ID FEDORA:0BC1B60876D6 Type fedora Reporter Fedora Modified 2017-01-24T03:49:45
Description
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program.
{"id": "FEDORA:0BC1B60876D6", "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 24 Update: gd-2.2.4-1.fc24", "description": "The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. ", "published": "2017-01-24T03:49:45", "modified": "2017-01-24T03:49:45", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2016-6912"], "lastseen": "2020-12-21T08:17:53", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-6912"]}, {"type": "fedora", "idList": ["FEDORA:25E33604B011"]}, {"type": "openvas", "idList": ["OPENVAS:703777", "OPENVAS:1361412562310703777", "OPENVAS:1361412562310872483", "OPENVAS:1361412562310872347", "OPENVAS:1361412562310872290", "OPENVAS:1361412562310872291", "OPENVAS:1361412562310843069"]}, {"type": "nessus", "idList": ["SUSE_SU-2017-0468-1.NASL", "OPENSUSE-2017-289.NASL", "UBUNTU_USN-3213-1.NASL", "FEDORA_2017-BAB5698540.NASL", "FEDORA_2017-2717B02630.NASL", "DEBIAN_DSA-3777.NASL", "SLACKWARE_SSA_2017-199-02.NASL"]}, {"type": "slackware", "idList": ["SSA-2017-199-02"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3777-1:DEBFD"]}, {"type": "ubuntu", "idList": ["USN-3213-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:893E6A95F9472DC4A1E8B56ACB613D31"]}], "modified": "2020-12-21T08:17:53", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2020-12-21T08:17:53", "rev": 2}, "vulnersScore": 4.5}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "24", "arch": "any", "packageName": "gd", "packageVersion": "2.2.4", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"cve": [{"lastseen": "2021-02-02T06:28:10", "description": "Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-26T15:59:00", "title": "CVE-2016-6912", "type": "cve", "cwe": ["CWE-415"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6912"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:libgd:libgd:2.2.3"], "id": "CVE-2016-6912", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6912", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:libgd:libgd:2.2.3:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6912"], "description": "The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. ", "modified": "2017-01-24T03:21:21", "published": "2017-01-24T03:21:21", "id": "FEDORA:25E33604B011", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: gd-2.2.4-1.fc25", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:13:04", "description": "## Version 2.2.4 - 2017-01-18\n\n### Security\n\n - gdImageCreate() doesn't check for oversized images and\n as such is prone to DoS vulnerabilities. (CVE-2016-9317)\n\n - double-free in gdImageWebPtr() (CVE-2016-6912)\n\n - potential unsigned underflow in gd_interpolation.c\n\n - DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n### Fixed\n\n - Fix #354: Signed Integer Overflow gd_io.c\n\n - Fix #340: System frozen\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n - Fix potential unsigned underflow\n\n - Fix double-free in gdImageWebPtr()\n\n - Fix invalid read in gdImageCreateFromTiffPtr()\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix #68: gif: buffer underflow reported by\n AddressSanitizer\n\n - Avoid potentially dangerous signed to unsigned\n conversion\n\n - Fix #304: test suite failure in gif/bug00006 [2.2.3]\n\n - Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause\n black border\n\n - Fix #330: Integer overflow in\n gdImageScaleBilinearPalette()\n\n - Fix 321: NULL pointer dereferences in\n gdImageRotateInterpolated\n\n - Fix whitespace and add missing comment block\n\n - Fix #319: gdImageRotateInterpolated can have wrong\n background color\n\n - Fix color quantization documentation\n\n - Fix #309: gdImageGd2() writes wrong chunk sizes on\n boundaries\n\n - Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor\n flag\n\n - Fix #300: gdImageClone() assigns res_y = res_x\n\n - Fix #299: Regression regarding gdImageRectangle() with\n gdImageSetThickness()\n\n - Replace GNU old-style field designators with C89\n compatible initializers\n\n - Fix #297: gdImageCrop() converts palette image to\n truecolor image\n\n - Fix #290: TGA RLE decoding is broken\n\n - Fix unnecessary non NULL checks\n\n - Fix #289: Passing unrecognized formats to gdImageGd2\n results in corrupted files\n\n - Fix #280: gdImageWebpEx() `quantization` parameter is a\n misnomer\n\n - Publish all gdImageCreateFromWebp*() functions and\n gdImageWebpCtx()\n\n - Fix issue #276: Sometimes pixels are missing when\n storing images as BMPs\n\n - Fix issue #275: gdImageBmpCtx() may segfault for\n non-seekable contexts\n\n - Fix copy&paste error in gdImageScaleBicubicFixed()\n\n### Added\n\n - More documentation\n\n - Documentation on GD and GD2 formats\n\n - More tests\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-24T00:00:00", "title": "Fedora 25 : gd (2017-bab5698540)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9317", "CVE-2016-6912"], "modified": "2017-01-24T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:gd"], "id": "FEDORA_2017-BAB5698540.NASL", "href": "https://www.tenable.com/plugins/nessus/96707", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-bab5698540.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96707);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-6912\", \"CVE-2016-9317\");\n script_xref(name:\"FEDORA\", value:\"2017-bab5698540\");\n\n script_name(english:\"Fedora 25 : gd (2017-bab5698540)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"## Version 2.2.4 - 2017-01-18\n\n### Security\n\n - gdImageCreate() doesn't check for oversized images and\n as such is prone to DoS vulnerabilities. (CVE-2016-9317)\n\n - double-free in gdImageWebPtr() (CVE-2016-6912)\n\n - potential unsigned underflow in gd_interpolation.c\n\n - DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n### Fixed\n\n - Fix #354: Signed Integer Overflow gd_io.c\n\n - Fix #340: System frozen\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n - Fix potential unsigned underflow\n\n - Fix double-free in gdImageWebPtr()\n\n - Fix invalid read in gdImageCreateFromTiffPtr()\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix #68: gif: buffer underflow reported by\n AddressSanitizer\n\n - Avoid potentially dangerous signed to unsigned\n conversion\n\n - Fix #304: test suite failure in gif/bug00006 [2.2.3]\n\n - Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause\n black border\n\n - Fix #330: Integer overflow in\n gdImageScaleBilinearPalette()\n\n - Fix 321: NULL pointer dereferences in\n gdImageRotateInterpolated\n\n - Fix whitespace and add missing comment block\n\n - Fix #319: gdImageRotateInterpolated can have wrong\n background color\n\n - Fix color quantization documentation\n\n - Fix #309: gdImageGd2() writes wrong chunk sizes on\n boundaries\n\n - Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor\n flag\n\n - Fix #300: gdImageClone() assigns res_y = res_x\n\n - Fix #299: Regression regarding gdImageRectangle() with\n gdImageSetThickness()\n\n - Replace GNU old-style field designators with C89\n compatible initializers\n\n - Fix #297: gdImageCrop() converts palette image to\n truecolor image\n\n - Fix #290: TGA RLE decoding is broken\n\n - Fix unnecessary non NULL checks\n\n - Fix #289: Passing unrecognized formats to gdImageGd2\n results in corrupted files\n\n - Fix #280: gdImageWebpEx() `quantization` parameter is a\n misnomer\n\n - Publish all gdImageCreateFromWebp*() functions and\n gdImageWebpCtx()\n\n - Fix issue #276: Sometimes pixels are missing when\n storing images as BMPs\n\n - Fix issue #275: gdImageBmpCtx() may segfault for\n non-seekable contexts\n\n - Fix copy&paste error in gdImageScaleBicubicFixed()\n\n### Added\n\n - More documentation\n\n - Documentation on GD and GD2 formats\n\n - More tests\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-bab5698540\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"gd-2.2.4-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:15:36", "description": "## Version 2.2.4 - 2017-01-18\n\n### Security\n\n - gdImageCreate() doesn't check for oversized images and\n as such is prone to DoS vulnerabilities. (CVE-2016-9317)\n\n - double-free in gdImageWebPtr() (CVE-2016-6912)\n\n - potential unsigned underflow in gd_interpolation.c\n\n - DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n### Fixed\n\n - Fix #354: Signed Integer Overflow gd_io.c\n\n - Fix #340: System frozen\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n - Fix potential unsigned underflow\n\n - Fix double-free in gdImageWebPtr()\n\n - Fix invalid read in gdImageCreateFromTiffPtr()\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix #68: gif: buffer underflow reported by\n AddressSanitizer\n\n - Avoid potentially dangerous signed to unsigned\n conversion\n\n - Fix #304: test suite failure in gif/bug00006 [2.2.3]\n\n - Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause\n black border\n\n - Fix #330: Integer overflow in\n gdImageScaleBilinearPalette()\n\n - Fix 321: NULL pointer dereferences in\n gdImageRotateInterpolated\n\n - Fix whitespace and add missing comment block\n\n - Fix #319: gdImageRotateInterpolated can have wrong\n background color\n\n - Fix color quantization documentation\n\n - Fix #309: gdImageGd2() writes wrong chunk sizes on\n boundaries\n\n - Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor\n flag\n\n - Fix #300: gdImageClone() assigns res_y = res_x\n\n - Fix #299: Regression regarding gdImageRectangle() with\n gdImageSetThickness()\n\n - Replace GNU old-style field designators with C89\n compatible initializers\n\n - Fix #297: gdImageCrop() converts palette image to\n truecolor image\n\n - Fix #290: TGA RLE decoding is broken\n\n - Fix unnecessary non NULL checks\n\n - Fix #289: Passing unrecognized formats to gdImageGd2\n results in corrupted files\n\n - Fix #280: gdImageWebpEx() `quantization` parameter is a\n misnomer\n\n - Publish all gdImageCreateFromWebp*() functions and\n gdImageWebpCtx()\n\n - Fix issue #276: Sometimes pixels are missing when\n storing images as BMPs\n\n - Fix issue #275: gdImageBmpCtx() may segfault for\n non-seekable contexts\n\n - Fix copy&paste error in gdImageScaleBicubicFixed()\n\n### Added\n\n - More documentation\n\n - Documentation on GD and GD2 formats\n\n - More tests\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-24T00:00:00", "title": "Fedora 24 : gd (2017-2717b02630)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9317", "CVE-2016-6912"], "modified": "2017-01-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gd", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-2717B02630.NASL", "href": "https://www.tenable.com/plugins/nessus/96706", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-2717b02630.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96706);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6912\", \"CVE-2016-9317\");\n script_xref(name:\"FEDORA\", value:\"2017-2717b02630\");\n\n script_name(english:\"Fedora 24 : gd (2017-2717b02630)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"## Version 2.2.4 - 2017-01-18\n\n### Security\n\n - gdImageCreate() doesn't check for oversized images and\n as such is prone to DoS vulnerabilities. (CVE-2016-9317)\n\n - double-free in gdImageWebPtr() (CVE-2016-6912)\n\n - potential unsigned underflow in gd_interpolation.c\n\n - DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n### Fixed\n\n - Fix #354: Signed Integer Overflow gd_io.c\n\n - Fix #340: System frozen\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix DOS vulnerability in gdImageCreateFromGd2Ctx()\n\n - Fix potential unsigned underflow\n\n - Fix double-free in gdImageWebPtr()\n\n - Fix invalid read in gdImageCreateFromTiffPtr()\n\n - Fix OOB reads of the TGA decompression buffer\n\n - Fix #68: gif: buffer underflow reported by\n AddressSanitizer\n\n - Avoid potentially dangerous signed to unsigned\n conversion\n\n - Fix #304: test suite failure in gif/bug00006 [2.2.3]\n\n - Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause\n black border\n\n - Fix #330: Integer overflow in\n gdImageScaleBilinearPalette()\n\n - Fix 321: NULL pointer dereferences in\n gdImageRotateInterpolated\n\n - Fix whitespace and add missing comment block\n\n - Fix #319: gdImageRotateInterpolated can have wrong\n background color\n\n - Fix color quantization documentation\n\n - Fix #309: gdImageGd2() writes wrong chunk sizes on\n boundaries\n\n - Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor\n flag\n\n - Fix #300: gdImageClone() assigns res_y = res_x\n\n - Fix #299: Regression regarding gdImageRectangle() with\n gdImageSetThickness()\n\n - Replace GNU old-style field designators with C89\n compatible initializers\n\n - Fix #297: gdImageCrop() converts palette image to\n truecolor image\n\n - Fix #290: TGA RLE decoding is broken\n\n - Fix unnecessary non NULL checks\n\n - Fix #289: Passing unrecognized formats to gdImageGd2\n results in corrupted files\n\n - Fix #280: gdImageWebpEx() `quantization` parameter is a\n misnomer\n\n - Publish all gdImageCreateFromWebp*() functions and\n gdImageWebpCtx()\n\n - Fix issue #276: Sometimes pixels are missing when\n storing images as BMPs\n\n - Fix issue #275: gdImageBmpCtx() may segfault for\n non-seekable contexts\n\n - Fix copy&paste error in gdImageScaleBicubicFixed()\n\n### Added\n\n - More documentation\n\n - Documentation on GD and GD2 formats\n\n - More tests\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-2717b02630\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"gd-2.2.4-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:11:03", "description": "New gd packages are available for Slackware 14.2 and -current to fix\nsecurity issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-19T00:00:00", "title": "Slackware 14.2 / current : gd (SSA:2017-199-02)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-10167"], "modified": "2017-07-19T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.2", "p-cpe:/a:slackware:slackware_linux:gd", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2017-199-02.NASL", "href": "https://www.tenable.com/plugins/nessus/101790", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-199-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101790);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6912\", \"CVE-2016-9317\");\n script_xref(name:\"SSA\", value:\"2017-199-02\");\n\n script_name(english:\"Slackware 14.2 / current : gd (SSA:2017-199-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gd packages are available for Slackware 14.2 and -current to fix\nsecurity issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.377075\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f16a3c1b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"gd\", pkgver:\"2.2.4\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"gd\", pkgver:\"2.2.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gd\", pkgver:\"2.2.4\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"gd\", pkgver:\"2.2.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T14:25:27", "description": "This update for gd fixes the following security issues :\n\n - CVE-2016-6906: An out-of-bounds read in TGA\n decompression was fixed which could have lead to\n crashes. (bsc#1022553)\n\n - CVE-2016-6912: Double free vulnerability in the\n gdImageWebPtr function in the GD Graphics Library (aka\n libgd) allowed remote attackers to have unspecified\n impact via large width and height values. (bsc#1022284)\n\n - CVE-2016-9317: The gdImageCreate function in the GD\n Graphics Library (aka libgd) allowed remote attackers to\n cause a denial of service (system hang) via an oversized\n image. (bsc#1022283)\n\n - CVE-2016-10166: A potential unsigned underflow in gd\n interpolation functions could lead to memory corruption\n in the GD Graphics Library (aka libgd) (bsc#1022263)\n\n - CVE-2016-10167: A denial of service problem in\n gdImageCreateFromGd2Ctx() could lead to libgd running\n out of memory even on small files. (bsc#1022264)\n\n - CVE-2016-10168: A signed integer overflow in the GD\n Graphics Library (aka libgd) could lead to memory\n corruption (bsc#1022265)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 29, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-02-16T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2017:0468-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "modified": "2017-02-16T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:gd-debuginfo", "p-cpe:/a:novell:suse_linux:gd", "p-cpe:/a:novell:suse_linux:gd-debugsource"], "id": "SUSE_SU-2017-0468-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97203", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0468-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97203);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\", \"CVE-2016-6912\", \"CVE-2016-9317\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2017:0468-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for gd fixes the following security issues :\n\n - CVE-2016-6906: An out-of-bounds read in TGA\n decompression was fixed which could have lead to\n crashes. (bsc#1022553)\n\n - CVE-2016-6912: Double free vulnerability in the\n gdImageWebPtr function in the GD Graphics Library (aka\n libgd) allowed remote attackers to have unspecified\n impact via large width and height values. (bsc#1022284)\n\n - CVE-2016-9317: The gdImageCreate function in the GD\n Graphics Library (aka libgd) allowed remote attackers to\n cause a denial of service (system hang) via an oversized\n image. (bsc#1022283)\n\n - CVE-2016-10166: A potential unsigned underflow in gd\n interpolation functions could lead to memory corruption\n in the GD Graphics Library (aka libgd) (bsc#1022263)\n\n - CVE-2016-10167: A denial of service problem in\n gdImageCreateFromGd2Ctx() could lead to libgd running\n out of memory even on small files. (bsc#1022264)\n\n - CVE-2016-10168: A signed integer overflow in the GD\n Graphics Library (aka libgd) could lead to memory\n corruption (bsc#1022265)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022283\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10167/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10168/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6906/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6912/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-9317/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170468-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c734a7bb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2017-241=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2017-241=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-241=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2017-241=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-241=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-241=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-241=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-241=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2017-241=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"gd-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"gd-debuginfo-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"gd-debugsource-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-debuginfo-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-debugsource-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gd-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gd-32bit-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gd-debuginfo-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gd-debuginfo-32bit-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"gd-debugsource-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-32bit-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-debuginfo-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-debuginfo-32bit-2.1.0-23.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"gd-debugsource-2.1.0-23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:50:05", "description": "Multiple vulnerabilities have been discovered in libgd2, a library for\nprogrammatic graphics creation and manipulation, which may result in\ndenial of service or potentially the execution of arbitrary code if a\nmalformed file is processed.", "edition": 26, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-02-01T00:00:00", "title": "Debian DSA-3777-1 : libgd2 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "modified": "2017-02-01T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libgd2"], "id": "DEBIAN_DSA-3777.NASL", "href": "https://www.tenable.com/plugins/nessus/96912", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3777. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96912);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\", \"CVE-2016-6912\", \"CVE-2016-9317\");\n script_xref(name:\"DSA\", value:\"3777\");\n\n script_name(english:\"Debian DSA-3777-1 : libgd2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in libgd2, a library for\nprogrammatic graphics creation and manipulation, which may result in\ndenial of service or potentially the execution of arbitrary code if a\nmalformed file is processed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libgd2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3777\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libgd2 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 2.1.0-5+deb8u9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgd2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libgd-dbg\", reference:\"2.1.0-5+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgd-dev\", reference:\"2.1.0-5+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgd-tools\", reference:\"2.1.0-5+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgd2-noxpm-dev\", reference:\"2.1.0-5+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgd2-xpm-dev\", reference:\"2.1.0-5+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgd3\", reference:\"2.1.0-5+deb8u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:32:16", "description": "This update for gd fixes the following security issues :\n\n - CVE-2016-6906: An out-of-bounds read in TGA\n decompression was fixed which could have lead to\n crashes. (bsc#1022553)\n\n - CVE-2016-6912: Double free vulnerability in the\n gdImageWebPtr function in the GD Graphics Library (aka\n libgd) allowed remote attackers to have unspecified\n impact via large width and height values. (bsc#1022284)\n\n - CVE-2016-9317: The gdImageCreate function in the GD\n Graphics Library (aka libgd) allowed remote attackers to\n cause a denial of service (system hang) via an oversized\n image. (bsc#1022283)\n\n - CVE-2016-10166: A potential unsigned underflow in gd\n interpolation functions could lead to memory corruption\n in the GD Graphics Library (aka libgd) (bsc#1022263)\n\n - CVE-2016-10167: A denial of service problem in\n gdImageCreateFromGd2Ctx() could lead to libgd running\n out of memory even on small files. (bsc#1022264)\n\n - CVE-2016-10168: A signed integer overflow in the GD\n Graphics Library (aka libgd) could lead to memory\n corruption (bsc#1022265)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-02-24T00:00:00", "title": "openSUSE Security Update : gd (openSUSE-2017-289)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "modified": "2017-02-24T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gd-debuginfo-32bit", "p-cpe:/a:novell:opensuse:gd-devel", "p-cpe:/a:novell:opensuse:gd-32bit", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:gd-debuginfo", "p-cpe:/a:novell:opensuse:gd", "cpe:/o:novell:opensuse:42.2", "p-cpe:/a:novell:opensuse:gd-debugsource"], "id": "OPENSUSE-2017-289.NASL", "href": "https://www.tenable.com/plugins/nessus/97369", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-289.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97369);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\", \"CVE-2016-6912\", \"CVE-2016-9317\");\n\n script_name(english:\"openSUSE Security Update : gd (openSUSE-2017-289)\");\n script_summary(english:\"Check for the openSUSE-2017-289 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for gd fixes the following security issues :\n\n - CVE-2016-6906: An out-of-bounds read in TGA\n decompression was fixed which could have lead to\n crashes. (bsc#1022553)\n\n - CVE-2016-6912: Double free vulnerability in the\n gdImageWebPtr function in the GD Graphics Library (aka\n libgd) allowed remote attackers to have unspecified\n impact via large width and height values. (bsc#1022284)\n\n - CVE-2016-9317: The gdImageCreate function in the GD\n Graphics Library (aka libgd) allowed remote attackers to\n cause a denial of service (system hang) via an oversized\n image. (bsc#1022283)\n\n - CVE-2016-10166: A potential unsigned underflow in gd\n interpolation functions could lead to memory corruption\n in the GD Graphics Library (aka libgd) (bsc#1022263)\n\n - CVE-2016-10167: A denial of service problem in\n gdImageCreateFromGd2Ctx() could lead to libgd running\n out of memory even on small files. (bsc#1022264)\n\n - CVE-2016-10168: A signed integer overflow in the GD\n Graphics Library (aka libgd) could lead to memory\n corruption (bsc#1022265)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022283\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022553\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1|SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1 / 42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gd-2.1.0-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gd-debuginfo-2.1.0-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gd-debugsource-2.1.0-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"gd-devel-2.1.0-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"gd-32bit-2.1.0-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"gd-debuginfo-32bit-2.1.0-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"gd-2.1.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"gd-debuginfo-2.1.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"gd-debugsource-2.1.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"gd-devel-2.1.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"gd-32bit-2.1.0-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"gd-debuginfo-32bit-2.1.0-16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gd / gd-32bit / gd-debuginfo / gd-debuginfo-32bit / gd-debugsource / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T07:32:02", "description": "Stefan Esser discovered that the GD library incorrectly handled memory\nwhen processing certain images. If a user or automated system were\ntricked into processing a specially crafted image, an attacker could\ncause a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n16.10. (CVE-2016-10166)\n\nIt was discovered that the GD library incorrectly handled certain\nmalformed images. If a user or automated system were tricked into\nprocessing a specially crafted image, an attacker could cause a denial\nof service. (CVE-2016-10167)\n\nIt was discovered that the GD library incorrectly handled certain\nmalformed images. If a user or automated system were tricked into\nprocessing a specially crafted image, an attacker could cause a denial\nof service, or possibly execute arbitrary code. (CVE-2016-10168)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled\ncertain malformed TGA images. If a user or automated system were\ntricked into processing a specially crafted TGA image, an attacker\ncould cause a denial of service. This issue only affected Ubuntu 14.04\nLTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6906)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled\ncertain malformed WebP images. If a user or automated system were\ntricked into processing a specially crafted WebP image, an attacker\ncould cause a denial of service, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n16.10. (CVE-2016-6912)\n\nIt was discovered that the GD library incorrectly handled creating\noversized images. If a user or automated system were tricked into\ncreating a specially crafted image, an attacker could cause a denial\nof service. (CVE-2016-9317)\n\nIt was discovered that the GD library incorrectly handled filling\ncertain images. If a user or automated system were tricked into\nfilling an image, an attacker could cause a denial of service.\n(CVE-2016-9933).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-03-01T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libgd2 vulnerabilities (USN-3213-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-9933", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libgd2-noxpm", "p-cpe:/a:canonical:ubuntu_linux:libgd2-xpm", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10", "p-cpe:/a:canonical:ubuntu_linux:libgd3", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3213-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97468", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3213-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97468);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\", \"CVE-2016-6912\", \"CVE-2016-9317\", \"CVE-2016-9933\");\n script_xref(name:\"USN\", value:\"3213-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libgd2 vulnerabilities (USN-3213-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stefan Esser discovered that the GD library incorrectly handled memory\nwhen processing certain images. If a user or automated system were\ntricked into processing a specially crafted image, an attacker could\ncause a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n16.10. (CVE-2016-10166)\n\nIt was discovered that the GD library incorrectly handled certain\nmalformed images. If a user or automated system were tricked into\nprocessing a specially crafted image, an attacker could cause a denial\nof service. (CVE-2016-10167)\n\nIt was discovered that the GD library incorrectly handled certain\nmalformed images. If a user or automated system were tricked into\nprocessing a specially crafted image, an attacker could cause a denial\nof service, or possibly execute arbitrary code. (CVE-2016-10168)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled\ncertain malformed TGA images. If a user or automated system were\ntricked into processing a specially crafted TGA image, an attacker\ncould cause a denial of service. This issue only affected Ubuntu 14.04\nLTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6906)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled\ncertain malformed WebP images. If a user or automated system were\ntricked into processing a specially crafted WebP image, an attacker\ncould cause a denial of service, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n16.10. (CVE-2016-6912)\n\nIt was discovered that the GD library incorrectly handled creating\noversized images. If a user or automated system were tricked into\ncreating a specially crafted image, an attacker could cause a denial\nof service. (CVE-2016-9317)\n\nIt was discovered that the GD library incorrectly handled filling\ncertain images. If a user or automated system were tricked into\nfilling an image, an attacker could cause a denial of service.\n(CVE-2016-9933).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3213-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgd2-noxpm, libgd2-xpm and / or libgd3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgd2-noxpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgd2-xpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgd3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libgd2-noxpm\", pkgver:\"2.0.36~rc1~dfsg-6ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libgd2-xpm\", pkgver:\"2.0.36~rc1~dfsg-6ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libgd3\", pkgver:\"2.1.0-3ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libgd3\", pkgver:\"2.1.1-4ubuntu0.16.04.6\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libgd3\", pkgver:\"2.2.1-1ubuntu3.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgd2-noxpm / libgd2-xpm / libgd3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9317", "CVE-2016-6912"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-01-24T00:00:00", "id": "OPENVAS:1361412562310872290", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872290", "type": "openvas", "title": "Fedora Update for gd FEDORA-2017-2717b02630", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gd FEDORA-2017-2717b02630\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872290\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:32 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2016-9317\", \"CVE-2016-6912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gd FEDORA-2017-2717b02630\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gd'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gd on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-2717b02630\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWAWR37VN4PHLS4S7MVQFML6TAE4KGF2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"gd\", rpm:\"gd~2.2.4~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9317", "CVE-2016-6912"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-01-24T00:00:00", "id": "OPENVAS:1361412562310872291", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872291", "type": "openvas", "title": "Fedora Update for gd FEDORA-2017-bab5698540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gd FEDORA-2017-bab5698540\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872291\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:34 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2016-9317\", \"CVE-2016-6912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gd FEDORA-2017-bab5698540\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gd'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gd on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-bab5698540\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHE3SM4HVAEXCO4WZKPXPIVEC7DBIDLK\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"gd\", rpm:\"gd~2.2.4~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-10167"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-02-20T00:00:00", "id": "OPENVAS:1361412562310872347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872347", "type": "openvas", "title": "Fedora Update for libwmf FEDORA-2017-f787c35494", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libwmf FEDORA-2017-f787c35494\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872347\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-20 11:38:30 +0100 (Mon, 20 Feb 2017)\");\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6912\", \"CVE-2016-9317\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libwmf FEDORA-2017-f787c35494\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libwmf on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-f787c35494\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXA7ARF3GJSSOXJJMIT3MTMPQ53677HW\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~50.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-10167"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-03-14T00:00:00", "id": "OPENVAS:1361412562310872483", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872483", "type": "openvas", "title": "Fedora Update for libwmf FEDORA-2017-9a5b89363f", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libwmf FEDORA-2017-9a5b89363f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872483\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-14 05:53:13 +0100 (Tue, 14 Mar 2017)\");\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6912\", \"CVE-2016-9317\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libwmf FEDORA-2017-9a5b89363f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libwmf'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libwmf on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-9a5b89363f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ED4PV4GKAZ5HGPYD32EFVFZIAN6EGMRQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwmf\", rpm:\"libwmf~0.2.8.4~50.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "description": "Multiple vulnerabilities have been\ndiscovered in libgd2, a library for programmatic graphics creation and manipulation,\nwhich may result in denial of service or potentially the execution of arbitrary\ncode if a malformed file is processed.", "modified": "2019-03-18T00:00:00", "published": "2017-02-03T00:00:00", "id": "OPENVAS:1361412562310703777", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703777", "type": "openvas", "title": "Debian Security Advisory DSA 3777-1 (libgd2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3777.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3777-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703777\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\",\n \"CVE-2016-6912\", \"CVE-2016-9317\");\n script_name(\"Debian Security Advisory DSA 3777-1 (libgd2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-03 12:11:12 +0530 (Fri, 03 Feb 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3777.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"libgd2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 2.1.0-5+deb8u9.\n\nFor the testing distribution (stretch) and the unstable distribution\n(sid), these problems have been fixed in version 2.2.4-1.\n\nWe recommend that you upgrade your libgd2 packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been\ndiscovered in libgd2, a library for programmatic graphics creation and manipulation,\nwhich may result in denial of service or potentially the execution of arbitrary\ncode if a malformed file is processed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libgd-dev:amd64\", ver:\"2.2.4-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd-dev:i386\", ver:\"2.2.4-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgd-tools\", ver:\"2.2.4-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd3:amd64\", ver:\"2.2.4-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd3:i386\", ver:\"2.2.4-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgd-dbg:amd64\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd-dbg:i386\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgd-dev:amd64\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd-dev:i386\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgd-tools\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgd2-noxpm-dev\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd2-xpm-dev\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd3:amd64\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgd3:i386\", ver:\"2.1.0-5+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:57:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "description": "Multiple vulnerabilities have been\ndiscovered in libgd2, a library for programmatic graphics creation and manipulation,\nwhich may result in denial of service or potentially the execution of arbitrary\ncode if a malformed file is processed.", "modified": "2017-07-07T00:00:00", "published": "2017-02-03T00:00:00", "id": "OPENVAS:703777", "href": "http://plugins.openvas.org/nasl.php?oid=703777", "type": "openvas", "title": "Debian Security Advisory DSA 3777-1 (libgd2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3777.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3777-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703777);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\",\n \"CVE-2016-6912\", \"CVE-2016-9317\");\n script_name(\"Debian Security Advisory DSA 3777-1 (libgd2 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-03 12:11:12 +0530 (Fri, 03 Feb 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3777.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libgd2 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 2.1.0-5+deb8u9.\n\nFor the testing distribution (stretch) and the unstable distribution\n(sid), these problems have been fixed in version 2.2.4-1.\n\nWe recommend that you upgrade your libgd2 packages.\");\n script_tag(name: \"summary\", value: \"Multiple vulnerabilities have been\ndiscovered in libgd2, a library for programmatic graphics creation and manipulation,\nwhich may result in denial of service or potentially the execution of arbitrary\ncode if a malformed file is processed.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libgd-dev:amd64\", ver:\"2.2.4-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd-dev:i386\", ver:\"2.2.4-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgd-tools\", ver:\"2.2.4-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd3:amd64\", ver:\"2.2.4-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd3:i386\", ver:\"2.2.4-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgd-dbg:amd64\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd-dbg:i386\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgd-dev:amd64\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd-dev:i386\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgd-tools\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgd2-noxpm-dev\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd2-xpm-dev\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd3:amd64\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgd3:i386\", ver:\"2.1.0-5+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:34:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10168", "CVE-2016-9933", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2017-03-01T00:00:00", "id": "OPENVAS:1361412562310843069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843069", "type": "openvas", "title": "Ubuntu Update for libgd2 USN-3213-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for libgd2 USN-3213-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843069\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-01 05:46:21 +0100 (Wed, 01 Mar 2017)\");\n script_cve_id(\"CVE-2016-10166\", \"CVE-2016-10167\", \"CVE-2016-10168\", \"CVE-2016-6906\", \"CVE-2016-6912\", \"CVE-2016-9317\", \"CVE-2016-9933\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libgd2 USN-3213-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgd2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Stefan Esser discovered that the GD library incorrectly handled memory when\nprocessing certain images. If a user or automated system were tricked into\nprocessing a specially crafted image, an attacker could cause a denial of\nservice, or possibly execute arbitrary code. This issue only affected\nUbuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10166)\n\nIt was discovered that the GD library incorrectly handled certain malformed\nimages. If a user or automated system were tricked into processing a\nspecially crafted image, an attacker could cause a denial of service.\n(CVE-2016-10167)\n\nIt was discovered that the GD library incorrectly handled certain malformed\nimages. If a user or automated system were tricked into processing a\nspecially crafted image, an attacker could cause a denial of service, or\npossibly execute arbitrary code. (CVE-2016-10168)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled certain\nmalformed TGA images. If a user or automated system were tricked into\nprocessing a specially crafted TGA image, an attacker could cause a denial\nof service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and\nUbuntu 16.10. (CVE-2016-6906)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled certain\nmalformed WebP images. If a user or automated system were tricked into\nprocessing a specially crafted WebP image, an attacker could cause a denial\nof service, or possibly execute arbitrary code. This issue only affected\nUbuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6912)\n\nIt was discovered that the GD library incorrectly handled creating\noversized images. If a user or automated system were tricked into creating\na specially crafted image, an attacker could cause a denial of service.\n(CVE-2016-9317)\n\nIt was discovered that the GD library incorrectly handled filling certain\nimages. If a user or automated system were tricked into filling an image,\nan attacker could cause a denial of service. (CVE-2016-9933)\");\n script_tag(name:\"affected\", value:\"libgd2 on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3213-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3213-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgd3\", ver:\"2.1.0-3ubuntu0.6\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgd3\", ver:\"2.2.1-1ubuntu3.3\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgd2-noxpm\", ver:\"2.0.36~rc1~dfsg-6ubuntu2.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgd2-xpm\", ver:\"2.0.36~rc1~dfsg-6ubuntu2.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgd3\", ver:\"2.1.1-4ubuntu0.16.04.6\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:20", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10166", "CVE-2016-10167", "CVE-2016-10168", "CVE-2016-6912", "CVE-2016-9317"], "description": "New gd packages are available for Slackware 14.2 and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/gd-2.2.4-i586-1_slack14.2.txz: Upgraded.\n Fixes security issues:\n gdImageCreate() doesn't check for oversized images and as such is prone to\n DoS vulnerabilities. (CVE-2016-9317)\n double-free in gdImageWebPtr() (CVE-2016-6912)\n potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)\n DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)\n Signed Integer Overflow gd_io.c (CVE-2016-10168)\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gd-2.2.4-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gd-2.2.4-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/gd-2.2.4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/gd-2.2.4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.2 package:\n21e9b5cb669f9d5ab687520335c0c2ab gd-2.2.4-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n86429d33e59bd6f819c0757c923d58c7 gd-2.2.4-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n3c2e50dcc5cbd4f895186cf096500a9f l/gd-2.2.4-i586-1.txz\n\nSlackware x86_64 -current package:\n26cd09da8385e8607795aaedfdb5758a l/gd-2.2.4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gd-2.2.4-i586-1_slack14.2.txz", "modified": "2017-07-18T23:14:05", "published": "2017-07-18T23:14:05", "id": "SSA-2017-199-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.377075", "type": "slackware", "title": "[slackware-security] gd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T00:56:28", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10168", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3777-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 31, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libgd2\nCVE ID : CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 CVE-2016-10166 \n CVE-2016-10167 CVE-2016-10168\n\nMultiple vulnerabilities have been discovered in libgd2, a library for\nprogrammatic graphics creation and manipulation, which may result in\ndenial of service or potentially the execution of arbitrary code if a\nmalformed file is processed.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.1.0-5+deb8u9.\n\nFor the testing distribution (stretch) and the unstable distribution\n(sid), these problems have been fixed in version 2.2.4-1.\n\nWe recommend that you upgrade your libgd2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2017-01-31T18:41:06", "published": "2017-01-31T18:41:06", "id": "DEBIAN:DSA-3777-1:DEBFD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00028.html", "title": "[SECURITY] [DSA 3777-1] libgd2 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:33:43", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10168", "CVE-2016-9933", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "description": "Stefan Esser discovered that the GD library incorrectly handled memory when \nprocessing certain images. If a user or automated system were tricked into \nprocessing a specially crafted image, an attacker could cause a denial of \nservice, or possibly execute arbitrary code. This issue only affected \nUbuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10166)\n\nIt was discovered that the GD library incorrectly handled certain malformed \nimages. If a user or automated system were tricked into processing a \nspecially crafted image, an attacker could cause a denial of service. \n(CVE-2016-10167)\n\nIt was discovered that the GD library incorrectly handled certain malformed \nimages. If a user or automated system were tricked into processing a \nspecially crafted image, an attacker could cause a denial of service, or \npossibly execute arbitrary code. (CVE-2016-10168)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled certain \nmalformed TGA images. If a user or automated system were tricked into \nprocessing a specially crafted TGA image, an attacker could cause a denial \nof service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and \nUbuntu 16.10. (CVE-2016-6906)\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled certain \nmalformed WebP images. If a user or automated system were tricked into \nprocessing a specially crafted WebP image, an attacker could cause a denial \nof service, or possibly execute arbitrary code. This issue only affected \nUbuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6912)\n\nIt was discovered that the GD library incorrectly handled creating \noversized images. If a user or automated system were tricked into creating \na specially crafted image, an attacker could cause a denial of service. \n(CVE-2016-9317)\n\nIt was discovered that the GD library incorrectly handled filling certain \nimages. If a user or automated system were tricked into filling an image, \nan attacker could cause a denial of service. (CVE-2016-9933)", "edition": 5, "modified": "2017-02-28T00:00:00", "published": "2017-02-28T00:00:00", "id": "USN-3213-1", "href": "https://ubuntu.com/security/notices/USN-3213-1", "title": "GD library vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:42", "bulletinFamily": "software", "cvelist": ["CVE-2016-10168", "CVE-2016-9933", "CVE-2016-10166", "CVE-2016-9317", "CVE-2016-6912", "CVE-2016-6906", "CVE-2016-10167"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nStefan Esser discovered that the GD library incorrectly handled memory when processing certain images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service, or possibly execute arbitrary code. ([CVE-2016-10166](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10166>))\n\nIt was discovered that the GD library incorrectly handled certain malformed images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service. ([CVE-2016-10167](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10167>))\n\nIt was discovered that the GD library incorrectly handled certain malformed images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service, or possibly execute arbitrary code. ([CVE-2016-10168](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10168>))\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled certain malformed TGA images. If a user or automated system were tricked into processing a specially crafted TGA image, an attacker could cause a denial of service. ([CVE-2016-6906](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6906>))\n\nIbrahim El-Sayed discovered that the GD library incorrectly handled certain malformed WebP images. If a user or automated system were tricked into processing a specially crafted WebP image, an attacker could cause a denial of service, or possibly execute arbitrary code. ([CVE-2016-6912](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6912>))\n\nIt was discovered that the GD library incorrectly handled creating oversized images. If a user or automated system were tricked into creating a specially crafted image, an attacker could cause a denial of service. ([CVE-2016-9317](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9317>))\n\nIt was discovered that the GD library incorrectly handled filling certain images. If a user or automated system were tricked into filling an image, an attacker could cause a denial of service. ([CVE-2016-9933](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9933>))\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.105.0.\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 versions 1.105.0 or later.\n\n# References\n\n * [USN-3213-1](<http://www.ubuntu.com/usn/usn-3213-1/>)\n * [CVE-2016-10166](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10166>)\n * [CVE-2016-10167](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10167>)\n * [CVE-2016-10168](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10168>)\n * [CVE-2016-6906](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6906>)\n * [CVE-2016-6912](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6912>)\n * [CVE-2016-9317](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9317>)\n * [CVE-2016-9933](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9933>)\n", "edition": 5, "modified": "2017-03-31T00:00:00", "published": "2017-03-31T00:00:00", "id": "CFOUNDRY:893E6A95F9472DC4A1E8B56ACB613D31", "href": "https://www.cloudfoundry.org/blog/usn-3213-1/", "title": "USN-3213-1: GD library vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
