4 - 2.6.8-12sarge7
kernel-image-2.6.8-4-power3 - 2.6.8-12sarge7
kernel-image-2.6.8-4-power3-smp - 2.6.8-12sarge7
kernel-image-2.6.8-4-power4 - 2.6.8-12sarge7
kernel-image-2.6.8-4-power4-smp - 2.6.8-12sarge7
kernel-image-2.6.8-4-powerpc - 2.6.8-12sarge7
kernel-image-2.6.8-4-powerpc-smp - 2.6.8-12sarge7
mol-modules-2.6.8-4-powerpc - 0.9.70+2.6.8+12sarge2
mol-modules-2.6.8-4-powerpc-smp - 0.9.70+2.6.8+12sarge2
s390x:
kernel-headers-2.6.8-4 - 2.6.8-5sarge7
kernel-image-2.6.8-4-s390 - 2.6.8-5sarge7
kernel-image-2.6.8-4-s390-tape - 2.6.8-5sarge7
kernel-image-2.6.8-4-s390x - 2.6.8-5sarge7
m68k:
kernel-image-2.6.8-amiga - 2.6.8-4sarge7
kernel-image-2.6.8-atari - 2.6.8-4sarge7
kernel-image-2.6.8-bvme6000 - 2.6.8-4sarge7
kernel-image-2.6.8-hp - 2.6.8-4sarge7
kernel-image-2.6.8-mac - 2.6.8-4sarge7
kernel-image-2.6.8-mvme147 - 2.6.8-4sarge7
kernel-image-2.6.8-mvme16x - 2.6.8-4sarge7
kernel-image-2.6.8-q40 - 2.6.8-4sarge7
kernel-image-2.6.8-sun3 - 2.6.8-4sarge7
i686:
fai-kernels - 1.9.1sarge6
hostap-modules-2.4.27-3-386 - 0.3.7-1sarge2
hostap-modules-2.4.27-3-586tsc - 0.3.7-1sarge2
hostap-modules-2.4.27-3-686 - 0.3.7-1sarge2
hostap-modules-2.4.27-3-686-smp - 0.3.7-1sarge2
hostap-modules-2.4.27-3-k6 - 0.3.7-1sarge2
hostap-modules-2.4.27-3-k7 - 0.3.7-1sarge2
hostap-modules-2.4.27-3-k7-smp - 0.3.7-1sarge2
hostap-modules-2.6.8-4-386 - 0.3.7-1sarge2
hostap-modules-2.6.8-4-686 - 0.3.7-1sarge2
hostap-modules-2.6.8-4-686-smp - 0.3.7-1sarge2
hostap-modules-2.6.8-4-k7 - 0.3.7-1sarge2
hostap-modules-2.6.8-4-k7-smp - 0.3.7-1sarge2
kernel-headers-2.6.8-4 - 2.6.8-16sarge7
kernel-headers-2.6.8-4-386 - 2.6.8-16sarge7
kernel-headers-2.6.8-4-686 - 2.6.8-16sarge7
kernel-headers-2.6.8-4-686-smp - 2.6.8-16sarge7
kernel-headers-2.6.8-4-k7 - 2.6.8-16sarge7
kernel-headers-2.6.8-4-k7-smp - 2.6.8-16sarge7
kernel-image-2.6.8-4-386 - 2.6.8-16sarge7
kernel-image-2.6.8-4-686 - 2.6.8-16sarge7
kernel-image-2.6.8-4-686-smp - 2.6.8-16sarge7
kernel-image-2.6.8-4-k7 - 2.6.8-16sarge7
kernel-image-2.6.8-4-k7-smp - 2.6.8-16sarge7
kernel-headers-2.6.8-13 - 2.6.8-16sarge7
kernel-headers-2.6.8-13-amd64-generic - 2.6.8-16sarge7
kernel-headers-2.6.8-13-amd64-k8 - 2.6.8-16sarge7
kernel-headers-2.6.8-13-amd64-k8-smp - 2.6.8-16sarge7
kernel-headers-2.6.8-13-em64t-p4 - 2.6.8-16sarge7
kernel-headers-2.6.8-13-em64t-p4-smp - 2.6.8-16sarge7
kernel-image-2.6.8-13-amd64-generic - 2.6.8-16sarge7
kernel-image-2.6.8-13-amd64-k8 - 2.6.8-16sarge7
kernel-image-2.6.8-13-amd64-k8-smp - 2.6.8-16sarge7
kernel-image-2.6.8-13-em64t-p4 - 2.6.8-16sarge7
kernel-image-2.6.8-13-em64t-p4-smp - 2.6.8-16sarge7
sparc:
kernel-build-2.6.8-4 - 2.6.8-15sarge7
kernel-headers-2.6.8-4 - 2.6.8-15sarge7
kernel-headers-2.6.8-4-sparc32 - 2.6.8-15sarge7
kernel-headers-2.6.8-4-sparc64 - 2.6.8-15sarge7
kernel-headers-2.6.8-4-sparc64-smp - 2.6.8-15sarge7
kernel-image-2.6.8-4-sparc32 - 2.6.8-15sarge7
kernel-image-2.6.8-4-sparc64 - 2.6.8-15sarge7
kernel-image-2.6.8-4-sparc64-smp - 2.6.8-15sarge7
x86-64:
kernel-headers-2.6.8-13 - 2.6.8-16sarge7
kernel-headers-2.6.8-13-amd64-generic - 2.6.8-16sarge7
kernel-headers-2.6.8-13-amd64-k8 - 2.6.8-16sarge7
kernel-headers-2.6.8-13-amd64-k8-smp - 2.6.8-16sarge7
kernel-headers-2.6.8-13-em64t-p4 - 2.6.8-16sarge7
kernel-headers-2.6.8-13-em64t-p4-smp - 2.6.8-16sarge7
kernel-image-2.6.8-13-amd64-generic - 2.6.8-16sarge7
kernel-image-2.6.8-13-amd64-k8 - 2.6.8-16sarge7
kernel-image-2.6.8-13-amd64-k8-smp - 2.6.8-16sarge7
kernel-image-2.6.8-13-em64t-p4 - 2.6.8-16sarge7
kernel-image-2.6.8-13-em64t-p4-smp - 2.6.8-16sarge7
ia64:
kernel-headers-2.6-itanium - 2.6.8-14sarge7
kernel-headers-2.6-itanium-smp - 2.6.8-14sarge7
kernel-headers-2.6-mckinley - 2.6.8-14sarge7
kernel-headers-2.6-mckinley-smp - 2.6.8-14sarge7
kernel-headers-2.6.8-4 - 2.6.8-14sarge7
kernel-headers-2.6.8-4-itanium - 2.6.8-14sarge7
kernel-headers-2.6.8-4-itanium-smp - 2.6.8-14sarge7
kernel-headers-2.6.8-4-mckinley - 2.6.8-14sarge7
kernel-headers-2.6.8-4-mckinley-smp - 2.6.8-14sarge7
kernel-image-2.6-itanium - 2.6.8-14sarge7
kernel-image-2.6-itanium-smp - 2.6.8-14sarge7
kernel-image-2.6-mckinley - 2.6.8-14sarge7
kernel-image-2.6-mckinley-smp - 2.6.8-14sarge7
kernel-image-2.6.8-4-itanium - 2.6.8-14sarge7
kernel-image-2.6.8-4-itanium-smp - 2.6.8-14sarge7
kernel-image-2.6.8-4-mckinley - 2.6.8-14sarge7
kernel-image-2.6.8-4-mckinley-smp - 2.6.8-14sarge7
alpha:
kernel-headers-2.6.8-4 - 2.6.8-16sarge7
kernel-headers-2.6.8-4-generic - 2.6.8-16sarge7
kernel-headers-2.6.8-4-smp - 2.6.8-16sarge7
kernel-image-2.6.8-4-generic - 2.6.8-16sarge7
kernel-image-2.6.8-4-smp - 2.6.8-16sarge7
noarch:
kernel-patch-2.6.8-s390 - 2.6.8-5sarge7
kernel-doc-2.6.8 - 2.6.8-16sarge7
kernel-patch-debian-2.6.8 - 2.6.8-16sarge7
kernel-source-2.6.8 - 2.6.8-16sarge7
kernel-tree-2.6.8 - 2.6.8-16sarge7
hppa:
kernel-headers-2.6.8-4 - 2.6.8-6sarge7
kernel-headers-2.6.8-4-32 - 2.6.8-6sarge7
kernel-headers-2.6.8-4-32-smp - 2.6.8-6sarge7
kernel-headers-2.6.8-4-64 - 2.6.8-6sarge7
kernel-headers-2.6.8-4-64-smp - 2.6.8-6sarge7
kernel-image-2.6.8-4-32 - 2.6.8-6sarge7
kernel-image-2.6.8-4-32-smp - 2.6.8-6sarge7
kernel-image-2.6.8-4-64 - 2.6.8-6sarge7
kernel-image-2.6.8-4-64-smp - 2.6.8-6sarge7

Оценка CVSS
Балл7.8 — высокая опасность
Источники и патчи
http://www.debian.org/security/dsa-1304/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4811http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4623http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5753
Проверьте безопасность своего сайта и почты → Полная проверка домена