ISO/Edinburgh-style Prolog compiler including modules, autoload, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib (Unix process control and sockets), cpp (C++ interface), sgml (reading XML/SGML), sgml/RDF (reading RDF into triples) and XPCE (Graphics UI toolkit, integrated editor (Emacs-clone) and source-level debugger).
{"openvas": [{"lastseen": "2017-12-04T11:27:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1214-1", "cvss3": {}, "published": "2011-09-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for gimp USN-1214-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840753", "href": "http://plugins.openvas.org/nasl.php?oid=840753", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1214_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for gimp USN-1214-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomas Hoger discovered that GIMP incorrectly handled malformed LZW streams.\n If a user were tricked into opening a specially crafted GIF image file, an\n attacker could cause GIMP to crash, or possibly execute arbitrary code with\n the user's privileges.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1214-1\";\ntag_affected = \"gimp on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1214-1/\");\n script_id(840753);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-23 16:39:49 +0200 (Fri, 23 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1214-1\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Ubuntu Update for gimp USN-1214-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.10-1ubuntu3.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.8-2ubuntu1.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.11-1ubuntu6.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:33", "description": "Check for the Version of pl", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for pl FEDORA-2011-11229", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:863935", "href": "http://plugins.openvas.org/nasl.php?oid=863935", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pl FEDORA-2011-11229\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pl on Fedora 16\";\ntag_insight = \"ISO/Edinburgh-style Prolog compiler including modules, auto-load,\n libraries, Garbage-collector, stack-expandor, C/C++-interface,\n GNU-readline interface, very fast compiler. Including packages clib\n (Unix process control and sockets), cpp (C++ interface), sgml (reading\n XML/SGML), sgml/RDF (reading RDF into triples) and XPCE (Graphics UI\n toolkit, integrated editor (Emacs-clone) and source-level debugger).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html\");\n script_id(863935);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:37:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11229\");\n script_name(\"Fedora Update for pl FEDORA-2011-11229\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"pl\", rpm:\"pl~5.10.2~5.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for cups RHSA-2012:0302-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870561", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870561", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cups RHSA-2012:0302-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00058.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870561\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:57:05 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:0302-03\");\n script_name(\"RedHat Update for cups RHSA-2012:0302-03\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"cups on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for Linux, UNIX, and similar operating systems.\n\n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the CUPS GIF image format\n reader. An attacker could create a malicious GIF image file that, when\n printed, could possibly cause CUPS to crash or, potentially, execute\n arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\n This update also fixes the following bugs:\n\n * Prior to this update, the 'Show Completed Jobs, ' 'Show All Jobs, ' and\n 'Show Active Jobs' buttons returned results globally across all printers\n and not the results for the specified printer. With this update, jobs from\n only the selected printer are shown. (BZ#625900)\n\n * Prior to this update, the code of the serial backend contained a wrong\n condition. As a consequence, print jobs on the raw print queue could not be\n canceled. This update modifies the condition in the serial backend code.\n Now, the user can cancel these print jobs. (BZ#625955)\n\n * Prior to this update, the textonly filter did not work if used as a pipe,\n for example when the command line did not specify the filename and the\n number of copies was always 1. This update modifies the condition in the\n textonly filter. Now, the data are sent to the printer regardless of the\n number of copies specified. (BZ#660518)\n\n * Prior to this update, the file descriptor count increased until it ran\n out of resources when the cups daemon was running with enabled\n Security-Enhanced Linux (SELinux) features. With this update, all resources\n are allocated only once. (BZ#668009)\n\n * Prior to this update, CUPS incorrectly handled the en_US.ASCII value for\n the LANG environment variable. As a consequence, the lpadmin, lpstat, and\n lpinfo binaries failed to write to standard output if using LANG with the\n value. This update fixes the handling of the en_US.ASCII value and the\n binaries now write to standard output properly. (BZ#759081)\n\n All users of cups are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-31T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2011-11197", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863467", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2011-11197\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863467\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-31 10:37:30 +0200 (Wed, 31 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11197\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Fedora Update for cups FEDORA-2011-11197\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"cups on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.8~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for pl FEDORA-2011-11229", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863935", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863935", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pl FEDORA-2011-11229\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863935\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:37:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11229\");\n script_name(\"Fedora Update for pl FEDORA-2011-11229\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"pl on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"pl\", rpm:\"pl~5.10.2~5.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:50", "description": "Check for the Version of cups", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for cups RHSA-2012:0302-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:870561", "href": "http://plugins.openvas.org/nasl.php?oid=870561", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cups RHSA-2012:0302-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for Linux, UNIX, and similar operating systems.\n\n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the CUPS GIF image format\n reader. An attacker could create a malicious GIF image file that, when\n printed, could possibly cause CUPS to crash or, potentially, execute\n arbitrary code with the privileges of the "lp" user. (CVE-2011-2896)\n\n This update also fixes the following bugs:\n\n * Prior to this update, the "Show Completed Jobs," "Show All Jobs," and\n "Show Active Jobs" buttons returned results globally across all printers\n and not the results for the specified printer. With this update, jobs from\n only the selected printer are shown. (BZ#625900)\n\n * Prior to this update, the code of the serial backend contained a wrong\n condition. As a consequence, print jobs on the raw print queue could not be\n canceled. This update modifies the condition in the serial backend code.\n Now, the user can cancel these print jobs. (BZ#625955)\n\n * Prior to this update, the textonly filter did not work if used as a pipe,\n for example when the command line did not specify the filename and the\n number of copies was always 1. This update modifies the condition in the\n textonly filter. Now, the data are sent to the printer regardless of the\n number of copies specified. (BZ#660518)\n\n * Prior to this update, the file descriptor count increased until it ran\n out of resources when the cups daemon was running with enabled\n Security-Enhanced Linux (SELinux) features. With this update, all resources\n are allocated only once. (BZ#668009)\n\n * Prior to this update, CUPS incorrectly handled the en_US.ASCII value for\n the LANG environment variable. As a consequence, the lpadmin, lpstat, and\n lpinfo binaries failed to write to standard output if using LANG with the\n value. This update fixes the handling of the en_US.ASCII value and the\n binaries now write to standard output properly. (BZ#759081)\n\n All users of cups are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\";\n\ntag_affected = \"cups on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00058.html\");\n script_id(870561);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:57:05 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0302-03\");\n script_name(\"RedHat Update for cups RHSA-2012:0302-03\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~30.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:33", "description": "Oracle Linux Local Security Checks ELSA-2012-0302", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0302", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0302.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123973\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0302\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0302 - cups security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0302\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0302.html\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~30.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~30.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~30.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~30.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:38", "description": "Check for the Version of cups", "cvss3": {}, "published": "2011-08-31T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2011-11197", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863467", "href": "http://plugins.openvas.org/nasl.php?oid=863467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2011-11197\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 15\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html\");\n script_id(863467);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-31 10:37:30 +0200 (Wed, 31 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11197\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Fedora Update for cups FEDORA-2011-11197\");\n\n script_summary(\"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.8~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:58", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1214-1", "cvss3": {}, "published": "2011-09-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for gimp USN-1214-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840753", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840753", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1214_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for gimp USN-1214-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1214-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840753\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-23 16:39:49 +0200 (Fri, 23 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1214-1\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Ubuntu Update for gimp USN-1214-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1214-1\");\n script_tag(name:\"affected\", value:\"gimp on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Tomas Hoger discovered that GIMP incorrectly handled malformed LZW streams.\n If a user were tricked into opening a specially crafted GIF image file, an\n attacker could cause GIMP to crash, or possibly execute arbitrary code with\n the user's privileges.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.10-1ubuntu3.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.8-2ubuntu1.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.11-1ubuntu6.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-03T10:56:46", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2011-10761", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863867", "href": "http://plugins.openvas.org/nasl.php?oid=863867", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2011-10761\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gimp on Fedora 16\";\ntag_insight = \"GIMP (GNU Image Manipulation Program) is a powerful image composition and\n editing program, which can be extremely useful for creating logos and other\n graphics for webpages. GIMP has many of the tools and filters you would expect\n to find in similar commercial offerings, and some interesting extras as well.\n GIMP provides a large image manipulation toolbox, including channel operations\n and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all\n with multi-level undo.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064232.html\");\n script_id(863867);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:26:57 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-10761\");\n script_name(\"Fedora Update for gimp FEDORA-2011-10761\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.11~21.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2011-11173", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864009", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864009", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2011-11173\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864009\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:53:53 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11173\");\n script_name(\"Fedora Update for cups FEDORA-2011-11173\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"cups on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.5.0~6.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:33", "description": "Check for the Version of pl", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for pl FEDORA-2011-11318", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863486", "href": "http://plugins.openvas.org/nasl.php?oid=863486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pl FEDORA-2011-11318\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pl on Fedora 14\";\ntag_insight = \"ISO/Edinburgh-style Prolog compiler including modules, autoload,\n libraries, Garbage-collector, stack-expandor, C/C++-interface,\n GNU-readline interface, very fast compiler. Including packages clib\n (Unix process control and sockets), cpp (C++ interface), sgml (reading\n XML/SGML), sgml/RDF (reading RDF into triples) and XPCE (Graphics UI\n toolkit, integrated editor (Emacs-clone) and source-level debugger).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html\");\n script_id(863486);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11318\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Fedora Update for pl FEDORA-2011-11318\");\n\n script_summary(\"Check for the Version of pl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"pl\", rpm:\"pl~5.7.11~7.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for cups RHSA-2011:1635-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870611", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cups RHSA-2011:1635-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870611\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:33:58 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:1635-03\");\n script_name(\"RedHat Update for cups RHSA-2011:1635-03\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"cups on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems.\n\n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the CUPS GIF image format\n reader. An attacker could create a malicious GIF image file that, when\n printed, could possibly cause CUPS to crash or, potentially, execute\n arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\n These updated cups packages also provide fixes for the following bugs:\n\n * Previously CUPS was not correctly handling the language setting\n LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were\n not displaying any output when the LANG=en_US.ASCII environment variable\n was used. As a result of this update the problem is fixed and the expected\n output is now displayed. (BZ#681836)\n\n * Previously the scheduler did not check for empty values of several\n configuration directives. As a consequence it was possible for the CUPS\n daemon (cupsd) to crash when a configuration file contained certain empty\n values. With this update the problem is fixed and cupsd no longer crashes\n when reading such a configuration file. (BZ#706673)\n\n * Previously when printing to a raw print queue, when using certain printer\n models, CUPS was incorrectly sending SNMP queries. As a consequence there\n was a noticeable 4-second delay between queueing the job and the start of\n printing. With this update the problem is fixed and CUPS no longer tries to\n collect SNMP supply and status information for raw print queues.\n (BZ#709896)\n\n * Previously when using the BrowsePoll directive it could happen that the\n CUPS printer polling daemon (cups-polld) began polling before the network\n interfaces were set up after a system boot. CUPS was then caching the\n failed hostname lookup. As a consequence no printers were found and the\n error, 'Host name lookup failure', was logged. With this update the code\n that re-initializes the resolver after failure in cups-polld is fixed and\n as a result CUPS will obtain the correct network settings to use in printer\n discovery. (BZ#712430)\n\n * The MaxJobs directive controls the maximum number of print jobs that are\n kept in memory. Previously, once the number of jobs reached the limit, the\n CUPS system failed to automatically purge the data file associated with the\n oldest completed job from the system in order to make room for a new print\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:07:34", "description": "Check for the Version of cups", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2011-11173", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:864009", "href": "http://plugins.openvas.org/nasl.php?oid=864009", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2011-11173\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 16\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html\");\n script_id(864009);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:53:53 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11173\");\n script_name(\"Fedora Update for cups FEDORA-2011-11173\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.5.0~6.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:25", "description": "Check for the Version of pl", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for pl FEDORA-2011-11305", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863485", "href": "http://plugins.openvas.org/nasl.php?oid=863485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pl FEDORA-2011-11305\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pl on Fedora 15\";\ntag_insight = \"ISO/Edinburgh-style Prolog compiler including modules, auto-load,\n libraries, Garbage-collector, stack-expandor, C/C++-interface,\n GNU-readline interface, very fast compiler. Including packages clib\n (Unix process control and sockets), cpp (C++ interface), sgml (reading\n XML/SGML), sgml/RDF (reading RDF into triples) and XPCE (Graphics UI\n toolkit, integrated editor (Emacs-clone) and source-level debugger).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html\");\n script_id(863485);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11305\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Fedora Update for pl FEDORA-2011-11305\");\n\n script_summary(\"Check for the Version of pl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"pl\", rpm:\"pl~5.10.2~5.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2011-10761", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863867", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863867", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2011-10761\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064232.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863867\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:26:57 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-10761\");\n script_name(\"Fedora Update for gimp FEDORA-2011-10761\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"gimp on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.11~21.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-03T10:57:13", "description": "Check for the Version of cups", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for cups RHSA-2011:1635-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:870611", "href": "http://plugins.openvas.org/nasl.php?oid=870611", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cups RHSA-2011:1635-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems.\n\n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the CUPS GIF image format\n reader. An attacker could create a malicious GIF image file that, when\n printed, could possibly cause CUPS to crash or, potentially, execute\n arbitrary code with the privileges of the "lp" user. (CVE-2011-2896)\n\n These updated cups packages also provide fixes for the following bugs:\n\n * Previously CUPS was not correctly handling the language setting\n LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were\n not displaying any output when the LANG=en_US.ASCII environment variable\n was used. As a result of this update the problem is fixed and the expected\n output is now displayed. (BZ#681836)\n\n * Previously the scheduler did not check for empty values of several\n configuration directives. As a consequence it was possible for the CUPS\n daemon (cupsd) to crash when a configuration file contained certain empty\n values. With this update the problem is fixed and cupsd no longer crashes\n when reading such a configuration file. (BZ#706673)\n\n * Previously when printing to a raw print queue, when using certain printer\n models, CUPS was incorrectly sending SNMP queries. As a consequence there\n was a noticeable 4-second delay between queueing the job and the start of\n printing. With this update the problem is fixed and CUPS no longer tries to\n collect SNMP supply and status information for raw print queues.\n (BZ#709896)\n\n * Previously when using the BrowsePoll directive it could happen that the\n CUPS printer polling daemon (cups-polld) began polling before the network\n interfaces were set up after a system boot. CUPS was then caching the\n failed hostname lookup. As a consequence no printers were found and the\n error, "Host name lookup failure", was logged. With this update the code\n that re-initializes the resolver after failure in cups-polld is fixed and\n as a result CUPS will obtain the correct network settings to use in printer\n discovery. (BZ#712430)\n\n * The MaxJobs directive controls the maximum number of print jobs that are\n kept in memory. Previously, once the number of jobs reached the limit, the\n CUPS system failed to automatically purge the data file associated with the\n oldest completed job from the system in order to make room for a new print\n ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"cups on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00014.html\");\n script_id(870611);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:33:58 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:1635-03\");\n script_name(\"RedHat Update for cups RHSA-2011:1635-03\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.4.2~44.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for pl FEDORA-2011-11305", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863485", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863485", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pl FEDORA-2011-11305\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863485\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11305\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Fedora Update for pl FEDORA-2011-11305\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"pl on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"pl\", rpm:\"pl~5.10.2~5.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for pl FEDORA-2011-11318", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863486", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pl FEDORA-2011-11318\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863486\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11318\");\n script_cve_id(\"CVE-2011-2896\");\n script_name(\"Fedora Update for pl FEDORA-2011-11318\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"pl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"pl\", rpm:\"pl~5.7.11~7.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:38", "description": "Oracle Linux Local Security Checks ELSA-2011-1635", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1635", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1635.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122039\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:04 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1635\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1635 - cups security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1635\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1635.html\");\n script_cve_id(\"CVE-2011-2896\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.2~44.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.4.2~44.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.4.2~44.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.4.2~44.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-php\", rpm:\"cups-php~1.4.2~44.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:36", "description": "Check for the Version of cups", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2011-11221", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2011-2896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863474", "href": "http://plugins.openvas.org/nasl.php?oid=863474", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2011-11221\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 14\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html\");\n script_id(863474);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-11221\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2010-2941\");\n script_name(\"Fedora Update for cups FEDORA-2011-11221\");\n\n script_summary(\"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.8~2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:24", "description": "The remote host is missing an update to cups\nannounced via advisory DSA 2354-1.", "cvss3": {}, "published": "2012-02-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2354-1 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3170", "CVE-2011-2896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070568", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070568", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2354_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2354-1 (cups)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70568\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2011-3170\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 02:32:46 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2354-1 (cups)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202354-1\");\n script_tag(name:\"insight\", value:\"Petr Sklenar and Tomas Hoger discovered that missing input sanitising in\nthe GIF decoder inside the Cups printing system could lead to denial\nof service or potentially arbitrary code execution through crafted GIF\nfiles.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.4-7+squeeze1.\n\nFor the testing and unstable distribution (sid), this problem has been\nfixed in version 1.5.0-8.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your cups packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to cups\nannounced via advisory DSA 2354-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"cups\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-ppdc\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsddk\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupscgi1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupscgi1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsdriver1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsdriver1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsmime1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsmime1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsppdc1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsppdc1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:53", "description": "The remote host is missing an update to cups\nannounced via advisory DSA 2354-1.", "cvss3": {}, "published": "2012-02-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2354-1 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3170", "CVE-2011-2896"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70568", "href": "http://plugins.openvas.org/nasl.php?oid=70568", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2354_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2354-1 (cups)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Petr Sklenar and Tomas Hoger discovered that missing input sanitising in\nthe GIF decoder inside the Cups printing system could lead to denial\nof service or potentially arbitrary code execution through crafted GIF\nfiles.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.4-7+squeeze1.\n\nFor the testing and unstable distribution (sid), this problem has been\nfixed in version 1.5.0-8.\n\nWe recommend that you upgrade your cups packages.\";\ntag_summary = \"The remote host is missing an update to cups\nannounced via advisory DSA 2354-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202354-1\";\n\nif(description)\n{\n script_id(70568);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2011-3170\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 02:32:46 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2354-1 (cups)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"cups\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.3.8-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cups-ppdc\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cupsddk\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupscgi1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupscgi1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsdriver1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsdriver1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsmime1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsmime1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsppdc1\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcupsppdc1-dev\", ver:\"1.4.4-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:27:41", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1207-1", "cvss3": {}, "published": "2011-09-16T00:00:00", "type": "openvas", "title": "Ubuntu Update for cups USN-1207-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3170", "CVE-2011-2896"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840741", "href": "http://plugins.openvas.org/nasl.php?oid=840741", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1207_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for cups USN-1207-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomas Hoger discovered that the CUPS image library incorrectly handled LZW\n streams. A remote attacker could use this flaw to cause a denial of service\n or possibly execute arbitrary code.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1207-1\";\ntag_affected = \"cups on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1207-1/\");\n script_id(840741);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-16 17:22:17 +0200 (Fri, 16 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1207-1\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2011-3170\");\n script_name(\"Ubuntu Update for cups USN-1207-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.4-6ubuntu2.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.3-1ubuntu1.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.6-5ubuntu1.4\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.7-1ubuntu3.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1207-1", "cvss3": {}, "published": "2011-09-16T00:00:00", "type": "openvas", "title": "Ubuntu Update for cups USN-1207-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3170", "CVE-2011-2896"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840741", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840741", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1207_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for cups USN-1207-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1207-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840741\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-16 17:22:17 +0200 (Fri, 16 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1207-1\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2011-3170\");\n script_name(\"Ubuntu Update for cups USN-1207-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1207-1\");\n script_tag(name:\"affected\", value:\"cups on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Tomas Hoger discovered that the CUPS image library incorrectly handled LZW\n streams. A remote attacker could use this flaw to cause a denial of service\n or possibly execute arbitrary code.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.4-6ubuntu2.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.3-1ubuntu1.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.6-5ubuntu1.4\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.7-1ubuntu3.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:40:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2011-11221", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863474", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863474", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2011-11221\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863474\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-11221\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2010-2941\");\n script_name(\"Fedora Update for cups FEDORA-2011-11221\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"cups on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.8~2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:13:30", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-09-21T00:00:00", "type": "openvas", "title": "FreeBSD Ports: libXfont", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:70266", "href": "http://plugins.openvas.org/nasl.php?oid=70266", "sourceData": "#\n#VID 304409c3-c3ef-11e0-8aa5-485d60cb5385\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 304409c3-c3ef-11e0-8aa5-485d60cb5385\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: libXfont\n\nCVE-2011-2895\nThe LZW decompressor in (1) the BufCompressedFill function in\nfontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\ncompress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not\nproperly handle code words that are absent from the decompression\ntable when encountered, which allows context-dependent attackers to\ntrigger an infinite loop or a heap-based buffer overflow, and possibly\nexecute arbitrary code, via a crafted compressed stream, a related\nissue to CVE-2006-1168 and CVE-2011-2896.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=725760\nhttp://www.vuxml.org/freebsd/304409c3-c3ef-11e0-8aa5-485d60cb5385.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70266);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-2895\");\n script_name(\"FreeBSD Ports: libXfont\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"libXfont\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.4,1\")<0) {\n txt += 'Package libXfont version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:03", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: FreeBSD", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070743", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070743", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_FreeBSD14.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID fee94342-4638-11e1-9f47-00e0815b8da8\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70743\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-2895\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 07:27:20 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"FreeBSD Ports: FreeBSD\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: FreeBSD\n\nCVE-2011-2895\nThe LZW decompressor in (1) the BufCompressedFill function in\nfontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\ncompress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before\n5.1.1, FreeType 2.1.9, and other products, does not properly handle\ncode words that are absent from the decompression table when\nencountered, which allows context-dependent attackers to trigger an\ninfinite loop or a heap-based buffer overflow, and possibly execute\narbitrary code, via a crafted compressed stream, a related issue to\nCVE-2006-1168 and CVE-2011-2896.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"FreeBSD\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.3\")>=0 && revcomp(a:bver, b:\"7.3_7\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"7.4\")>=0 && revcomp(a:bver, b:\"7.4_3\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.1\")>=0 && revcomp(a:bver, b:\"8.1_5\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.2\")>=0 && revcomp(a:bver, b:\"8.2_3\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "RedHat Update for gimp RHSA-2012:1180-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870810", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870810", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gimp RHSA-2012:1180-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-August/msg00016.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870810\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:43:30 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1180-01\");\n script_name(\"RedHat Update for gimp RHSA-2012:1180-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"gimp on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n\n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n\n Red Hat would like to thank Matthias Weckbecker of the SUSE Security Team\n for reporting the CVE-2012-3481 issue.\n\n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-debuginfo\", rpm:\"gimp-debuginfo~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-help-browser\", rpm:\"gimp-help-browser~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:27", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "openvas", "title": "Mandriva Update for gimp MDVSA-2011:167 (gimp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831487", "href": "http://plugins.openvas.org/nasl.php?oid=831487", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for gimp MDVSA-2011:167 (gimp)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been discovered and corrected in gimp:\n\n The LZW decompressor in the LWZReadByte function in giftoppm.c in\n the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw\n function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte\n function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier,\n the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4\n and earlier, and other products, does not properly handle code words\n that are absent from the decompression table when encountered, which\n allows remote attackers to trigger an infinite loop or a heap-based\n buffer overflow, and possibly execute arbitrary code, via a crafted\n compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895\n (CVE-2011-2896).\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"gimp on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-11/msg00005.php\");\n script_id(831487);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-08 19:08:53 +0530 (Tue, 08 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:167\");\n script_cve_id(\"CVE-2006-1168\", \"CVE-2011-2895\", \"CVE-2011-2896\");\n script_name(\"Mandriva Update for gimp MDVSA-2011:167 (gimp)\");\n\n script_summary(\"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-python\", rpm:\"gimp-python~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0_0\", rpm:\"libgimp2.0_0~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0-devel\", rpm:\"libgimp2.0-devel~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0_0\", rpm:\"lib64gimp2.0_0~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0-devel\", rpm:\"lib64gimp2.0-devel~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-python\", rpm:\"gimp-python~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0_0\", rpm:\"libgimp2.0_0~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0-devel\", rpm:\"libgimp2.0-devel~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0_0\", rpm:\"lib64gimp2.0_0~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0-devel\", rpm:\"lib64gimp2.0-devel~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:35", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: FreeBSD", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2017-04-14T00:00:00", "id": "OPENVAS:70743", "href": "http://plugins.openvas.org/nasl.php?oid=70743", "sourceData": "#\n#VID fee94342-4638-11e1-9f47-00e0815b8da8\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID fee94342-4638-11e1-9f47-00e0815b8da8\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: FreeBSD\n\nCVE-2011-2895\nThe LZW decompressor in (1) the BufCompressedFill function in\nfontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\ncompress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before\n5.1.1, FreeType 2.1.9, and other products, does not properly handle\ncode words that are absent from the decompression table when\nencountered, which allows context-dependent attackers to trigger an\ninfinite loop or a heap-based buffer overflow, and possibly execute\narbitrary code, via a crafted compressed stream, a related issue to\nCVE-2006-1168 and CVE-2011-2896.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70743);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-2895\");\n script_version(\"$Revision: 5956 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 07:27:20 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"FreeBSD Ports: FreeBSD\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"FreeBSD\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.3\")>=0 && revcomp(a:bver, b:\"7.3_7\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"7.4\")>=0 && revcomp(a:bver, b:\"7.4_3\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.1\")>=0 && revcomp(a:bver, b:\"8.1_5\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.2\")>=0 && revcomp(a:bver, b:\"8.2_3\")<0) {\n txt += 'Package FreeBSD version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-09-21T00:00:00", "type": "openvas", "title": "FreeBSD Ports: libXfont", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070266", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070266", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_libXfont.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 304409c3-c3ef-11e0-8aa5-485d60cb5385\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70266\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-2895\");\n script_name(\"FreeBSD Ports: libXfont\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: libXfont\n\nCVE-2011-2895\nThe LZW decompressor in (1) the BufCompressedFill function in\nfontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\ncompress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not\nproperly handle code words that are absent from the decompression\ntable when encountered, which allows context-dependent attackers to\ntrigger an infinite loop or a heap-based buffer overflow, and possibly\nexecute arbitrary code, via a crafted compressed stream, a related\nissue to CVE-2006-1168 and CVE-2011-2896.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=725760\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/304409c3-c3ef-11e0-8aa5-485d60cb5385.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"libXfont\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.4,1\")<0) {\n txt += 'Package libXfont version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "CentOS Update for gimp CESA-2012:1180 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gimp CESA-2012:1180 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-August/018813.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881471\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:44:44 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1180\");\n script_name(\"CentOS Update for gimp CESA-2012:1180 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"gimp on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n\n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the GIMP's GIF image format\n plug-in. An attacker could create a specially-crafted GIF image file that,\n when opened, could cause the GIF plug-in to crash or, potentially, execute\n arbitrary code with the privileges of the user running the GIMP.\n (CVE-2011-2896)\n\n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n\n Red Hat would like to thank Matthias Weckbecker of the SUSE Security Team\n for reporting the CVE-2012-3481 issue.\n\n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel-tools\", rpm:\"gimp-devel-tools~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-help-browser\", rpm:\"gimp-help-browser~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-08T12:57:45", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "CentOS Update for gimp CESA-2012:1180 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:881471", "href": "http://plugins.openvas.org/nasl.php?oid=881471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gimp CESA-2012:1180 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n \n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the GIMP's GIF image format\n plug-in. An attacker could create a specially-crafted GIF image file that,\n when opened, could cause the GIF plug-in to crash or, potentially, execute\n arbitrary code with the privileges of the user running the GIMP.\n (CVE-2011-2896)\n \n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n \n Red Hat would like to thank Matthias Weckbecker of the SUSE Security Team\n for reporting the CVE-2012-3481 issue.\n \n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\";\n\ntag_affected = \"gimp on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-August/018813.html\");\n script_id(881471);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:44:44 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1180\");\n script_name(\"CentOS Update for gimp CESA-2012:1180 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel-tools\", rpm:\"gimp-devel-tools~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-help-browser\", rpm:\"gimp-help-browser~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.6.9~4.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:59", "description": "Oracle Linux Local Security Checks ELSA-2012-1180", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1180", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123844", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123844", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1180.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123844\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:18 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1180\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1180 - gimp security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1180\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1180.html\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.9~4.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.6.9~4.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"gimp-devel-tools\", rpm:\"gimp-devel-tools~2.6.9~4.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"gimp-help-browser\", rpm:\"gimp-help-browser~2.6.9~4.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.6.9~4.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:53", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "RedHat Update for gimp RHSA-2012:1180-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:870810", "href": "http://plugins.openvas.org/nasl.php?oid=870810", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gimp RHSA-2012:1180-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n\n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n\n Red Hat would like to thank Matthias Weckbecker of the SUSE Security Team\n for reporting the CVE-2012-3481 issue.\n\n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\";\n\ntag_affected = \"gimp on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-August/msg00016.html\");\n script_id(870810);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:43:30 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1180-01\");\n script_name(\"RedHat Update for gimp RHSA-2012:1180-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-debuginfo\", rpm:\"gimp-debuginfo~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-help-browser\", rpm:\"gimp-help-browser~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.6.9~4.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:20", "description": "Check for the Version of libxfont", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Mandriva Update for libxfont MDVSA-2011:153 (libxfont)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831473", "href": "http://plugins.openvas.org/nasl.php?oid=831473", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libxfont MDVSA-2011:153 (libxfont)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been discovered and corrected in libxfont:\n\n The LZW decompressor in (1) the BufCompressedFill function in\n fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\n compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not\n properly handle code words that are absent from the decompression\n table when encountered, which allows context-dependent attackers\n to trigger an infinite loop or a heap-based buffer overflow, and\n possibly execute arbitrary code, via a crafted compressed stream,\n a related issue to CVE-2006-1168 and CVE-2011-2896 (CVE-2011-2895).\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"libxfont on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-10/msg00028.php\");\n script_id(831473);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:153\");\n script_cve_id(\"CVE-2006-1168\", \"CVE-2011-2896\", \"CVE-2011-2895\");\n script_name(\"Mandriva Update for libxfont MDVSA-2011:153 (libxfont)\");\n\n script_summary(\"Check for the Version of libxfont\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxfont1\", rpm:\"libxfont1~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-devel\", rpm:\"libxfont1-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-static-devel\", rpm:\"libxfont1-static-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont\", rpm:\"libxfont~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1\", rpm:\"lib64xfont1~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-devel\", rpm:\"lib64xfont1-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-static-devel\", rpm:\"lib64xfont1-static-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxfont1\", rpm:\"libxfont1~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-devel\", rpm:\"libxfont1-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-static-devel\", rpm:\"libxfont1-static-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont\", rpm:\"libxfont~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1\", rpm:\"lib64xfont1~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-devel\", rpm:\"lib64xfont1-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-static-devel\", rpm:\"lib64xfont1-static-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "openvas", "title": "Mandriva Update for gimp MDVSA-2011:167 (gimp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831487", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831487", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for gimp MDVSA-2011:167 (gimp)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-11/msg00005.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831487\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-08 19:08:53 +0530 (Tue, 08 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:167\");\n script_cve_id(\"CVE-2006-1168\", \"CVE-2011-2895\", \"CVE-2011-2896\");\n script_name(\"Mandriva Update for gimp MDVSA-2011:167 (gimp)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1)\");\n script_tag(name:\"affected\", value:\"gimp on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability has been discovered and corrected in gimp:\n\n The LZW decompressor in the LWZReadByte function in giftoppm.c in\n the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw\n function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte\n function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier,\n the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4\n and earlier, and other products, does not properly handle code words\n that are absent from the decompression table when encountered, which\n allows remote attackers to trigger an infinite loop or a heap-based\n buffer overflow, and possibly execute arbitrary code, via a crafted\n compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895\n (CVE-2011-2896).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-python\", rpm:\"gimp-python~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0_0\", rpm:\"libgimp2.0_0~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0-devel\", rpm:\"libgimp2.0-devel~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0_0\", rpm:\"lib64gimp2.0_0~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0-devel\", rpm:\"lib64gimp2.0-devel~2.4.7~1.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-python\", rpm:\"gimp-python~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0_0\", rpm:\"libgimp2.0_0~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgimp2.0-devel\", rpm:\"libgimp2.0-devel~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0_0\", rpm:\"lib64gimp2.0_0~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gimp2.0-devel\", rpm:\"lib64gimp2.0-devel~2.6.8~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Mandriva Update for libxfont MDVSA-2011:153 (libxfont)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831473", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831473", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libxfont MDVSA-2011:153 (libxfont)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-10/msg00028.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831473\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:153\");\n script_cve_id(\"CVE-2006-1168\", \"CVE-2011-2896\", \"CVE-2011-2895\");\n script_name(\"Mandriva Update for libxfont MDVSA-2011:153 (libxfont)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxfont'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1)\");\n script_tag(name:\"affected\", value:\"libxfont on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability has been discovered and corrected in libxfont:\n\n The LZW decompressor in (1) the BufCompressedFill function in\n fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\n compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not\n properly handle code words that are absent from the decompression\n table when encountered, which allows context-dependent attackers\n to trigger an infinite loop or a heap-based buffer overflow, and\n possibly execute arbitrary code, via a crafted compressed stream,\n a related issue to CVE-2006-1168 and CVE-2011-2896 (CVE-2011-2895).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxfont1\", rpm:\"libxfont1~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-devel\", rpm:\"libxfont1-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-static-devel\", rpm:\"libxfont1-static-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont\", rpm:\"libxfont~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1\", rpm:\"lib64xfont1~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-devel\", rpm:\"lib64xfont1-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-static-devel\", rpm:\"lib64xfont1-static-devel~1.3.3~1.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxfont1\", rpm:\"libxfont1~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-devel\", rpm:\"libxfont1-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont1-static-devel\", rpm:\"libxfont1-static-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxfont\", rpm:\"libxfont~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1\", rpm:\"lib64xfont1~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-devel\", rpm:\"lib64xfont1-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xfont1-static-devel\", rpm:\"lib64xfont1-static-devel~1.4.1~1.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-08T12:58:17", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "RedHat Update for gimp RHSA-2012:1181-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2009-3909", "CVE-2012-3402", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:870809", "href": "http://plugins.openvas.org/nasl.php?oid=870809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gimp RHSA-2012:1181-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n Multiple integer overflow flaws, leading to heap-based buffer overflows,\n were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An\n attacker could create a specially-crafted PSD image file that, when opened,\n could cause the PSD plug-in to crash or, potentially, execute arbitrary\n code with the privileges of the user running the GIMP. (CVE-2009-3909,\n CVE-2012-3402)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n\n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n\n Red Hat would like to thank Secunia Research for reporting CVE-2009-3909,\n and Matthias Weckbecker of the SUSE Security Team for reporting\n CVE-2012-3481.\n\n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\";\n\ntag_affected = \"gimp on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-August/msg00017.html\");\n script_id(870809);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:43:14 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1181-01\");\n script_name(\"RedHat Update for gimp RHSA-2012:1181-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-debuginfo\", rpm:\"gimp-debuginfo~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:15", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "CentOS Update for gimp CESA-2012:1181 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2009-3909", "CVE-2012-3402", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:881470", "href": "http://plugins.openvas.org/nasl.php?oid=881470", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gimp CESA-2012:1181 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n Multiple integer overflow flaws, leading to heap-based buffer overflows,\n were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An\n attacker could create a specially-crafted PSD image file that, when opened,\n could cause the PSD plug-in to crash or, potentially, execute arbitrary\n code with the privileges of the user running the GIMP. (CVE-2009-3909,\n CVE-2012-3402)\n \n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n \n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the GIMP's GIF image format\n plug-in. An attacker could create a specially-crafted GIF image file that,\n when opened, could cause the GIF plug-in to crash or, potentially, execute\n arbitrary code with the privileges of the user running the GIMP.\n (CVE-2011-2896)\n \n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n \n Red Hat would like to thank Secunia Research for reporting CVE-2009-3909,\n and Matthias Weckbecker of the SUSE Security Team for reporting\n CVE-2012-3481.\n \n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\";\n\ntag_affected = \"gimp on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-August/018809.html\");\n script_id(881470);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:44:31 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\",\n \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1181\");\n script_name(\"CentOS Update for gimp CESA-2012:1181 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.2.13~2.0.7.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.2.13~2.0.7.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.2.13~2.0.7.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "CentOS Update for gimp CESA-2012:1181 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2009-3909", "CVE-2012-3402", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881470", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881470", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gimp CESA-2012:1181 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-August/018809.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881470\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:44:31 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\",\n \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1181\");\n script_name(\"CentOS Update for gimp CESA-2012:1181 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"gimp on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n Multiple integer overflow flaws, leading to heap-based buffer overflows,\n were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An\n attacker could create a specially-crafted PSD image file that, when opened,\n could cause the PSD plug-in to crash or, potentially, execute arbitrary\n code with the privileges of the user running the GIMP. (CVE-2009-3909,\n CVE-2012-3402)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n\n A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\n decompression algorithm implementation used by the GIMP's GIF image format\n plug-in. An attacker could create a specially-crafted GIF image file that,\n when opened, could cause the GIF plug-in to crash or, potentially, execute\n arbitrary code with the privileges of the user running the GIMP.\n (CVE-2011-2896)\n\n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n\n Red Hat would like to thank Secunia Research for reporting CVE-2009-3909,\n and Matthias Weckbecker of the SUSE Security Team for reporting\n CVE-2012-3481.\n\n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.2.13~2.0.7.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.2.13~2.0.7.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.2.13~2.0.7.el5_8.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:30", "description": "Oracle Linux Local Security Checks ELSA-2012-1181", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1181", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2009-3909", "CVE-2012-3402", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123843", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123843", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1181.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123843\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:18 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1181\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1181 - gimp security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1181\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1181.html\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2009-3909\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.2.13~2.0.7.el5_8.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.2.13~2.0.7.el5_8.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.2.13~2.0.7.el5_8.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "openvas", "title": "Mandriva Update for cups MDVSA-2011:146 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3170", "CVE-2010-2432", "CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831465", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for cups MDVSA-2011:146 (cups)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-10/msg00020.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831465\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:146\");\n script_cve_id(\"CVE-2010-2432\", \"CVE-2006-1168\", \"CVE-2011-2895\", \"CVE-2011-2896\", \"CVE-2011-3170\");\n script_name(\"Mandriva Update for cups MDVSA-2011:146 (cups)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2009\\.0)\");\n script_tag(name:\"affected\", value:\"cups on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in cups:\n\n The cupsDoAuthentication function in auth.c in the client in CUPS\n before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a\n demand for authorization, which allows remote CUPS servers to cause\n a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses\n (CVE-2010-2432).\n\n The LZW decompressor in the LWZReadByte function in giftoppm.c in\n the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw\n function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte\n function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier,\n the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4\n and earlier, and other products, does not properly handle code words\n that are absent from the decompression table when encountered, which\n allows remote attackers to trigger an infinite loop or a heap-based\n buffer overflow, and possibly execute arbitrary code, via a crafted\n compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895\n (CVE-2011-2896).\n\n The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and\n earlier does not properly handle the first code word in an LZW stream,\n which allows remote attackers to trigger a heap-based buffer overflow,\n and possibly execute arbitrary code, via a crafted stream, a different\n vulnerability than CVE-2011-2896 (CVE-2011-3170).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:41", "description": "Check for the Version of cups", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "openvas", "title": "Mandriva Update for cups MDVSA-2011:146 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3170", "CVE-2010-2432", "CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831465", "href": "http://plugins.openvas.org/nasl.php?oid=831465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for cups MDVSA-2011:146 (cups)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in cups:\n\n The cupsDoAuthentication function in auth.c in the client in CUPS\n before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a\n demand for authorization, which allows remote CUPS servers to cause\n a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses\n (CVE-2010-2432).\n \n The LZW decompressor in the LWZReadByte function in giftoppm.c in\n the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw\n function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte\n function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier,\n the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4\n and earlier, and other products, does not properly handle code words\n that are absent from the decompression table when encountered, which\n allows remote attackers to trigger an infinite loop or a heap-based\n buffer overflow, and possibly execute arbitrary code, via a crafted\n compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895\n (CVE-2011-2896).\n \n The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and\n earlier does not properly handle the first code word in an LZW stream,\n which allows remote attackers to trigger a heap-based buffer overflow,\n and possibly execute arbitrary code, via a crafted stream, a different\n vulnerability than CVE-2011-2896 (CVE-2011-3170).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cups on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-10/msg00020.php\");\n script_id(831465);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:146\");\n script_cve_id(\"CVE-2010-2432\", \"CVE-2006-1168\", \"CVE-2011-2895\", \"CVE-2011-2896\", \"CVE-2011-3170\");\n script_name(\"Mandriva Update for cups MDVSA-2011:146 (cups)\");\n\n script_summary(\"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.4.3~3.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-21T00:00:00", "type": "openvas", "title": "RedHat Update for gimp RHSA-2012:1181-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2009-3909", "CVE-2012-3402", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gimp RHSA-2012:1181-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-August/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870809\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-21 11:43:14 +0530 (Tue, 21 Aug 2012)\");\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:1181-01\");\n script_name(\"RedHat Update for gimp RHSA-2012:1181-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"gimp on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The GIMP (GNU Image Manipulation Program) is an image composition and\n editing program.\n\n Multiple integer overflow flaws, leading to heap-based buffer overflows,\n were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An\n attacker could create a specially-crafted PSD image file that, when opened,\n could cause the PSD plug-in to crash or, potentially, execute arbitrary\n code with the privileges of the user running the GIMP. (CVE-2009-3909,\n CVE-2012-3402)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the GIMP's GIF image format plug-in. An attacker could create a\n specially-crafted GIF image file that, when opened, could cause the GIF\n plug-in to crash or, potentially, execute arbitrary code with the\n privileges of the user running the GIMP. (CVE-2012-3481)\n\n A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\n format plug-in. An attacker could create a specially-crafted KiSS palette\n file that, when opened, could cause the CEL plug-in to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n the GIMP. (CVE-2012-3403)\n\n Red Hat would like to thank Secunia Research for reporting CVE-2009-3909,\n and Matthias Weckbecker of the SUSE Security Team for reporting\n CVE-2012-3481.\n\n Users of the GIMP are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. The GIMP must be\n restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-debuginfo\", rpm:\"gimp-debuginfo~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-devel\", rpm:\"gimp-devel~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gimp-libs\", rpm:\"gimp-libs~2.2.13~2.0.7.el5_8.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update to gimp\nannounced via advisory DSA 2426-1.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2426-1 (gimp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1782", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071154", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071154", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2426_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2426-1 (gimp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71154\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-4540\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4543\", \"CVE-2011-1782\", \"CVE-2011-2896\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:33:30 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Debian Security Advisory DSA 2426-1 (gimp)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202426-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been identified in GIMP, the GNU Image\nManipulation Program.\n\nCVE-2010-4540\nStack-based buffer overflow in the load_preset_response\nfunction in plug-ins/lighting/lighting-ui.c in the LIGHTING\nEFFECTS > LIGHT plugin allows user-assisted remote attackers\nto cause a denial of service (application crash) or possibly\nexecute arbitrary code via a long Position field in a plugin\nconfiguration file.\n\nCVE-2010-4541\nStack-based buffer overflow in the loadit function in\nplug-ins/common/sphere-designer.c in the SPHERE DESIGNER\nplugin allows user-assisted remote attackers to cause a denial\nof service (application crash) or possibly execute arbitrary\ncode via a long Number of lights field in a plugin\nconfiguration file.\n\nCVE-2010-4542\nStack-based buffer overflow in the gfig_read_parameter_gimp_rgb\nfunction in in the GFIG plugin allows user-assisted remote\nattackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a long Foreground field in a\nplugin configuration file.\n\nCVE-2010-4543\nHeap-based buffer overflow in the read_channel_data function in\nfile-psp.c in the Paint Shop Pro (PSP) plugin allows remote\nattackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a PSP_COMP_RLE (aka RLE\ncompression) image file that begins a long run count at the end\nof the image.\n\nCVE-2011-1782\nThe correction for CVE-2010-4543 was incomplete.\n\nCVE-2011-2896\nThe LZW decompressor in the LZWReadByte function in\nplug-ins/common/file-gif-load.c does not properly handle code\nwords that are absent from the decompression table when\nencountered, which allows remote attackers to trigger an\ninfinite loop or a heap-based buffer overflow, and possibly\nexecute arbitrary code, via a crafted compressed stream.\n\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.6.10-1+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 2.6.11-5.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your gimp packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to gimp\nannounced via advisory DSA 2426-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-data\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-dbg\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-dev\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-doc\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.12-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-data\", ver:\"2.6.12-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-dbg\", ver:\"2.6.12-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0\", ver:\"2.6.12-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-dev\", ver:\"2.6.12-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-doc\", ver:\"2.6.12-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2011-10782", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1782", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2011-10782\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064398.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863455\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-27 16:37:49 +0200 (Sat, 27 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-10782\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4540\", \"CVE-2010-4543\", \"CVE-2011-1782\");\n script_name(\"Fedora Update for gimp FEDORA-2011-10782\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"gimp on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.11~21.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:29", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2011-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2011-10782", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1782", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863455", "href": "http://plugins.openvas.org/nasl.php?oid=863455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2011-10782\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gimp on Fedora 14\";\ntag_insight = \"GIMP (GNU Image Manipulation Program) is a powerful image composition and\n editing program, which can be extremely useful for creating logos and other\n graphics for webpages. GIMP has many of the tools and filters you would expect\n to find in similar commercial offerings, and some interesting extras as well.\n GIMP provides a large image manipulation toolbox, including channel operations\n and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all\n with multi-level undo.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064398.html\");\n script_id(863455);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-27 16:37:49 +0200 (Sat, 27 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-10782\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4540\", \"CVE-2010-4543\", \"CVE-2011-1782\");\n script_name(\"Fedora Update for gimp FEDORA-2011-10782\");\n\n script_summary(\"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.11~21.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:51:07", "description": "The remote host is missing an update to gimp\nannounced via advisory DSA 2426-1.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2426-1 (gimp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1782", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71154", "href": "http://plugins.openvas.org/nasl.php?oid=71154", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2426_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2426-1 (gimp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been identified in GIMP, the GNU Image\nManipulation Program.\n\nCVE-2010-4540\nStack-based buffer overflow in the load_preset_response\nfunction in plug-ins/lighting/lighting-ui.c in the LIGHTING\nEFFECTS > LIGHT plugin allows user-assisted remote attackers\nto cause a denial of service (application crash) or possibly\nexecute arbitrary code via a long Position field in a plugin\nconfiguration file.\n\nCVE-2010-4541\nStack-based buffer overflow in the loadit function in\nplug-ins/common/sphere-designer.c in the SPHERE DESIGNER\nplugin allows user-assisted remote attackers to cause a denial\nof service (application crash) or possibly execute arbitrary\ncode via a long Number of lights field in a plugin\nconfiguration file.\n\nCVE-2010-4542\nStack-based buffer overflow in the gfig_read_parameter_gimp_rgb\nfunction in in the GFIG plugin allows user-assisted remote\nattackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a long Foreground field in a\nplugin configuration file.\n\nCVE-2010-4543\nHeap-based buffer overflow in the read_channel_data function in\nfile-psp.c in the Paint Shop Pro (PSP) plugin allows remote\nattackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a PSP_COMP_RLE (aka RLE\ncompression) image file that begins a long run count at the end\nof the image.\n\nCVE-2011-1782\nThe correction for CVE-2010-4543 was incomplete.\n\nCVE-2011-2896\nThe LZW decompressor in the LZWReadByte function in\nplug-ins/common/file-gif-load.c does not properly handle code\nwords that are absent from the decompression table when\nencountered, which allows remote attackers to trigger an\ninfinite loop or a heap-based buffer overflow, and possibly\nexecute arbitrary code, via a crafted compressed stream.\n\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.6.10-1+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 2.6.11-5.\n\nWe recommend that you upgrade your gimp packages.\";\ntag_summary = \"The remote host is missing an update to gimp\nannounced via advisory DSA 2426-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202426-1\";\n\nif(description)\n{\n script_id(71154);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-4540\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4543\", \"CVE-2011-1782\", \"CVE-2011-2896\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:33:30 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Debian Security Advisory DSA 2426-1 (gimp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-data\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-dbg\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-dev\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-doc\", ver:\"2.6.10-1+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp\", ver:\"2.6.12-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-data\", ver:\"2.6.12-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gimp-dbg\", ver:\"2.6.12-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0\", ver:\"2.6.12-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-dev\", ver:\"2.6.12-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgimp2.0-doc\", ver:\"2.6.12-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:38", "description": "Check for the Version of gimp", "cvss3": {}, "published": "2011-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2011-10788", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1782", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863446", "href": "http://plugins.openvas.org/nasl.php?oid=863446", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2011-10788\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gimp on Fedora 15\";\ntag_insight = \"GIMP (GNU Image Manipulation Program) is a powerful image composition and\n editing program, which can be extremely useful for creating logos and other\n graphics for webpages. GIMP has many of the tools and filters you would expect\n to find in similar commercial offerings, and some interesting extras as well.\n GIMP provides a large image manipulation toolbox, including channel operations\n and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all\n with multi-level undo.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063964.html\");\n script_id(863446);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-24 09:14:07 +0200 (Wed, 24 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-10788\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4540\", \"CVE-2010-4543\", \"CVE-2011-1782\");\n script_name(\"Fedora Update for gimp FEDORA-2011-10788\");\n\n script_summary(\"Check for the Version of gimp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.11~21.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-27T18:36:38", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libXfont (EulerOS-SA-2019-2357)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13720", "CVE-2017-13722", "CVE-2017-16611", "CVE-2006-1168", "CVE-2011-2896", "CVE-2011-2895"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192357", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192357", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2357\");\n script_version(\"2020-01-23T12:51:11+0000\");\n script_cve_id(\"CVE-2011-2895\", \"CVE-2017-13720\", \"CVE-2017-13722\", \"CVE-2017-16611\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:51:11 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:51:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libXfont (EulerOS-SA-2019-2357)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2357\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2357\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libXfont' package(s) announced via the EulerOS-SA-2019-2357 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.(CVE-2011-2895)\n\nIn the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.(CVE-2017-13722)\n\nIn the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\\0' characters are incorrectly skipped in situations involving ? characters.(CVE-2017-13720)\n\nIn libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.(CVE-2017-16611)\");\n\n script_tag(name:\"affected\", value:\"'libXfont' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.5.1~2.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for gimp FEDORA-2011-10788", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1782", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863446", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863446", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gimp FEDORA-2011-10788\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063964.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863446\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-24 09:14:07 +0200 (Wed, 24 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-10788\");\n script_cve_id(\"CVE-2011-2896\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4540\", \"CVE-2010-4543\", \"CVE-2011-1782\");\n script_name(\"Fedora Update for gimp FEDORA-2011-10788\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gimp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"gimp on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gimp\", rpm:\"gimp~2.6.11~21.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:17", "description": "The remote host is missing updates announced in\nadvisory GLSA 201209-23.", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201209-23 (gimp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3909", "CVE-2012-3402", "CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1178", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896", "CVE-2009-1570", "CVE-2012-2763"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:72457", "href": "http://plugins.openvas.org/nasl.php?oid=72457", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in GIMP, the worst of\n which allow execution of arbitrary code or Denial of Service.\";\ntag_solution = \"All GIMP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/gimp-2.6.12-r2'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-23\nhttp://bugs.gentoo.org/show_bug.cgi?id=293127\nhttp://bugs.gentoo.org/show_bug.cgi?id=350915\nhttp://bugs.gentoo.org/show_bug.cgi?id=372975\nhttp://bugs.gentoo.org/show_bug.cgi?id=379289\nhttp://bugs.gentoo.org/show_bug.cgi?id=418425\nhttp://bugs.gentoo.org/show_bug.cgi?id=432582\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201209-23.\";\n\n \n \nif(description)\n{\n script_id(72457);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1570\", \"CVE-2009-3909\", \"CVE-2010-4540\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4543\", \"CVE-2011-1178\", \"CVE-2011-2896\", \"CVE-2012-2763\", \"CVE-2012-3402\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 11:11:28 -0400 (Wed, 03 Oct 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201209-23 (gimp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"media-gfx/gimp\", unaffected: make_list(\"ge 2.6.12-r2\"), vulnerable: make_list(\"lt 2.6.12-r2\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing updates announced in\nadvisory GLSA 201209-23.", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201209-23 (gimp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3909", "CVE-2012-3402", "CVE-2010-4541", "CVE-2010-4542", "CVE-2011-1178", "CVE-2010-4540", "CVE-2010-4543", "CVE-2011-2896", "CVE-2009-1570", "CVE-2012-2763"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231072457", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072457", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201209_23.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72457\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1570\", \"CVE-2009-3909\", \"CVE-2010-4540\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4543\", \"CVE-2011-1178\", \"CVE-2011-2896\", \"CVE-2012-2763\", \"CVE-2012-3402\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 11:11:28 -0400 (Wed, 03 Oct 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201209-23 (gimp)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in GIMP, the worst of\n which allow execution of arbitrary code or Denial of Service.\");\n script_tag(name:\"solution\", value:\"All GIMP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/gimp-2.6.12-r2'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-23\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=293127\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=350915\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372975\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=379289\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=418425\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=432582\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201209-23.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"media-gfx/gimp\", unaffected: make_list(\"ge 2.6.12-r2\"), vulnerable: make_list(\"lt 2.6.12-r2\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2022-01-21T21:18:53", "description": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David\nKoblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in\nfilter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in\nplug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte\nfunction in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and\nother products, does not properly handle code words that are absent from\nthe decompression table when encountered, which allows remote attackers to\ntrigger an infinite loop or a heap-based buffer overflow, and possibly\nexecute arbitrary code, via a crafted compressed stream, a related issue to\nCVE-2006-1168 and CVE-2011-2895.\n\n#### Bugs\n\n * <http://cups.org/str.php?L3867>\n * <http://cups.org/str.php?L3869>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896>\n", "cvss3": {}, "published": "2011-08-19T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2896", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-08-19T00:00:00", "id": "UB:CVE-2011-2896", "href": "https://ubuntu.com/security/CVE-2011-2896", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:42", "description": "==========================================================================\r\nUbuntu Security Notice USN-1214-1\r\nSeptember 22, 2011\r\n\r\ngimp vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.04\r\n- Ubuntu 10.10\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nGIMP could be made to run programs as your login if it opened a\r\nspecially crafted GIF file.\r\n\r\nSoftware Description:\r\n- gimp: The GNU Image Manipulation Program\r\n\r\nDetails:\r\n\r\nTomas Hoger discovered that GIMP incorrectly handled malformed LZW streams.\r\nIf a user were tricked into opening a specially crafted GIF image file, an\r\nattacker could cause GIMP to crash, or possibly execute arbitrary code with\r\nthe user's privileges.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.04:\r\n gimp 2.6.11-1ubuntu6.2\r\n\r\nUbuntu 10.10:\r\n gimp 2.6.10-1ubuntu3.4\r\n\r\nUbuntu 10.04 LTS:\r\n gimp 2.6.8-2ubuntu1.4\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1214-1\r\n CVE-2011-2896\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/gimp/2.6.11-1ubuntu6.2\r\n https://launchpad.net/ubuntu/+source/gimp/2.6.10-1ubuntu3.4\r\n https://launchpad.net/ubuntu/+source/gimp/2.6.8-2ubuntu1.4\r\n", "edition": 1, "cvss3": {}, "published": "2011-09-26T00:00:00", "title": "[USN-1214-1] GIMP vulnerability", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2011-09-26T00:00:00", "id": "SECURITYVULNS:DOC:27053", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27053", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:43", "description": "Memory corruption on GIF LZW extraction.", "edition": 1, "cvss3": {}, "published": "2011-09-26T00:00:00", "title": "gimp memory corruption", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2011-09-26T00:00:00", "id": "SECURITYVULNS:VULN:11921", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11921", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2022-06-16T14:12:44", "description": "From Red Hat Security Advisory 2012:0302 :\n\nUpdated cups packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the 'Show Completed Jobs,' 'Show All Jobs,' and 'Show Active Jobs' buttons returned results globally across all printers and not the results for the specified printer. With this update, jobs from only the selected printer are shown. (BZ#625900)\n\n* Prior to this update, the code of the serial backend contained a wrong condition. As a consequence, print jobs on the raw print queue could not be canceled. This update modifies the condition in the serial backend code. Now, the user can cancel these print jobs.\n(BZ#625955)\n\n* Prior to this update, the textonly filter did not work if used as a pipe, for example when the command line did not specify the filename and the number of copies was always 1. This update modifies the condition in the textonly filter. Now, the data are sent to the printer regardless of the number of copies specified. (BZ#660518)\n\n* Prior to this update, the file descriptor count increased until it ran out of resources when the cups daemon was running with enabled Security-Enhanced Linux (SELinux) features. With this update, all resources are allocated only once. (BZ#668009)\n\n* Prior to this update, CUPS incorrectly handled the en_US.ASCII value for the LANG environment variable. As a consequence, the lpadmin, lpstat, and lpinfo binaries failed to write to standard output if using LANG with the value. This update fixes the handling of the en_US.ASCII value and the binaries now write to standard output properly. (BZ#759081)\n\nAll users of cups are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : cups (ELSA-2012-0302)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:cups", "p-cpe:/a:oracle:linux:cups-devel", "p-cpe:/a:oracle:linux:cups-libs", "p-cpe:/a:oracle:linux:cups-lpd", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0302.NASL", "href": "https://www.tenable.com/plugins/nessus/68473", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0302 and \n# Oracle Linux Security Advisory ELSA-2012-0302 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68473);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"RHSA\", value:\"2012:0302\");\n\n script_name(english:\"Oracle Linux 5 : cups (ELSA-2012-0302)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0302 :\n\nUpdated cups packages that fix one security issue and various bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the CUPS GIF\nimage format reader. An attacker could create a malicious GIF image\nfile that, when printed, could possibly cause CUPS to crash or,\npotentially, execute arbitrary code with the privileges of the 'lp'\nuser. (CVE-2011-2896)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the 'Show Completed Jobs,' 'Show All Jobs,'\nand 'Show Active Jobs' buttons returned results globally across all\nprinters and not the results for the specified printer. With this\nupdate, jobs from only the selected printer are shown. (BZ#625900)\n\n* Prior to this update, the code of the serial backend contained a\nwrong condition. As a consequence, print jobs on the raw print queue\ncould not be canceled. This update modifies the condition in the\nserial backend code. Now, the user can cancel these print jobs.\n(BZ#625955)\n\n* Prior to this update, the textonly filter did not work if used as a\npipe, for example when the command line did not specify the filename\nand the number of copies was always 1. This update modifies the\ncondition in the textonly filter. Now, the data are sent to the\nprinter regardless of the number of copies specified. (BZ#660518)\n\n* Prior to this update, the file descriptor count increased until it\nran out of resources when the cups daemon was running with enabled\nSecurity-Enhanced Linux (SELinux) features. With this update, all\nresources are allocated only once. (BZ#668009)\n\n* Prior to this update, CUPS incorrectly handled the en_US.ASCII value\nfor the LANG environment variable. As a consequence, the lpadmin,\nlpstat, and lpinfo binaries failed to write to standard output if\nusing LANG with the value. This update fixes the handling of the\nen_US.ASCII value and the binaries now write to standard output\nproperly. (BZ#759081)\n\nAll users of cups are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. After\ninstalling this update, the cupsd daemon will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-March/002653.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"cups-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-devel-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-libs-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-lpd-1.3.7-30.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:01:05", "description": "Updated cups packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the 'Show Completed Jobs,' 'Show All Jobs,' and 'Show Active Jobs' buttons returned results globally across all printers and not the results for the specified printer. With this update, jobs from only the selected printer are shown. (BZ#625900)\n\n* Prior to this update, the code of the serial backend contained a wrong condition. As a consequence, print jobs on the raw print queue could not be canceled. This update modifies the condition in the serial backend code. Now, the user can cancel these print jobs.\n(BZ#625955)\n\n* Prior to this update, the textonly filter did not work if used as a pipe, for example when the command line did not specify the filename and the number of copies was always 1. This update modifies the condition in the textonly filter. Now, the data are sent to the printer regardless of the number of copies specified. (BZ#660518)\n\n* Prior to this update, the file descriptor count increased until it ran out of resources when the cups daemon was running with enabled Security-Enhanced Linux (SELinux) features. With this update, all resources are allocated only once. (BZ#668009)\n\n* Prior to this update, CUPS incorrectly handled the en_US.ASCII value for the LANG environment variable. As a consequence, the lpadmin, lpstat, and lpinfo binaries failed to write to standard output if using LANG with the value. This update fixes the handling of the en_US.ASCII value and the binaries now write to standard output properly. (BZ#759081)\n\nAll users of cups are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-21T00:00:00", "type": "nessus", "title": "RHEL 5 : cups (RHSA-2012:0302)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:cups", "p-cpe:/a:redhat:enterprise_linux:cups-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cups-devel", "p-cpe:/a:redhat:enterprise_linux:cups-libs", "p-cpe:/a:redhat:enterprise_linux:cups-lpd", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0302.NASL", "href": "https://www.tenable.com/plugins/nessus/58056", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0302. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58056);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"RHSA\", value:\"2012:0302\");\n\n script_name(english:\"RHEL 5 : cups (RHSA-2012:0302)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix one security issue and various bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the CUPS GIF\nimage format reader. An attacker could create a malicious GIF image\nfile that, when printed, could possibly cause CUPS to crash or,\npotentially, execute arbitrary code with the privileges of the 'lp'\nuser. (CVE-2011-2896)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the 'Show Completed Jobs,' 'Show All Jobs,'\nand 'Show Active Jobs' buttons returned results globally across all\nprinters and not the results for the specified printer. With this\nupdate, jobs from only the selected printer are shown. (BZ#625900)\n\n* Prior to this update, the code of the serial backend contained a\nwrong condition. As a consequence, print jobs on the raw print queue\ncould not be canceled. This update modifies the condition in the\nserial backend code. Now, the user can cancel these print jobs.\n(BZ#625955)\n\n* Prior to this update, the textonly filter did not work if used as a\npipe, for example when the command line did not specify the filename\nand the number of copies was always 1. This update modifies the\ncondition in the textonly filter. Now, the data are sent to the\nprinter regardless of the number of copies specified. (BZ#660518)\n\n* Prior to this update, the file descriptor count increased until it\nran out of resources when the cups daemon was running with enabled\nSecurity-Enhanced Linux (SELinux) features. With this update, all\nresources are allocated only once. (BZ#668009)\n\n* Prior to this update, CUPS incorrectly handled the en_US.ASCII value\nfor the LANG environment variable. As a consequence, the lpadmin,\nlpstat, and lpinfo binaries failed to write to standard output if\nusing LANG with the value. This update fixes the handling of the\nen_US.ASCII value and the binaries now write to standard output\nproperly. (BZ#759081)\n\nAll users of cups are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. After\ninstalling this update, the cupsd daemon will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2896\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0302\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"cups-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"cups-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"cups-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"cups-debuginfo-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"cups-devel-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"cups-libs-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"cups-lpd-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"cups-lpd-1.3.7-30.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"cups-lpd-1.3.7-30.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs / cups-lpd\");\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:06:56", "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, the 'Show Completed Jobs,' 'Show All Jobs,' and 'Show Active Jobs' buttons returned results globally across all printers and not the results for the specified printer. With this update, jobs from only the selected printer are shown.\n\n - Prior to this update, the code of the serial backend contained a wrong condition. As a consequence, print jobs on the raw print queue could not be canceled. This update modifies the condition in the serial backend code. Now, the user can cancel these print jobs.\n\n - Prior to this update, the textonly filter did not work if used as a pipe, for example when the command line did not specify the filename and the number of copies was always 1. This update modifies the condition in the textonly filter. Now, the data are sent to the printer regardless of the number of copies specified.\n\n - Prior to this update, the file descriptor count increased until it ran out of resources when the cups daemon was running with enabled Security-Enhanced Linux (SELinux) features. With this update, all resources are allocated only once.\n\n - Prior to this update, CUPS incorrectly handled the en_US.ASCII value for the LANG environment variable. As a consequence, the lpadmin, lpstat, and lpinfo binaries failed to write to standard output if using LANG with the value. This update fixes the handling of the en_US.ASCII value and the binaries now write to standard output properly.\n\nAll users of cups are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : cups on SL5.x i386/x86_64 (20120221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:cups", "p-cpe:/a:fermilab:scientific_linux:cups-debuginfo", "p-cpe:/a:fermilab:scientific_linux:cups-devel", "p-cpe:/a:fermilab:scientific_linux:cups-libs", "p-cpe:/a:fermilab:scientific_linux:cups-lpd", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120221_CUPS_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61259", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61259);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n\n script_name(english:\"Scientific Linux Security Update : cups on SL5.x i386/x86_64 (20120221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Common UNIX Printing System (CUPS) provides a portable printing\nlayer for Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the CUPS GIF\nimage format reader. An attacker could create a malicious GIF image\nfile that, when printed, could possibly cause CUPS to crash or,\npotentially, execute arbitrary code with the privileges of the 'lp'\nuser. (CVE-2011-2896)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, the 'Show Completed Jobs,' 'Show\n All Jobs,' and 'Show Active Jobs' buttons returned\n results globally across all printers and not the results\n for the specified printer. With this update, jobs from\n only the selected printer are shown.\n\n - Prior to this update, the code of the serial backend\n contained a wrong condition. As a consequence, print\n jobs on the raw print queue could not be canceled. This\n update modifies the condition in the serial backend\n code. Now, the user can cancel these print jobs.\n\n - Prior to this update, the textonly filter did not work\n if used as a pipe, for example when the command line did\n not specify the filename and the number of copies was\n always 1. This update modifies the condition in the\n textonly filter. Now, the data are sent to the printer\n regardless of the number of copies specified.\n\n - Prior to this update, the file descriptor count\n increased until it ran out of resources when the cups\n daemon was running with enabled Security-Enhanced Linux\n (SELinux) features. With this update, all resources are\n allocated only once.\n\n - Prior to this update, CUPS incorrectly handled the\n en_US.ASCII value for the LANG environment variable. As\n a consequence, the lpadmin, lpstat, and lpinfo binaries\n failed to write to standard output if using LANG with\n the value. This update fixes the handling of the\n en_US.ASCII value and the binaries now write to standard\n output properly.\n\nAll users of cups are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. After\ninstalling this update, the cupsd daemon will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1203&L=scientific-linux-errata&T=0&P=2530\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7d56e228\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"cups-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-debuginfo-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-devel-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-libs-1.3.7-30.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-lpd-1.3.7-30.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:01:12", "description": "Updated cups packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\nThese updated cups packages also provide fixes for the following bugs :\n\n* Previously CUPS was not correctly handling the language setting LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were not displaying any output when the LANG=en_US.ASCII environment variable was used. As a result of this update the problem is fixed and the expected output is now displayed. (BZ#681836)\n\n* Previously the scheduler did not check for empty values of several configuration directives. As a consequence it was possible for the CUPS daemon (cupsd) to crash when a configuration file contained certain empty values. With this update the problem is fixed and cupsd no longer crashes when reading such a configuration file. (BZ#706673)\n\n* Previously when printing to a raw print queue, when using certain printer models, CUPS was incorrectly sending SNMP queries. As a consequence there was a noticeable 4-second delay between queueing the job and the start of printing. With this update the problem is fixed and CUPS no longer tries to collect SNMP supply and status information for raw print queues. (BZ#709896)\n\n* Previously when using the BrowsePoll directive it could happen that the CUPS printer polling daemon (cups-polld) began polling before the network interfaces were set up after a system boot. CUPS was then caching the failed hostname lookup. As a consequence no printers were found and the error, 'Host name lookup failure', was logged. With this update the code that re-initializes the resolver after failure in cups-polld is fixed and as a result CUPS will obtain the correct network settings to use in printer discovery. (BZ#712430)\n\n* The MaxJobs directive controls the maximum number of print jobs that are kept in memory. Previously, once the number of jobs reached the limit, the CUPS system failed to automatically purge the data file associated with the oldest completed job from the system in order to make room for a new print job. This bug has been fixed, and the jobs beyond the set limit are now properly purged. (BZ#735505)\n\n* The cups init script (/etc/rc.d/init.d/cups) uses the daemon function (from /etc/rc.d/init.d/functions) to start the cups process, but previously it did not source a configuration file from the /etc/sysconfig/ directory. As a consequence, it was difficult to cleanly set the nice level or cgroup for the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables. With this update, the init script is fixed. (BZ#744791)\n\nAll users of CUPS are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-06T00:00:00", "type": "nessus", "title": "RHEL 6 : cups (RHSA-2011:1635)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:cups", "p-cpe:/a:redhat:enterprise_linux:cups-debuginfo", "p-cpe:/a:redhat:enterprise_linux:cups-devel", "p-cpe:/a:redhat:enterprise_linux:cups-libs", "p-cpe:/a:redhat:enterprise_linux:cups-lpd", "p-cpe:/a:redhat:enterprise_linux:cups-php", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2011-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/57018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1635. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57018);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"RHSA\", value:\"2011:1635\");\n\n script_name(english:\"RHEL 6 : cups (RHSA-2011:1635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix one security issue and several bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the CUPS GIF\nimage format reader. An attacker could create a malicious GIF image\nfile that, when printed, could possibly cause CUPS to crash or,\npotentially, execute arbitrary code with the privileges of the 'lp'\nuser. (CVE-2011-2896)\n\nThese updated cups packages also provide fixes for the following \nbugs :\n\n* Previously CUPS was not correctly handling the language setting\nLANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries\nwere not displaying any output when the LANG=en_US.ASCII environment\nvariable was used. As a result of this update the problem is fixed and\nthe expected output is now displayed. (BZ#681836)\n\n* Previously the scheduler did not check for empty values of several\nconfiguration directives. As a consequence it was possible for the\nCUPS daemon (cupsd) to crash when a configuration file contained\ncertain empty values. With this update the problem is fixed and cupsd\nno longer crashes when reading such a configuration file. (BZ#706673)\n\n* Previously when printing to a raw print queue, when using certain\nprinter models, CUPS was incorrectly sending SNMP queries. As a\nconsequence there was a noticeable 4-second delay between queueing the\njob and the start of printing. With this update the problem is fixed\nand CUPS no longer tries to collect SNMP supply and status information\nfor raw print queues. (BZ#709896)\n\n* Previously when using the BrowsePoll directive it could happen that\nthe CUPS printer polling daemon (cups-polld) began polling before the\nnetwork interfaces were set up after a system boot. CUPS was then\ncaching the failed hostname lookup. As a consequence no printers were\nfound and the error, 'Host name lookup failure', was logged. With this\nupdate the code that re-initializes the resolver after failure in\ncups-polld is fixed and as a result CUPS will obtain the correct\nnetwork settings to use in printer discovery. (BZ#712430)\n\n* The MaxJobs directive controls the maximum number of print jobs that\nare kept in memory. Previously, once the number of jobs reached the\nlimit, the CUPS system failed to automatically purge the data file\nassociated with the oldest completed job from the system in order to\nmake room for a new print job. This bug has been fixed, and the jobs\nbeyond the set limit are now properly purged. (BZ#735505)\n\n* The cups init script (/etc/rc.d/init.d/cups) uses the daemon\nfunction (from /etc/rc.d/init.d/functions) to start the cups process,\nbut previously it did not source a configuration file from the\n/etc/sysconfig/ directory. As a consequence, it was difficult to\ncleanly set the nice level or cgroup for the cups daemon by setting\nthe NICELEVEL or CGROUP_DAEMON variables. With this update, the init\nscript is fixed. (BZ#744791)\n\nAll users of CUPS are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. After\ninstalling this update, the cupsd daemon will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1635\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1635\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"cups-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"cups-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"cups-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"cups-debuginfo-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"cups-devel-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"cups-libs-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"cups-lpd-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"cups-lpd-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"cups-lpd-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"cups-php-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"cups-php-1.4.2-44.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"cups-php-1.4.2-44.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs / cups-lpd / etc\");\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:21", "description": "This update adds checks to avoid heap corruption and buffer overflows when loading GIF image files (CVE-2011-2896). Additionally, it fixes a bug which caused GIMP to print an unnecessary warning to the command line on startup.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-23T00:00:00", "type": "nessus", "title": "Fedora 16 : gimp-2.6.11-21.fc16 (2011-10761)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gimp", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-10761.NASL", "href": "https://www.tenable.com/plugins/nessus/55949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10761.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55949);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-10761\");\n\n script_name(english:\"Fedora 16 : gimp-2.6.11-21.fc16 (2011-10761)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update adds checks to avoid heap corruption and buffer overflows\nwhen loading GIF image files (CVE-2011-2896). Additionally, it fixes a\nbug which caused GIMP to print an unnecessary warning to the command\nline on startup.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/064232.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d3ff5d7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"gimp-2.6.11-21.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:36", "description": "This update avoids a GIF reader loop (CVE-2011-2896). This update enables CUPS by default. This update re-introduces support for Avahi.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-31T00:00:00", "type": "nessus", "title": "Fedora 16 : cups-1.5.0-6.fc16 (2011-11173)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-11173.NASL", "href": "https://www.tenable.com/plugins/nessus/56014", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-11173.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56014);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_xref(name:\"FEDORA\", value:\"2011-11173\");\n\n script_name(english:\"Fedora 16 : cups-1.5.0-6.fc16 (2011-11173)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update avoids a GIF reader loop (CVE-2011-2896). This update\nenables CUPS by default. This update re-introduces support for Avahi.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2df5e613\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"cups-1.5.0-6.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:48", "description": "This update avoids a GIF reader loop (CVE-2011-2896). The new upstream release fixes a number of scheduler, driver, and backend issues.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-09-12T00:00:00", "type": "nessus", "title": "Fedora 14 : cups-1.4.8-2.fc14 (2011-11221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-11221.NASL", "href": "https://www.tenable.com/plugins/nessus/56148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-11221.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56148);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-11221\");\n\n script_name(english:\"Fedora 14 : cups-1.4.8-2.fc14 (2011-11221)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update avoids a GIF reader loop (CVE-2011-2896). The new upstream\nrelease fixes a number of scheduler, driver, and backend issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?99743f14\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"cups-1.4.8-2.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:59:09", "description": "Fix bugs in GIF image decoder\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-09-09T00:00:00", "type": "nessus", "title": "Fedora 14 : pl-5.7.11-7.fc14 (2011-11318)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pl", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-11318.NASL", "href": "https://www.tenable.com/plugins/nessus/56132", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-11318.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56132);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-11318\");\n\n script_name(english:\"Fedora 14 : pl-5.7.11-7.fc14 (2011-11318)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix bugs in GIF image decoder\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?87463e5f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"pl-5.7.11-7.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pl\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:19", "description": "According to its banner, the version of CUPS installed on the remote host is earlier than 1.4.7.\n\nThere is a boundary error in the function 'gif_read_lzw' in the file 'filter/image-gif.c' that can allow an attacker to cause a heap-based buffer overflow via specially crafted gif images.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-29T00:00:00", "type": "nessus", "title": "CUPS < 1.4.7 'gif_read_lzw' Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2018-07-06T00:00:00", "cpe": ["cpe:/a:apple:cups"], "id": "CUPS_1_4_7.NASL", "href": "https://www.tenable.com/plugins/nessus/56007", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56007);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/06 11:26:07\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n\n script_name(english:\"CUPS < 1.4.7 'gif_read_lzw' Buffer Overflow\");\n script_summary(english:\"Checks CUPS server version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote print service is affected by a buffer overflow\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of CUPS installed on the remote\nhost is earlier than 1.4.7.\n\nThere is a boundary error in the function 'gif_read_lzw' in the file\n'filter/image-gif.c' that can allow an attacker to cause a heap-based\nbuffer overflow via specially crafted gif images.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/articles.php?L628\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/apple/cups/issues/3867\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to CUPS version 1.4.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/29\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:cups\");\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"cups_1_3_5.nasl\");\n script_require_keys(\"www/cups\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 631);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:631, embedded:TRUE);\nget_kb_item_or_exit(\"www/\"+port+\"/cups/running\");\n\nversion = get_kb_item_or_exit(\"cups/\"+port+\"/version\");\nsource = get_kb_item_or_exit(\"cups/\"+port+\"/source\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (version =~ \"^(1|1\\.4)($|[^0-9rb.])\") audit(AUDIT_VER_NOT_GRANULAR, \"CUPS\", port, version);\n\nif (\n version =~ \"^1\\.[0-3]($|[^0-9])\" ||\n version =~ \"^1\\.4\\.[0-6]($|[^0-9.])\" ||\n version =~ \"^1\\.4(rc|b)\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.4.7\\n';\n\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"CUPS\", port, version);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:05", "description": "This update adds checks to avoid heap corruption and buffer overflows when loading GIF image files (CVE-2011-2896). Additionally, it fixes a bug which caused GIMP to print an unnecessary warning to the command line on startup.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-23T00:00:00", "type": "nessus", "title": "Fedora 14 : gimp-2.6.11-21.fc14 (2011-10782)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gimp", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-10782.NASL", "href": "https://www.tenable.com/plugins/nessus/55951", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10782.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55951);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-10782\");\n\n script_name(english:\"Fedora 14 : gimp-2.6.11-21.fc14 (2011-10782)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update adds checks to avoid heap corruption and buffer overflows\nwhen loading GIF image files (CVE-2011-2896). Additionally, it fixes a\nbug which caused GIMP to print an unnecessary warning to the command\nline on startup.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/064398.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d6daef8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"gimp-2.6.11-21.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:59:09", "description": "Fix bugs in GIF image decoder\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-09-09T00:00:00", "type": "nessus", "title": "Fedora 15 : pl-5.10.2-5.fc15 (2011-11305)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pl", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-11305.NASL", "href": "https://www.tenable.com/plugins/nessus/56131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-11305.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56131);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-11305\");\n\n script_name(english:\"Fedora 15 : pl-5.10.2-5.fc15 (2011-11305)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix bugs in GIF image decoder\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a491f054\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"pl-5.10.2-5.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pl\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:53", "description": "Fix bugs in GIF image decoder\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-09-12T00:00:00", "type": "nessus", "title": "Fedora 16 : pl-5.10.2-5.fc16 (2011-11229)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pl", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-11229.NASL", "href": "https://www.tenable.com/plugins/nessus/56149", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-11229.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56149);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-11229\");\n\n script_name(english:\"Fedora 16 : pl-5.10.2-5.fc16 (2011-11229)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix bugs in GIF image decoder\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?edf1f5fb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"pl-5.10.2-5.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pl\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:59:00", "description": "Tomas Hoger discovered that GIMP incorrectly handled malformed LZW streams. If a user were tricked into opening a specially crafted GIF image file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-09-23T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 : gimp vulnerability (USN-1214-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gimp", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04"], "id": "UBUNTU_USN-1214-1.NASL", "href": "https://www.tenable.com/plugins/nessus/56280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1214-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56280);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"USN\", value:\"1214-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 : gimp vulnerability (USN-1214-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tomas Hoger discovered that GIMP incorrectly handled malformed LZW\nstreams. If a user were tricked into opening a specially crafted GIF\nimage file, an attacker could cause GIMP to crash, or possibly execute\narbitrary code with the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1214-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"gimp\", pkgver:\"2.6.8-2ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"gimp\", pkgver:\"2.6.10-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"gimp\", pkgver:\"2.6.11-1ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:19", "description": "This update avoids a GIF reader loop (CVE-2011-2896).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-29T00:00:00", "type": "nessus", "title": "Fedora 15 : cups-1.4.8-2.fc15 (2011-11197)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-11197.NASL", "href": "https://www.tenable.com/plugins/nessus/55990", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-11197.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55990);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_xref(name:\"FEDORA\", value:\"2011-11197\");\n\n script_name(english:\"Fedora 15 : cups-1.4.8-2.fc15 (2011-11197)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update avoids a GIF reader loop (CVE-2011-2896).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?75a88516\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"cups-1.4.8-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:58:27", "description": "This update adds checks to avoid heap corruption and buffer overflows when loading GIF image files (CVE-2011-2896). Additionally, it fixes a bug which caused GIMP to print an unnecessary warning to the command line on startup.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-20T00:00:00", "type": "nessus", "title": "Fedora 15 : gimp-2.6.11-21.fc15 (2011-10788)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gimp", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-10788.NASL", "href": "https://www.tenable.com/plugins/nessus/55911", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10788.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55911);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"FEDORA\", value:\"2011-10788\");\n\n script_name(english:\"Fedora 15 : gimp-2.6.11-21.fc15 (2011-10788)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update adds checks to avoid heap corruption and buffer overflows\nwhen loading GIF image files (CVE-2011-2896). Additionally, it fixes a\nbug which caused GIMP to print an unnecessary warning to the command\nline on startup.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=727800\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/063964.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5356e19a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"gimp-2.6.11-21.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:44", "description": "specially crafted gif files could cause an infinite loop or a heap-based buffer overflow in the gif decoder (CVE-2011-2896).", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : gimp (openSUSE-SU-2011:1152-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gimp", "p-cpe:/a:novell:opensuse:gimp-branding-upstream", "p-cpe:/a:novell:opensuse:gimp-devel", "p-cpe:/a:novell:opensuse:gimp-help-browser", "p-cpe:/a:novell:opensuse:gimp-lang", "p-cpe:/a:novell:opensuse:gimp-module-hal", "p-cpe:/a:novell:opensuse:gimp-plugins-python", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_GIMP-110916.NASL", "href": "https://www.tenable.com/plugins/nessus/75515", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gimp-5151.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75515);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n\n script_name(english:\"openSUSE Security Update : gimp (openSUSE-SU-2011:1152-1)\");\n script_summary(english:\"Check for the gimp-5151 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"specially crafted gif files could cause an infinite loop or a\nheap-based buffer overflow in the gif decoder (CVE-2011-2896).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=711491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-10/msg00020.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-module-hal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugins-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-2.6.8-7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-branding-upstream-2.6.8-7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-devel-2.6.8-7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-help-browser-2.6.8-7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-lang-2.6.8-7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-module-hal-2.6.8-7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"gimp-plugins-python-2.6.8-7.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-branding-upstream / gimp-devel / gimp-help-browser / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:01:11", "description": "Specially crafted gif files could have caused an infinite loop or a heap-based buffer overflow in the gif decoder (CVE-2011-2896). This has been fixed.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : Gimp (SAT Patch Number 5193)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:gimp", "p-cpe:/a:novell:suse_linux:11:gimp-lang", "p-cpe:/a:novell:suse_linux:11:gimp-plugins-python", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GIMP-110923.NASL", "href": "https://www.tenable.com/plugins/nessus/57104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57104);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2896\");\n\n script_name(english:\"SuSE 11.1 Security Update : Gimp (SAT Patch Number 5193)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted gif files could have caused an infinite loop or a\nheap-based buffer overflow in the gif decoder (CVE-2011-2896). This\nhas been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=711491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2896.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5193.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:gimp-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:gimp-plugins-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"gimp-2.6.2-3.34.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"gimp-lang-2.6.2-3.34.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"gimp-plugins-python-2.6.2-3.34.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"gimp-2.6.2-3.34.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"gimp-lang-2.6.2-3.34.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"gimp-plugins-python-2.6.2-3.34.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:02:00", "description": "Specially crafted gif files could have caused an infinite loop or a heap-based buffer overflow in the gif decoder (CVE-2011-2896). This has been fixed.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Gimp (ZYPP Patch Number 7776)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GIMP-7776.NASL", "href": "https://www.tenable.com/plugins/nessus/57200", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57200);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2896\");\n\n script_name(english:\"SuSE 10 Security Update : Gimp (ZYPP Patch Number 7776)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted gif files could have caused an infinite loop or a\nheap-based buffer overflow in the gif decoder (CVE-2011-2896). This\nhas been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2896.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7776.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"gimp-2.2.10-22.40.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"gimp-devel-2.2.10-22.40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:06:05", "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the 'lp' user. (CVE-2011-2896)\n\nThese updated cups packages also provide fixes for the following bugs :\n\n - Previously CUPS was not correctly handling the language setting LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were not displaying any output when the LANG=en_US.ASCII environment variable was used. As a result of this update the problem is fixed and the expected output is now displayed.\n\n - Previously the scheduler did not check for empty values of several configuration directives. As a consequence it was possible for the CUPS daemon (cupsd) to crash when a configuration file contained certain empty values. With this update the problem is fixed and cupsd no longer crashes when reading such a configuration file.\n\n - Previously when printing to a raw print queue, when using certain printer models, CUPS was incorrectly sending SNMP queries. As a consequence there was a noticeable 4-second delay between queueing the job and the start of printing. With this update the problem is fixed and CUPS no longer tries to collect SNMP supply and status information for raw print queues.\n\n - Previously when using the BrowsePoll directive it could happen that the CUPS printer polling daemon (cups-polld) began polling before the network interfaces were set up after a system boot. CUPS was then caching the failed hostname lookup. As a consequence no printers were found and the error, 'Host name lookup failure', was logged.\n With this update the code that re-initializes the resolver after failure in cups-polld is fixed and as a result CUPS will obtain the correct network settings to use in printer discovery.\n\n - The MaxJobs directive controls the maximum number of print jobs that are kept in memory. Previously, once the number of jobs reached the limit, the CUPS system failed to automatically purge the data file associated with the oldest completed job from the system in order to make room for a new print job. This bug has been fixed, and the jobs beyond the set limit are now properly purged.\n\n - The cups init script (/etc/rc.d/init.d/cups) uses the daemon function (from /etc/rc.d/init.d/functions) to start the cups process, but previously it did not source a configuration file from the /etc/sysconfig/ directory.\n As a consequence, it was difficult to cleanly set the nice level or cgroup for the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables. With this update, the init script is fixed.\n\nAll users of CUPS are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : cups on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111206_CUPS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61186", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61186);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n\n script_name(english:\"Scientific Linux Security Update : cups on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the CUPS GIF\nimage format reader. An attacker could create a malicious GIF image\nfile that, when printed, could possibly cause CUPS to crash or,\npotentially, execute arbitrary code with the privileges of the 'lp'\nuser. (CVE-2011-2896)\n\nThese updated cups packages also provide fixes for the following \nbugs :\n\n - Previously CUPS was not correctly handling the language\n setting LANG=en_US.ASCII. As a consequence lpadmin,\n lpstat and lpinfo binaries were not displaying any\n output when the LANG=en_US.ASCII environment variable\n was used. As a result of this update the problem is\n fixed and the expected output is now displayed.\n\n - Previously the scheduler did not check for empty values\n of several configuration directives. As a consequence it\n was possible for the CUPS daemon (cupsd) to crash when a\n configuration file contained certain empty values. With\n this update the problem is fixed and cupsd no longer\n crashes when reading such a configuration file.\n\n - Previously when printing to a raw print queue, when\n using certain printer models, CUPS was incorrectly\n sending SNMP queries. As a consequence there was a\n noticeable 4-second delay between queueing the job and\n the start of printing. With this update the problem is\n fixed and CUPS no longer tries to collect SNMP supply\n and status information for raw print queues.\n\n - Previously when using the BrowsePoll directive it could\n happen that the CUPS printer polling daemon (cups-polld)\n began polling before the network interfaces were set up\n after a system boot. CUPS was then caching the failed\n hostname lookup. As a consequence no printers were found\n and the error, 'Host name lookup failure', was logged.\n With this update the code that re-initializes the\n resolver after failure in cups-polld is fixed and as a\n result CUPS will obtain the correct network settings to\n use in printer discovery.\n\n - The MaxJobs directive controls the maximum number of\n print jobs that are kept in memory. Previously, once the\n number of jobs reached the limit, the CUPS system failed\n to automatically purge the data file associated with the\n oldest completed job from the system in order to make\n room for a new print job. This bug has been fixed, and\n the jobs beyond the set limit are now properly purged.\n\n - The cups init script (/etc/rc.d/init.d/cups) uses the\n daemon function (from /etc/rc.d/init.d/functions) to\n start the cups process, but previously it did not source\n a configuration file from the /etc/sysconfig/ directory.\n As a consequence, it was difficult to cleanly set the\n nice level or cgroup for the cups daemon by setting the\n NICELEVEL or CGROUP_DAEMON variables. With this update,\n the init script is fixed.\n\nAll users of CUPS are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. After\ninstalling this update, the cupsd daemon will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1112&L=scientific-linux-errata&T=0&P=2157\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7fcf976a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"cups-1.4.2-44.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"cups-debuginfo-1.4.2-44.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"cups-devel-1.4.2-44.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"cups-libs-1.4.2-44.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"cups-lpd-1.4.2-44.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"cups-php-1.4.2-44.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:32", "description": "specially crafted gif files could cause an infinite loop or a heap-based buffer overflow in the gif decoder (CVE-2011-2896).", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : gimp (openSUSE-SU-2011:1152-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gimp", "p-cpe:/a:novell:opensuse:gimp-branding-upstream", "p-cpe:/a:novell:opensuse:gimp-debuginfo", "p-cpe:/a:novell:opensuse:gimp-debugsource", "p-cpe:/a:novell:opensuse:gimp-devel", "p-cpe:/a:novell:opensuse:gimp-devel-debuginfo", "p-cpe:/a:novell:opensuse:gimp-help-browser", "p-cpe:/a:novell:opensuse:gimp-help-browser-debuginfo", "p-cpe:/a:novell:opensuse:gimp-lang", "p-cpe:/a:novell:opensuse:gimp-module-hal", "p-cpe:/a:novell:opensuse:gimp-module-hal-debuginfo", "p-cpe:/a:novell:opensuse:gimp-plugins-python", "p-cpe:/a:novell:opensuse:gimp-plugins-python-debuginfo", "p-cpe:/a:novell:opensuse:libgimp-2_0-0", "p-cpe:/a:novell:opensuse:libgimp-2_0-0-32bit", "p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo", "p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0-32bit", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo", "p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo-32bit", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_GIMP-110916.NASL", "href": "https://www.tenable.com/plugins/nessus/75850", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gimp-5151.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75850);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\");\n\n script_name(english:\"openSUSE Security Update : gimp (openSUSE-SU-2011:1152-1)\");\n script_summary(english:\"Check for the gimp-5151 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"specially crafted gif files could cause an infinite loop or a\nheap-based buffer overflow in the gif decoder (CVE-2011-2896).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=711491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-10/msg00020.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-help-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-module-hal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-module-hal-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugins-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gimp-plugins-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimp-2_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpui-2_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-branding-upstream-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-debugsource-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-devel-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-devel-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-help-browser-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-help-browser-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-lang-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-module-hal-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-module-hal-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-plugins-python-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"gimp-plugins-python-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimp-2_0-0-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimp-2_0-0-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimpui-2_0-0-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libgimpui-2_0-0-debuginfo-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-32bit-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libgimp-2_0-0-debuginfo-32bit-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-32bit-2.6.11-13.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libgimpui-2_0-0-debuginfo-32bit-2.6.11-13.18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-branding-upstream / gimp-devel / gimp-help-browser / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:54:16", "description": "A vulnerability has been discovered and corrected in cups :\n\nThe gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896 (CVE-2011-3170).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-06T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : cups (MDVSA-2011:147)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2011-3170"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:cups", "p-cpe:/a:mandriva:linux:cups-common", "p-cpe:/a:mandriva:linux:cups-serial", "p-cpe:/a:mandriva:linux:lib64cups2", "p-cpe:/a:mandriva:linux:lib64cups2-devel", "p-cpe:/a:mandriva:linux:libcups2", "p-cpe:/a:mandriva:linux:libcups2-devel", "p-cpe:/a:mandriva:linux:php-cups", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2011-147.NASL", "href": "https://www.tenable.com/plugins/nessus/61931", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:147. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61931);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3170\");\n script_bugtraq_id(49323);\n script_xref(name:\"MDVSA\", value:\"2011:147\");\n\n script_name(english:\"Mandriva Linux Security Advisory : cups (MDVSA-2011:147)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in cups :\n\nThe gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and\nearlier does not properly handle the first code word in an LZW stream,\nwhich allows remote attackers to trigger a heap-based buffer overflow,\nand possibly execute arbitrary code, via a crafted stream, a different\nvulnerability than CVE-2011-2896 (CVE-2011-3170).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-serial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"cups-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"cups-common-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"cups-serial-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64cups2-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libcups2-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libcups2-devel-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-cups-1.4.8-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:00:28", "description": "Petr Sklenar and Tomas Hoger discovered that missing input sanitising in the GIF decoder inside the CUPS printing system could lead to denial of service or potentially arbitrary code execution through crafted GIF files.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-01T00:00:00", "type": "nessus", "title": "Debian DSA-2354-1 : cups - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2011-3170"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:cups", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2354.NASL", "href": "https://www.tenable.com/plugins/nessus/56982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2354. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56982);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2896\", \"CVE-2011-3170\");\n script_bugtraq_id(49148, 49323);\n script_xref(name:\"DSA\", value:\"2354\");\n\n script_name(english:\"Debian DSA-2354-1 : cups - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Petr Sklenar and Tomas Hoger discovered that missing input sanitising\nin the GIF decoder inside the CUPS printing system could lead to\ndenial of service or potentially arbitrary code execution through\ncrafted GIF files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/cups\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2354\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cups packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.4-7+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"cups\", reference:\"1.3.8-1+lenny10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cups\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cups-bsd\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cups-client\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cups-common\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cups-dbg\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cups-ppdc\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"cupsddk\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcups2\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcups2-dev\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupscgi1\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupscgi1-dev\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsdriver1\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsdriver1-dev\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsimage2\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsimage2-dev\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsmime1\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsmime1-dev\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsppdc1\", reference:\"1.4.4-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcupsppdc1-dev\", reference:\"1.4.4-7+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:59:02", "description": "Tomas Hoger discovered that the CUPS image library incorrectly handled LZW streams. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-09-15T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : cups, cupsys vulnerabilities (USN-1207-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2011-3170"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libcupsimage2", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1207-1.NASL", "href": "https://www.tenable.com/plugins/nessus/56206", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1207-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56206);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-2896\", \"CVE-2011-3170\");\n script_bugtraq_id(49148, 49323);\n script_xref(name:\"USN\", value:\"1207-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : cups, cupsys vulnerabilities (USN-1207-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tomas Hoger discovered that the CUPS image library incorrectly handled\nLZW streams. A remote attacker could use this flaw to cause a denial\nof service or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1207-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcupsimage2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsimage2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcupsimage2\", pkgver:\"1.3.7-1ubuntu3.13\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsimage2\", pkgver:\"1.4.3-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libcupsimage2\", pkgver:\"1.4.4-6ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libcupsimage2\", pkgver:\"1.4.6-5ubuntu1.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcupsimage2\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:10:02", "description": "Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security Team for reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-21T00:00:00", "type": "nessus", "title": "CentOS 6 : gimp (CESA-2012:1180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:gimp", "p-cpe:/a:centos:centos:gimp-devel", "p-cpe:/a:centos:centos:gimp-devel-tools", "p-cpe:/a:centos:centos:gimp-help-browser", "p-cpe:/a:centos:centos:gimp-libs", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1180.NASL", "href": "https://www.tenable.com/plugins/nessus/61599", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1180 and \n# CentOS Errata and Security Advisory 2012:1180 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61599);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_xref(name:\"RHSA\", value:\"2012:1180\");\n\n script_name(english:\"CentOS 6 : gimp (CESA-2012:1180)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gimp packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security\nTeam for reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-August/018813.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7e02ea4c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-3403\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"gimp-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gimp-devel-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gimp-devel-tools-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gimp-help-browser-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gimp-libs-2.6.9-4.el6_3.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:09:38", "description": "Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security Team for reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-21T00:00:00", "type": "nessus", "title": "RHEL 6 : gimp (RHSA-2012:1180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:gimp", "p-cpe:/a:redhat:enterprise_linux:gimp-debuginfo", "p-cpe:/a:redhat:enterprise_linux:gimp-devel", "p-cpe:/a:redhat:enterprise_linux:gimp-devel-tools", "p-cpe:/a:redhat:enterprise_linux:gimp-help-browser", "p-cpe:/a:redhat:enterprise_linux:gimp-libs", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1180.NASL", "href": "https://www.tenable.com/plugins/nessus/61603", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1180. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61603);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_xref(name:\"RHSA\", value:\"2012:1180\");\n\n script_name(english:\"RHEL 6 : gimp (RHSA-2012:1180)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gimp packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security\nTeam for reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3481\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1180\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"gimp-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"gimp-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"gimp-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"gimp-debuginfo-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"gimp-devel-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"gimp-devel-tools-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"gimp-devel-tools-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"gimp-devel-tools-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"gimp-help-browser-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"gimp-help-browser-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"gimp-help-browser-2.6.9-4.el6_3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"gimp-libs-2.6.9-4.el6_3.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-debuginfo / gimp-devel / gimp-devel-tools / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:12:46", "description": "From Red Hat Security Advisory 2012:1180 :\n\nUpdated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security Team for reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : gimp (ELSA-2012-1180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:gimp", "p-cpe:/a:oracle:linux:gimp-devel", "p-cpe:/a:oracle:linux:gimp-devel-tools", "p-cpe:/a:oracle:linux:gimp-help-browser", "p-cpe:/a:oracle:linux:gimp-libs", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1180.NASL", "href": "https://www.tenable.com/plugins/nessus/68600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1180 and \n# Oracle Linux Security Advisory ELSA-2012-1180 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68600);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_xref(name:\"RHSA\", value:\"2012:1180\");\n\n script_name(english:\"Oracle Linux 6 : gimp (ELSA-2012-1180)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1180 :\n\nUpdated gimp packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security\nTeam for reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-August/002984.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"gimp-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"gimp-devel-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"gimp-devel-tools-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"gimp-help-browser-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"gimp-libs-2.6.9-4.el6_3.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:58:42", "description": "A vulnerability has been discovered and corrected in libxfont :\n\nThe LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896 (CVE-2011-2895).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-18T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : libxfont (MDVSA-2011:153)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64xfont1", "p-cpe:/a:mandriva:linux:lib64xfont1-devel", "p-cpe:/a:mandriva:linux:lib64xfont1-static-devel", "p-cpe:/a:mandriva:linux:libxfont1", "p-cpe:/a:mandriva:linux:libxfont1-devel", "p-cpe:/a:mandriva:linux:libxfont1-static-devel", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2011-153.NASL", "href": "https://www.tenable.com/plugins/nessus/56531", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:153. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56531);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2895\");\n script_bugtraq_id(49124);\n script_xref(name:\"MDVSA\", value:\"2011:153\");\n\n script_name(english:\"Mandriva Linux Security Advisory : libxfont (MDVSA-2011:153)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in libxfont :\n\nThe LZW decompressor in (1) the BufCompressedFill function in\nfontfile/decompress.c in X.Org libXfont before 1.4.4 and (2)\ncompress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before\n3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not\nproperly handle code words that are absent from the decompression\ntable when encountered, which allows context-dependent attackers to\ntrigger an infinite loop or a heap-based buffer overflow, and possibly\nexecute arbitrary code, via a crafted compressed stream, a related\nissue to CVE-2006-1168 and CVE-2011-2896 (CVE-2011-2895).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xfont1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xfont1-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxfont1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxfont1-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64xfont1-1.4.1-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64xfont1-devel-1.4.1-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64xfont1-static-devel-1.4.1-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libxfont1-1.4.1-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libxfont1-devel-1.4.1-1.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libxfont1-static-devel-1.4.1-1.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64xfont1-1.4.3-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64xfont1-devel-1.4.3-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64xfont1-static-devel-1.4.3-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libxfont1-1.4.3-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libxfont1-devel-1.4.3-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libxfont1-static-devel-1.4.3-2.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:10:02", "description": "The GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : gimp on SL6.x i386/x86_64 (20120820)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2896", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:gimp", "p-cpe:/a:fermilab:scientific_linux:gimp-devel", "p-cpe:/a:fermilab:scientific_linux:gimp-devel-tools", "p-cpe:/a:fermilab:scientific_linux:gimp-help-browser", "p-cpe:/a:fermilab:scientific_linux:gimp-libs", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120820_GIMP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61606", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61606);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2896\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n\n script_name(english:\"Scientific Linux Security Update : gimp on SL6.x i386/x86_64 (20120820)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1208&L=scientific-linux-errata&T=0&P=1717\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5b34bf3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-devel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-help-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"gimp-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gimp-devel-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gimp-devel-tools-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gimp-help-browser-2.6.9-4.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gimp-libs-2.6.9-4.el6_3.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-devel-tools / gimp-help-browser / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:00:55", "description": "A vulnerability has been discovered and corrected in gimp :\n\nThe LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895 (CVE-2011-2896).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-11-07T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : gimp (MDVSA-2011:167)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:gimp", "p-cpe:/a:mandriva:linux:gimp-python", "p-cpe:/a:mandriva:linux:lib64gimp2.0-devel", "p-cpe:/a:mandriva:linux:lib64gimp2.0_0", "p-cpe:/a:mandriva:linux:libgimp2.0-devel", "p-cpe:/a:mandriva:linux:libgimp2.0_0", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2011-167.NASL", "href": "https://www.tenable.com/plugins/nessus/56726", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:167. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56726);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2896\");\n script_bugtraq_id(49148);\n script_xref(name:\"MDVSA\", value:\"2011:167\");\n\n script_name(english:\"Mandriva Linux Security Advisory : gimp (MDVSA-2011:167)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in gimp :\n\nThe LZW decompressor in the LWZReadByte function in giftoppm.c in the\nDavid Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw\nfunction in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte\nfunction in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and\nearlier, the LZWReadByte function in img/gifread.c in XPCE in\nSWI-Prolog 5.10.4 and earlier, and other products, does not properly\nhandle code words that are absent from the decompression table when\nencountered, which allows remote attackers to trigger an infinite loop\nor a heap-based buffer overflow, and possibly execute arbitrary code,\nvia a crafted compressed stream, a related issue to CVE-2006-1168 and\nCVE-2011-2895 (CVE-2011-2896).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gimp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gimp2.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gimp2.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgimp2.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgimp2.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"gimp-2.6.8-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"gimp-python-2.6.8-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64gimp2.0-devel-2.6.8-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64gimp2.0_0-2.6.8-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libgimp2.0-devel-2.6.8-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libgimp2.0_0-2.6.8-3.2mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"gimp-2.6.11-7.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"gimp-python-2.6.11-7.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64gimp2.0-devel-2.6.11-7.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64gimp2.0_0-2.6.11-7.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libgimp2.0-devel-2.6.11-7.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libgimp2.0_0-2.6.11-7.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:59:57", "description": "This update fixes the following security issues :\n\n - 601830: CSRF via admin web interface. (CVE-2010-0540)\n\n - 680210: users in group 'lp' can overwrite arbitrary files. (CVE-2010-2431)\n\n - 711490: heap overflow in gif decoder. (CVE-2011-2896)\n\n - 715643: heap overflow in gif decoder (CVE-2011-3170) This update also fixes the following non-security issues :\n\n - 671735: CUPS backends do not clear messages like 'Waiting for printer to finish...'", "cvss3": {"score": null, "vector": null}, "published": "2011-10-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : CUPS (ZYPP Patch Number 7774)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-2431", "CVE-2011-2896", "CVE-2011-3170"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_CUPS-7774.NASL", "href": "https://www.tenable.com/plugins/nessus/56603", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56603);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-2431\", \"CVE-2011-2896\", \"CVE-2011-3170\");\n\n script_name(english:\"SuSE 10 Security Update : CUPS (ZYPP Patch Number 7774)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 601830: CSRF via admin web interface. (CVE-2010-0540)\n\n - 680210: users in group 'lp' can overwrite arbitrary\n files. (CVE-2010-2431)\n\n - 711490: heap overflow in gif decoder. (CVE-2011-2896)\n\n - 715643: heap overflow in gif decoder (CVE-2011-3170)\n This update also fixes the following non-security \nissues :\n\n - 671735: CUPS backends do not clear messages like\n 'Waiting for printer to finish...'\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0540.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2431.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2896.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3170.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7774.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"cups-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"cups-client-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"cups-devel-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"cups-libs-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"cups-libs-32bit-1.1.23-40.62.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:01:22", "description": "This update fixes the following security issues :\n\n - 601830: CSRF via admin web interface. (CVE-2010-0540)\n\n - 680210: users in group 'lp' can overwrite arbitrary files. (CVE-2010-2431)\n\n - 711490: heap overflow in gif decoder. (CVE-2011-2896)\n\n - 715643: heap overflow in gif decoder (CVE-2011-3170) This update also fixes the following non-security issues :\n\n - 671735: CUPS backends do not clear messages like 'Waiting for printer to finish...'", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : CUPS (ZYPP Patch Number 7775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-2431", "CVE-2011-2896", "CVE-2011-3170"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_CUPS-7775.NASL", "href": "https://www.tenable.com/plugins/nessus/57172", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57172);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-2431\", \"CVE-2011-2896\", \"CVE-2011-3170\");\n\n script_name(english:\"SuSE 10 Security Update : CUPS (ZYPP Patch Number 7775)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 601830: CSRF via admin web interface. (CVE-2010-0540)\n\n - 680210: users in group 'lp' can overwrite arbitrary\n files. (CVE-2010-2431)\n\n - 711490: heap overflow in gif decoder. (CVE-2011-2896)\n\n - 715643: heap overflow in gif decoder (CVE-2011-3170)\n This update also fixes the following non-security \nissues :\n\n - 671735: CUPS backends do not clear messages like\n 'Waiting for printer to finish...'\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0540.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2431.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2896.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3170.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7775.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"cups-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"cups-client-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"cups-devel-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"cups-libs-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"cups-libs-32bit-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"cups-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"cups-client-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"cups-devel-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"cups-libs-1.1.23-40.62.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"cups-libs-32bit-1.1.23-40.62.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:12:46", "description": "From Red Hat Security Advisory 2012:1181 :\n\nUpdated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An attacker could create a specially crafted PSD image file that, when opened, could cause the PSD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting CVE-2009-3909, and Matthias Weckbecker of the SUSE Security Team for reporting CVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : gimp (ELSA-2012-1181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3909", "CVE-2011-2896", "CVE-2012-3402", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:gimp", "p-cpe:/a:oracle:linux:gimp-devel", "p-cpe:/a:oracle:linux:gimp-libs", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-1181.NASL", "href": "https://www.tenable.com/plugins/nessus/68601", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1181 and \n# Oracle Linux Security Advisory ELSA-2012-1181 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68601);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_xref(name:\"RHSA\", value:\"2012:1181\");\n\n script_name(english:\"Oracle Linux 5 : gimp (ELSA-2012-1181)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1181 :\n\nUpdated gimp packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the GIMP's Adobe Photoshop (PSD) image file\nplug-in. An attacker could create a specially crafted PSD image file\nthat, when opened, could cause the PSD plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting\nCVE-2009-3909, and Matthias Weckbecker of the SUSE Security Team for\nreporting CVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-August/002985.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"gimp-2.2.13-2.0.7.el5_8.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"gimp-devel-2.2.13-2.0.7.el5_8.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"gimp-libs-2.2.13-2.0.7.el5_8.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-libs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:10:02", "description": "Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An attacker could create a specially crafted PSD image file that, when opened, could cause the PSD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting CVE-2009-3909, and Matthias Weckbecker of the SUSE Security Team for reporting CVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-21T00:00:00", "type": "nessus", "title": "RHEL 5 : gimp (RHSA-2012:1181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3909", "CVE-2011-2896", "CVE-2012-3402", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:gimp", "p-cpe:/a:redhat:enterprise_linux:gimp-debuginfo", "p-cpe:/a:redhat:enterprise_linux:gimp-devel", "p-cpe:/a:redhat:enterprise_linux:gimp-libs", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-1181.NASL", "href": "https://www.tenable.com/plugins/nessus/61604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1181. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61604);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_xref(name:\"RHSA\", value:\"2012:1181\");\n\n script_name(english:\"RHEL 5 : gimp (RHSA-2012:1181)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gimp packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the GIMP's Adobe Photoshop (PSD) image file\nplug-in. An attacker could create a specially crafted PSD image file\nthat, when opened, could cause the PSD plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting\nCVE-2009-3909, and Matthias Weckbecker of the SUSE Security Team for\nreporting CVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1181\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3909\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1181\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"gimp-2.2.13-2.0.7.el5_8.5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"gimp-2.2.13-2.0.7.el5_8.5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"gimp-2.2.13-2.0.7.el5_8.5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"gimp-debuginfo-2.2.13-2.0.7.el5_8.5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"gimp-devel-2.2.13-2.0.7.el5_8.5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"gimp-libs-2.2.13-2.0.7.el5_8.5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-debuginfo / gimp-devel / gimp-libs\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:59:29", "description": "Multiple vulnerabilities has been discovered and corrected in cups :\n\nThe cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses (CVE-2010-2432).\n\nThe LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895 (CVE-2011-2896).\n\nThe gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896 (CVE-2011-3170).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-11T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : cups (MDVSA-2011:146)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2010-2432", "CVE-2011-2895", "CVE-2011-2896", "CVE-2011-3170"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:cups", "p-cpe:/a:mandriva:linux:cups-common", "p-cpe:/a:mandriva:linux:cups-serial", "p-cpe:/a:mandriva:linux:lib64cups2", "p-cpe:/a:mandriva:linux:lib64cups2-devel", "p-cpe:/a:mandriva:linux:libcups2", "p-cpe:/a:mandriva:linux:libcups2-devel", "p-cpe:/a:mandriva:linux:php-cups", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-146.NASL", "href": "https://www.tenable.com/plugins/nessus/56447", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:146. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56447);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2432\", \"CVE-2011-2896\", \"CVE-2011-3170\");\n script_bugtraq_id(41126, 49148, 49323);\n script_xref(name:\"MDVSA\", value:\"2011:146\");\n\n script_name(english:\"Mandriva Linux Security Advisory : cups (MDVSA-2011:146)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in cups :\n\nThe cupsDoAuthentication function in auth.c in the client in CUPS\nbefore 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a\ndemand for authorization, which allows remote CUPS servers to cause a\ndenial of service (infinite loop) via HTTP_UNAUTHORIZED responses\n(CVE-2010-2432).\n\nThe LZW decompressor in the LWZReadByte function in giftoppm.c in the\nDavid Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw\nfunction in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte\nfunction in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and\nearlier, the LZWReadByte function in img/gifread.c in XPCE in\nSWI-Prolog 5.10.4 and earlier, and other products, does not properly\nhandle code words that are absent from the decompression table when\nencountered, which allows remote attackers to trigger an infinite loop\nor a heap-based buffer overflow, and possibly execute arbitrary code,\nvia a crafted compressed stream, a related issue to CVE-2006-1168 and\nCVE-2011-2895 (CVE-2011-2896).\n\nThe gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and\nearlier does not properly handle the first code word in an LZW stream,\nwhich allows remote attackers to trigger a heap-based buffer overflow,\nand possibly execute arbitrary code, via a crafted stream, a different\nvulnerability than CVE-2011-2896 (CVE-2011-3170).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-serial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"cups-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"cups-common-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"cups-serial-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64cups2-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libcups2-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libcups2-devel-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cups-1.3.10-0.5mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"cups-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"cups-common-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"cups-serial-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64cups2-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libcups2-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libcups2-devel-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cups-1.4.3-3.2mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:09:29", "description": "Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An attacker could create a specially crafted PSD image file that, when opened, could cause the PSD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting CVE-2009-3909, and Matthias Weckbecker of the SUSE Security Team for reporting CVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-21T00:00:00", "type": "nessus", "title": "CentOS 5 : gimp (CESA-2012:1181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3909", "CVE-2011-2896", "CVE-2012-3402", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:gimp", "p-cpe:/a:centos:centos:gimp-devel", "p-cpe:/a:centos:centos:gimp-libs", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1181.NASL", "href": "https://www.tenable.com/plugins/nessus/61600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1181 and \n# CentOS Errata and Security Advisory 2012:1181 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61600);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n script_xref(name:\"RHSA\", value:\"2012:1181\");\n\n script_name(english:\"CentOS 5 : gimp (CESA-2012:1181)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gimp packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the GIMP's Adobe Photoshop (PSD) image file\nplug-in. An attacker could create a specially crafted PSD image file\nthat, when opened, could cause the PSD plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting\nCVE-2009-3909, and Matthias Weckbecker of the SUSE Security Team for\nreporting CVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-August/018809.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7e97b3a2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gimp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2009-3909\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"gimp-2.2.13-2.0.7.el5_8.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"gimp-devel-2.2.13-2.0.7.el5_8.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"gimp-libs-2.2.13-2.0.7.el5_8.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-libs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T17:01:59", "description": "This update fixes the following security issues :\n\n - 601830: CSRF via admin web interface. (CVE-2010-0540)\n\n - 680210: users in group 'lp' can overwrite arbitrary files. (CVE-2010-2431)\n\n - 680212: denial of service via cupsDoAuthentication.\n (CVE-2010-2432)\n\n - 711490: heap overflow in gif decoder. (CVE-2011-2896)\n\n - 715643: heap overflow in gif decoder (CVE-2011-3170)", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : CUPS (SAT Patch Number 5180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-2431", "CVE-2010-2432", "CVE-2011-2896", "CVE-2011-3170"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:cups", "p-cpe:/a:novell:suse_linux:11:cups-client", "p-cpe:/a:novell:suse_linux:11:cups-libs", "p-cpe:/a:novell:suse_linux:11:cups-libs-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_CUPS-110921.NASL", "href": "https://www.tenable.com/plugins/nessus/57094", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57094);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-2431\", \"CVE-2010-2432\", \"CVE-2011-2896\", \"CVE-2011-3170\");\n\n script_name(english:\"SuSE 11.1 Security Update : CUPS (SAT Patch Number 5180)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - 601830: CSRF via admin web interface. (CVE-2010-0540)\n\n - 680210: users in group 'lp' can overwrite arbitrary\n files. (CVE-2010-2431)\n\n - 680212: denial of service via cupsDoAuthentication.\n (CVE-2010-2432)\n\n - 711490: heap overflow in gif decoder. (CVE-2011-2896)\n\n - 715643: heap overflow in gif decoder (CVE-2011-3170)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=680210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=680212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=711490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=715643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0540.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2431.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2432.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2896.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3170.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5180.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:cups-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:cups-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"cups-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"cups-client-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"cups-libs-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"cups-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"cups-client-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"cups-libs-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"cups-libs-32bit-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"cups-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"cups-client-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"cups-libs-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"cups-libs-32bit-1.3.9-8.44.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"cups-libs-32bit-1.3.9-8.44.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T14:09:54", "description": "The GIMP (GNU Image Manipulation Program) is an image composition and editing program.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An attacker could create a specially crafted PSD image file that, when opened, could cause the PSD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403)\n\nUsers of the GIMP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The GIMP must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : gimp on SL5.x i386/x86_64 (20120820)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3909", "CVE-2011-2896", "CVE-2012-3402", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:gimp", "p-cpe:/a:fermilab:scientific_linux:gimp-devel", "p-cpe:/a:fermilab:scientific_linux:gimp-libs", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120820_GIMP_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61605);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3909\", \"CVE-2011-2896\", \"CVE-2012-3402\", \"CVE-2012-3403\", \"CVE-2012-3481\");\n\n script_name(english:\"Scientific Linux Security Update : gimp on SL5.x i386/x86_64 (20120820)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the GIMP's Adobe Photoshop (PSD) image file\nplug-in. An attacker could create a specially crafted PSD image file\nthat, when opened, could cause the PSD plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2009-3909, CVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create\na specially crafted GIF image file that, when opened, could cause the\nGIF plug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch\n(LZW) decompression algorithm implementation used by the GIMP's GIF\nimage format plug-in. An attacker could create a specially crafted GIF\nimage file that, when opened, could cause the GIF plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the GIMP. (CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL\nfile format plug-in. An attacker could create a specially crafted KiSS\npalette file that, when opened, could cause the CEL plug-in to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running the GIMP. (CVE-2012-3403)\n\nUsers of the GIMP are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The GIMP\nmust be restarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1208&L=scientific-linux-errata&T=0&P=1841\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cfb9e000\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gimp, gimp-devel and / or gimp-libs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gimp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"gimp-2.2.13-2.0.7.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"gimp-devel-2.2.13-2.0.7.el5_8.5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"gimp-libs-2.2.13-2.0.7.el5_8.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gimp / gimp-devel / gimp-libs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:58:49", "description": "Several vulnerabilities have been identified in GIMP, the GNU Image Manipulation Program.\n\n - CVE-2010-4540 Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the 'LIGHTING EFFECTS & LIGHT' plugin allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long 'Position' field in a plugin configuration file.\n\n - CVE-2010-4541 Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the 'SPHERE DESIGNER' plugin allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long 'Number of lights' field in a plugin configuration file.\n\n - CVE-2010-4542 Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in the GFIG plugin allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long 'Foreground' field in a plugin configuration file.\n\n - CVE-2010-4543 Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image.\n\n - CVE-2011-1782 The correction for CVE-2010-4543 was incomplete.\n\n - CVE-2011-2896 The LZW decompressor in the LZWReadByte function in plug-ins/common/file-gif-load.c does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream.", "cvss3": {"score": null, "vector": null}, "published": "2012-03-07T00:00:00", "type": "nessus", "title": "Debian DSA-2426-1 : gimp - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4540", "CVE-2010-4541", "CVE-2010-4542", "CVE-2010-4543", "CVE-2011-1782", "CVE-2011-2896"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:gimp", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2426.NASL", "href": "https://www.tenable.com/plugins/nessus/58250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2426. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58250);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4540\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4543\", \"CVE-2011-1782\", \"CVE-2011-2896\");\n script_bugtraq_id(45647, 48277, 49148);\n script_xref(name:\"DSA\", value:\"2426\");\n\n script_name(english:\"Debian DSA-2426-1 : gimp - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been identified in GIMP, the GNU Image\nManipulation Program.\n\n - CVE-2010-4540\n Stack-based buffer overflow in the load_preset_response\n function in plug-ins/lighting/lighting-ui.c in the\n 'LIGHTING EFFECTS & LIGHT' plugin allows user-assisted\n remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a long 'Position' field in a plugin configuration\n file.\n\n - CVE-2010-4541\n Stack-based buffer overflow in the loadit function in\n plug-ins/common/sphere-designer.c in the 'SPHERE\n DESIGNER' plugin allows user-assisted remote attackers\n to cause a denial of service (application crash) or\n possibly execute arbitrary code via a long 'Number of\n lights' field in a plugin configuration file.\n\n - CVE-2010-4542\n Stack-based buffer overflow in the\n gfig_read_parameter_gimp_rgb function in the GFIG plugin\n allows user-assisted remote attackers to cause a denial\n of service (application crash) or possibly execute\n arbitrary code via a long 'Foreground' field in a plugin\n configuration file.\n\n - CVE-2010-4543\n Heap-based buffer overflow in the read_channel_data\n function in file-psp.c in the Paint Shop Pro (PSP)\n plugin allows remote attackers to cause a denial of\n service (application crash) or possibly execute\n arbitrary code via a PSP_COMP_RLE (aka RLE compression)\n image file that begins a long run count at the end of\n the image.\n\n - CVE-2011-1782\n The correction for CVE-2010-4543 was incomplete.\n\n - CVE-2011-2896\n The LZW decompressor in the LZWReadByte function in\n plug-ins/common/file-gif-load.c does not properly handle\n code words that are absent from the decompression table\n when encountered, which allows remote attackers to\n trigger an infinite loop or a heap-based buffer\n overflow, and possibly execute arbitrary code, via a\n crafted compressed stream.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/gimp\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2426\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gimp packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 2.6.10-1+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"gimp\", reference:\"2.6.10-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"gimp-data\", reference:\"2.6.10-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"gimp-dbg\", reference:\"2.6.10-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgimp2.0\", reference:\"2.6.10-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgimp2.0-dev\", reference:\"2.6.10-1+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgimp2.0-doc\", reference:\"2.6.10-1+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-24T21:36:50", "description": "According to the versions of the libXfont package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.(CVE-2011-2895)\n\n - In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.(CVE-2017-13722)\n\n - In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\\0' characters are incorrectly skipped in situations involving ? characters.(CVE-2017-13720)\n\n - In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.(CVE-2017-16611)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libXfont (EulerOS-SA-2019-2357)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896", "CVE-2017-13720", "CVE-2017-13722", "CVE-2017-16611"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libXfont", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2357.NASL", "href": "https://www.tenable.com/plugins/nessus/131849", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131849);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2011-2895\",\n \"CVE-2017-13720\",\n \"CVE-2017-13722\",\n \"CVE-2017-16611\"\n );\n script_bugtraq_id(\n 49124\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libXfont (EulerOS-SA-2019-2357)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libXfont package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The LZW decompressor in (1) the BufCompressedFill\n function in fontfile/decompress.c in X.Org libXfont\n before 1.4.4 and (2) compress/compress.c in 4.3BSD, as\n used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD\n 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1,\n FreeType 2.1.9, and other products, does not properly\n handle code words that are absent from the\n decompression table when encountered, which allows\n context-dependent attackers to trigger an infinite loop\n or a heap-based buffer overflow, and possibly execute\n arbitrary code, via a crafted compressed stream, a\n related issue to CVE-2006-1168 and\n CVE-2011-2896.(CVE-2011-2895)\n\n - In the pcfGetProperties function in bitmap/pcfread.c in\n libXfont through 1.5.2 and 2.x before 2.0.2, a missing\n boundary check (for PCF files) could be used by local\n attackers authenticated to an Xserver for a buffer\n over-read, for information disclosure or a crash of the\n X server.(CVE-2017-13722)\n\n - In the PatternMatch function in fontfile/fontdir.c in\n libXfont through 1.5.2 and 2.x before 2.0.2, an\n attacker with access to an X connection can cause a\n buffer over-read during pattern matching of fonts,\n leading to information disclosure or a crash (denial of\n service). This occurs because '\\0' characters are\n incorrectly skipped in situations involving ?\n characters.(CVE-2017-13720)\n\n - In libXfont before 1.5.4 and libXfont2 before 2.0.3, a\n local attacker can open (but not read) files on the\n system as root, triggering tape rewinds, watchdogs, or\n similar mechanisms that can be triggered by opening\n files.(CVE-2017-16611)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2357\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4bd72a1c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libXfont packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libXfont-1.5.1-2.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXfont\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:56:59", "description": "The remote host is affected by the vulnerability described in GLSA-201209-23 (GIMP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-29T00:00:00", "type": "nessus", "title": "GLSA-201209-23 : GIMP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1570", "CVE-2009-3909", "CVE-2010-4540", "CVE-2010-4541", "CVE-2010-4542", "CVE-2010-4543", "CVE-2011-1178", "CVE-2011-2896", "CVE-2012-2763", "CVE-2012-3402"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gimp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201209-23.NASL", "href": "https://www.tenable.com/plugins/nessus/62379", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201209-23.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62379);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1570\", \"CVE-2009-3909\", \"CVE-2010-4540\", \"CVE-2010-4541\", \"CVE-2010-4542\", \"CVE-2010-4543\", \"CVE-2011-1178\", \"CVE-2011-2896\", \"CVE-2012-2763\", \"CVE-2012-3402\");\n script_bugtraq_id(37006, 37040, 45647, 48057, 49148, 53741, 55103);\n script_xref(name:\"GLSA\", value:\"201209-23\");\n\n script_name(english:\"GLSA-201209-23 : GIMP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201209-23\n(GIMP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GIMP. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201209-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GIMP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/gimp-2.6.12-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'GIMP script-fu Server Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/gimp\", unaffected:make_list(\"ge 2.6.12-r2\"), vulnerable:make_list(\"lt 2.6.12-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GIMP\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T13:10:49", "description": "Tomas Hoger discovered that GIMP incorrectly handled malformed LZW streams. \nIf a user were tricked into opening a specially crafted GIF image file, an \nattacker could cause GIMP to crash, or possibly execute arbitrary code with \nthe user's privileges.\n", "cvss3": {}, "published": "2011-09-22T00:00:00", "type": "ubuntu", "title": "GIMP vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-09-22T00:00:00", "id": "USN-1214-1", "href": "https://ubuntu.com/security/notices/USN-1214-1", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-04T13:10:59", "description": "Tomas Hoger discovered that the CUPS image library incorrectly handled LZW \nstreams. A remote attacker could use this flaw to cause a denial of service \nor possibly execute arbitrary code.\n", "cvss3": {}, "published": "2011-09-14T00:00:00", "type": "ubuntu", "title": "CUPS vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3170", "CVE-2011-2896"], "modified": "2011-09-14T00:00:00", "id": "USN-1207-1", "href": "https://ubuntu.com/security/notices/USN-1207-1", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:42:24", "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor Linux, UNIX, and similar operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the CUPS GIF image format\nreader. An attacker could create a malicious GIF image file that, when\nprinted, could possibly cause CUPS to crash or, potentially, execute\narbitrary code with the privileges of the \"lp\" user. (CVE-2011-2896)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the \"Show Completed Jobs,\" \"Show All Jobs,\" and\n\"Show Active Jobs\" buttons returned results globally across all printers\nand not the results for the specified printer. With this update, jobs from\nonly the selected printer are shown. (BZ#625900)\n\n* Prior to this update, the code of the serial backend contained a wrong\ncondition. As a consequence, print jobs on the raw print queue could not be\ncanceled. This update modifies the condition in the serial backend code.\nNow, the user can cancel these print jobs. (BZ#625955)\n\n* Prior to this update, the textonly filter did not work if used as a pipe,\nfor example when the command line did not specify the filename and the\nnumber of copies was always 1. This update modifies the condition in the\ntextonly filter. Now, the data are sent to the printer regardless of the\nnumber of copies specified. (BZ#660518)\n\n* Prior to this update, the file descriptor count increased until it ran\nout of resources when the cups daemon was running with enabled\nSecurity-Enhanced Linux (SELinux) features. With this update, all resources\nare allocated only once. (BZ#668009)\n\n* Prior to this update, CUPS incorrectly handled the en_US.ASCII value for\nthe LANG environment variable. As a consequence, the lpadmin, lpstat, and\nlpinfo binaries failed to write to standard output if using LANG with the\nvalue. This update fixes the handling of the en_US.ASCII value and the\nbinaries now write to standard output properly. (BZ#759081)\n\nAll users of cups are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically.\n", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "redhat", "title": "(RHSA-2012:0302) Low: cups security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2017-09-08T08:15:56", "id": "RHSA-2012:0302", "href": "https://access.redhat.com/errata/RHSA-2012:0302", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:37:29", "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems.\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the CUPS GIF image format\nreader. An attacker could create a malicious GIF image file that, when\nprinted, could possibly cause CUPS to crash or, potentially, execute\narbitrary code with the privileges of the \"lp\" user. (CVE-2011-2896)\n\nThese updated cups packages also provide fixes for the following bugs:\n\n* Previously CUPS was not correctly handling the language setting\nLANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were\nnot displaying any output when the LANG=en_US.ASCII environment variable\nwas used. As a result of this update the problem is fixed and the expected\noutput is now displayed. (BZ#681836)\n\n* Previously the scheduler did not check for empty values of several\nconfiguration directives. As a consequence it was possible for the CUPS\ndaemon (cupsd) to crash when a configuration file contained certain empty\nvalues. With this update the problem is fixed and cupsd no longer crashes\nwhen reading such a configuration file. (BZ#706673)\n\n* Previously when printing to a raw print queue, when using certain printer\nmodels, CUPS was incorrectly sending SNMP queries. As a consequence there\nwas a noticeable 4-second delay between queueing the job and the start of\nprinting. With this update the problem is fixed and CUPS no longer tries to\ncollect SNMP supply and status information for raw print queues.\n(BZ#709896)\n\n* Previously when using the BrowsePoll directive it could happen that the\nCUPS printer polling daemon (cups-polld) began polling before the network\ninterfaces were set up after a system boot. CUPS was then caching the\nfailed hostname lookup. As a consequence no printers were found and the\nerror, \"Host name lookup failure\", was logged. With this update the code\nthat re-initializes the resolver after failure in cups-polld is fixed and\nas a result CUPS will obtain the correct network settings to use in printer\ndiscovery. (BZ#712430)\n\n* The MaxJobs directive controls the maximum number of print jobs that are\nkept in memory. Previously, once the number of jobs reached the limit, the\nCUPS system failed to automatically purge the data file associated with the\noldest completed job from the system in order to make room for a new print\njob. This bug has been fixed, and the jobs beyond the set limit are now\nproperly purged. (BZ#735505)\n\n* The cups init script (/etc/rc.d/init.d/cups) uses the daemon function\n(from /etc/rc.d/init.d/functions) to start the cups process, but previously\nit did not source a configuration file from the /etc/sysconfig/ directory.\nAs a consequence, it was difficult to cleanly set the nice level or cgroup\nfor the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables.\nWith this update, the init script is fixed. (BZ#744791)\n\nAll users of CUPS are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically.\n", "cvss3": {}, "published": "2011-12-06T00:00:00", "type": "redhat", "title": "(RHSA-2011:1635) Low: cups security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2018-06-06T16:24:29", "id": "RHSA-2011:1635", "href": "https://access.redhat.com/errata/RHSA-2011:1635", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:39:20", "description": "The GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create a\nspecially-crafted GIF image file that, when opened, could cause the GIF\nplug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the GIMP's GIF image format\nplug-in. An attacker could create a specially-crafted GIF image file that,\nwhen opened, could cause the GIF plug-in to crash or, potentially, execute\narbitrary code with the privileges of the user running the GIMP.\n(CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\nformat plug-in. An attacker could create a specially-crafted KiSS palette\nfile that, when opened, could cause the CEL plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nthe GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security Team\nfor reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The GIMP must be\nrestarted for the update to take effect.\n", "cvss3": {}, "published": "2012-08-20T00:00:00", "type": "redhat", "title": "(RHSA-2012:1180) Moderate: gimp security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2018-06-06T16:24:30", "id": "RHSA-2012:1180", "href": "https://access.redhat.com/errata/RHSA-2012:1180", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:43:12", "description": "The GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An\nattacker could create a specially-crafted PSD image file that, when opened,\ncould cause the PSD plug-in to crash or, potentially, execute arbitrary\ncode with the privileges of the user running the GIMP. (CVE-2009-3909,\nCVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create a\nspecially-crafted GIF image file that, when opened, could cause the GIF\nplug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the GIMP's GIF image format\nplug-in. An attacker could create a specially-crafted GIF image file that,\nwhen opened, could cause the GIF plug-in to crash or, potentially, execute\narbitrary code with the privileges of the user running the GIMP.\n(CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\nformat plug-in. An attacker could create a specially-crafted KiSS palette\nfile that, when opened, could cause the CEL plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nthe GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting CVE-2009-3909,\nand Matthias Weckbecker of the SUSE Security Team for reporting\nCVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The GIMP must be\nrestarted for the update to take effect.\n", "cvss3": {}, "published": "2012-08-20T00:00:00", "type": "redhat", "title": "(RHSA-2012:1181) Moderate: gimp security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3909", "CVE-2011-2896", "CVE-2012-3402", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2017-09-08T07:54:15", "id": "RHSA-2012:1181", "href": "https://access.redhat.com/errata/RHSA-2012:1181", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:04", "description": "[1:1.3.7-30]\n- Backported patch to fix transcoding for ASCII (bug #759081, STR #3832).\n[1:1.3.7-29]\n- The imageto* filters could crash with bad GIF files\n (CVE-2011-2896, STR #3867, STR #3914, bug #752118).\n[1:1.3.7-28]\n- Web interface didn't show completed jobs for printer (STR #3436, bug #625900)\n- Serial backend didn't allow a raw job to be canceled (STR #3649, bug #625955)\n- Fixed condition in textonly filter to create temporary file\n regardless of the number of copies specified. (bug #660518)\n[1:1.3.7-27]\n- Call avc_init() only once to not leak file descriptors (bug #668009).", "cvss3": {}, "published": "2012-03-01T00:00:00", "type": "oraclelinux", "title": "cups security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2012-03-01T00:00:00", "id": "ELSA-2012-0302", "href": "http://linux.oracle.com/errata/ELSA-2012-0302.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:45", "description": "[1.4.2-44]\n- Init script should source /etc/sysconfig/cups (bug #744791)\n[1.4.2-43]\n- The scheduler might leave old job data files in the spool directory\n (STR #3795, STR #3880, bug #735505).\n[1.4.2-42]\n- A further fix for imageto* filters crashing with bad GIF files\n (STR #3914, bug #714118).\n[1.4.2-41]\n- The imageto* filters could crash with bad GIF files (STR #3867, bug #714118).\n[1.4.2-40]\n- Map ASCII to ISO-8859-1 in the transcoding code (STR #3832, bug #681836).\n- Check for empty values for some configuration directives (STR #3861, bug #706673).\n- The network backends no longer try to collect SNMP supply and status\n information for raw queues (STR #3809, bug #709896).\n- Handle EAI_NONAME when resolving hostnames (bug #712430).", "cvss3": {}, "published": "2011-12-14T00:00:00", "type": "oraclelinux", "title": "cups security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2896"], "modified": "2011-12-14T00:00:00", "id": "ELSA-2011-1635", "href": "http://linux.oracle.com/errata/ELSA-2011-1635.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:33", "description": "[2:2.6.9-4.3]\n- fix overflow in GIF loader (#847303)\n[2:2.6.9-4.2]\n- fix overflows in GIF, CEL loaders (#727800, #839020)", "cvss3": {}, "published": "2012-08-20T00:00:00", "type": "oraclelinux", "title": "gimp security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2012-08-20T00:00:00", "id": "ELSA-2012-1180", "href": "http://linux.oracle.com/errata/ELSA-2012-1180.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:02", "description": "[2:2.2.13-2.0.7.el5_8.5]\n- fix overflow in GIF loader (CVE-2012-3481)\n[2:2.2.13-2.0.7.el5_8.4]\n- fix overflows in PSD plugin (CVE-2009-3909, CVE-2012-3402)\n- fix heap corruption and overflow in GIF plug-in (CVE-2011-2896)\n- fix overflow in CEL plug-in (CVE-2012-3403)", "cvss3": {}, "published": "2012-08-20T00:00:00", "type": "oraclelinux", "title": "gimp security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-3403", "CVE-2009-3909", "CVE-2012-3402", "CVE-2012-3481", "CVE-2011-2896"], "modified": "2012-08-20T00:00:00", "id": "ELSA-2012-1181", "href": "http://linux.oracle.com/errata/ELSA-2012-1181.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras as wel l. GIMP provides a large image manipulation toolbox, including channel operati ons and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. ", "cvss3": {}, "published": "2011-08-22T15:18:21", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: gimp-2.6.11-21.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-08-22T15:18:21", "id": "FEDORA:E09F7111297", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DIVYYRINWGML2D2QXNIU3W6IWS77CD74/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. ", "cvss3": {}, "published": "2011-08-26T19:12:30", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: cups-1.4.8-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-08-26T19:12:30", "id": "FEDORA:6016D11096A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SNY6KG56EJ53MT77SD5FY7XBK47T76I7/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. ", "cvss3": {}, "published": "2011-08-30T20:39:06", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: cups-1.5.0-6.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-08-30T20:39:06", "id": "FEDORA:9785E10F898", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WNLMF5GA4L4TUE2IMAC3QIO22DWYOSR3/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib (Unix process control and sockets), cpp (C++ interface), sgml (reading XML/SGML), sgml/RDF (reading RDF into triples) and XPCE (Graphics UI toolkit, integrated editor (Emacs-clone) and source-level debugger). ", "cvss3": {}, "published": "2011-09-08T07:07:27", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: pl-5.10.2-5.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-09-08T07:07:27", "id": "FEDORA:5B23387E73", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MGJYAMTEQVCVUDQZWXZU7PSQSJISRRPR/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib (Unix process control and sockets), cpp (C++ interface), sgml (reading XML/SGML), sgml/RDF (reading RDF into triples) and XPCE (Graphics UI toolkit, integrated editor (Emacs-clone) and source-level debugger). ", "cvss3": {}, "published": "2011-09-09T17:09:28", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: pl-5.10.2-5.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896"], "modified": "2011-09-09T17:09:28", "id": "FEDORA:E2944E7205", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UFATLK6B2FHRTLCH3BWVXHNLSKMX7EK5/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. ", "cvss3": {}, "published": "2011-09-09T05:24:48", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: cups-1.4.8-2.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2941", "CVE-2011-2896"], "modified": "2011-09-09T05:24:48", "id": "FEDORA:7F55B37D5D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BTDOM75RTBEAW4QKI5A2BKKMT3SHNTPS/", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras as wel l. GIMP provides a large image manipulation toolbox, including channel operati ons and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. ", "cvss3": {}, "published": "2011-08-19T21:59:46", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: gimp-2.6.11-21.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4540", "CVE-2010-4541", "CVE-2010-4542", "CVE-2010-4543", "CVE-2011-1782", "CVE-2011-2896"], "modified": "2011-08-19T21:59:46", "id": "FEDORA:37B4711095E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HT7UFN54GXZP32SECK3DKL5RBCRXMSYR/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras as wel l. GIMP provides a large image manipulation toolbox, including channel operati ons and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. ", "cvss3": {}, "published": "2011-08-23T04:38:04", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: gimp-2.6.11-21.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4540", "CVE-2010-4541", "CVE-2010-4542", "CVE-2010-4543", "CVE-2011-1782", "CVE-2011-2896"], "modified": "2011-08-23T04:38:04", "id": "FEDORA:34451110A59", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JPZBTI5NP35UVE2U77SAEPXUSR4HK63K/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:22:52", "description": "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.", "cvss3": {}, "published": "2011-08-19T17:55:00", "type": "cve", "title": "CVE-2011-3170", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896", "CVE-2011-3170"], "modified": "2017-08-29T01:30:00", "cpe": ["cpe:/a:apple:cups:1.1.5", "cpe:/a:apple:cups:1.3.4", "cpe:/a:apple:cups:1.2.5", "cpe:/a:apple:cups:1.2.0", "cpe:/a:apple:cups:1.4.0", "cpe:/a:apple:cups:1.1.22", "cpe:/a:apple:cups:1.2.12", "cpe:/a:apple:cups:1.3.5", "cpe:/a:apple:cups:1.1.6-3", "cpe:/a:apple:cups:1.2.4", "cpe:/a:apple:cups:1.3.6", "cpe:/a:apple:cups:1.2.6", "cpe:/a:apple:cups:1.4.4", "cpe:/a:apple:cups:1.1.1", "cpe:/a:apple:cups:1.1.23", "cpe:/a:apple:cups:1.2.7", "cpe:/a:apple:cups:1.3.8", "cpe:/a:apple:cups:1.3.11", "cpe:/a:apple:cups:1.1.10", "cpe:/a:apple:cups:1.3.0", "cpe:/a:apple:cups:1.1", "cpe:/a:apple:cups:1.2.10", "cpe:/a:apple:cups:1.3.1", "cpe:/a:apple:cups:1.3.7", "cpe:/a:apple:cups:1.1.9-1", "cpe:/a:apple:cups:1.1.20", "cpe:/a:apple:cups:1.1.15", "cpe:/a:apple:cups:1.1.12", "cpe:/a:apple:cups:1.1.19", "cpe:/a:apple:cups:1.2", "cpe:/a:apple:cups:1.4.3", "cpe:/a:apple:cups:1.3.10", "cpe:/a:apple:cups:1.4.7", "cpe:/a:apple:cups:1.4.6", "cpe:/a:apple:cups:1.3.9", "cpe:/a:apple:cups:1.2.3", "cpe:/a:apple:cups:1.4", "cpe:/a:apple:cups:1.1.10-1", "cpe:/a:apple:cups:1.1.2", "cpe:/a:apple:cups:1.1.11", "cpe:/a:apple:cups:1.1.13", "cpe:/a:apple:cups:1.1.14", "cpe:/a:apple:cups:1.1.5-1", "cpe:/a:apple:cups:1.2.8", "cpe:/a:apple:cups:1.4.2", "cpe:/a:apple:cups:1.1.5-2", "cpe:/a:apple:cups:1.1.7", "cpe:/a:apple:cups:1.2.11", "cpe:/a:apple:cups:1.1.6-2", "cpe:/a:apple:cups:1.2.2", "cpe:/a:apple:cups:1.3.2", "cpe:/a:apple:cups:1.2.9", "cpe:/a:apple:cups:1.1.4", "cpe:/a:apple:cups:1.1.6-1", "cpe:/a:apple:cups:1.4.8", "cpe:/a:apple:cups:1.2.1", "cpe:/a:apple:cups:1.1.6", "cpe:/a:apple:cups:1.3.3", "cpe:/a:apple:cups:1.3", "cpe:/a:apple:cups:1.4.5", "cpe:/a:apple:cups:1.1.18", "cpe:/a:apple:cups:1.4.1", "cpe:/a:apple:cups:1.1.9", "cpe:/a:apple:cups:1.1.16", "cpe:/a:apple:cups:1.1.8", "cpe:/a:apple:cups:1.1.3", "cpe:/a:apple:cups:1.1.17", "cpe:/a:apple:cups:1.1.21"], "id": "CVE-2011-3170", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4:b2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4:b3:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4:b1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:18:08", "description": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.", "cvss3": {}, "published": "2011-08-19T17:55:00", "type": "cve", "title": "CVE-2011-2895", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:x:libxfont:1.2.2", "cpe:/a:x:libxfont:1.4.1", "cpe:/o:openbsd:openbsd:3.4", "cpe:/a:x:libxfont:1.2.9", "cpe:/o:openbsd:openbsd:3.1", "cpe:/o:openbsd:openbsd:2.2", "cpe:/o:openbsd:openbsd:2.5", "cpe:/a:x:libxfont:1.2.6", "cpe:/o:netbsd:netbsd:*", "cpe:/o:openbsd:openbsd:2.7", "cpe:/a:x:libxfont:1.2.4", "cpe:/a:x:libxfont:1.2.0", "cpe:/o:openbsd:openbsd:3.6", "cpe:/a:x:libxfont:1.4.2", "cpe:/o:freebsd:freebsd:*", "cpe:/o:openbsd:openbsd:2.8", "cpe:/o:openbsd:openbsd:3.5", "cpe:/o:openbsd:openbsd:2.3", "cpe:/o:openbsd:openbsd:2.1", "cpe:/a:x:libxfont:1.2.5", "cpe:/o:openbsd:openbsd:3.7", "cpe:/a:x:libxfont:1.2.3", "cpe:/a:x:libxfont:1.3.0", "cpe:/o:openbsd:openbsd:2.4", "cpe:/o:openbsd:openbsd:2.0", "cpe:/a:x:libxfont:1.2.7", "cpe:/a:x:libxfont:1.2.8", "cpe:/o:openbsd:openbsd:2.9", "cpe:/o:openbsd:openbsd:3.2", "cpe:/a:x:libxfont:1.4.3", "cpe:/a:x:libxfont:1.4.0", "cpe:/o:openbsd:openbsd:2.6", "cpe:/a:x:libxfont:1.3.4", "cpe:/a:freetype:freetype:2.1.9", "cpe:/a:x:libxfont:1.3.3", "cpe:/o:openbsd:openbsd:3.3", "cpe:/a:x:libxfont:1.2.1", "cpe:/a:x:libxfont:1.3.2", "cpe:/o:openbsd:openbsd:3.0", "cpe:/a:x:libxfont:1.3.1"], "id": "CVE-2011-2895", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2895", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:18:10", "description": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.", "cvss3": {}, "published": "2011-08-19T17:55:00", "type": "cve", "title": "CVE-2011-2896", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896"], "modified": "2022-02-07T18:44:00", "cpe": ["cpe:/a:apple:cups:1.4.6", "cpe:/a:gimp:gimp:2.6.11", "cpe:/a:swi-prolog:swi-prolog:5.10.4"], "id": "CVE-2011-2896", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:cups:1.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:swi-prolog:swi-prolog:5.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*"]}], "debian": [{"lastseen": "2021-10-22T00:09:16", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2354-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nNovember 28, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : cups\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-2896 CVE-2011-3170 \n\nPetr Sklenar and Tomas Hoger discovered that missing input sanitising in\nthe GIF decoder inside the Cups printing system could lead to denial\nof service or potentially arbitrary code execution through crafted GIF \nfiles.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.4-7+squeeze1.\n\nFor the testing and unstable distribution (sid), this problem has been\nfixed in version 1.5.0-8.\n\nWe recommend that you upgrade your cups packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-11-30T17:39:49", "type": "debian", "title": "[SECURITY] [DSA 2354-1] cups security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896", "CVE-2011-3170"], "modified": "2011-11-30T17:39:49", "id": "DEBIAN:DSA-2354-1:6EEDC", "href": "https://lists.debian.org/debian-security-announce/2011/msg00232.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-09T00:44:39", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2426-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nMarch 06, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : gimp\nVulnerability : several\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543\n CVE-2011-1782 CVE-2011-2896\n\nSeveral vulnerabilities have been identified in GIMP, the GNU Image\nManipulation Program.\n\nCVE-2010-4540\n\tStack-based buffer overflow in the load_preset_response\n\tfunction in plug-ins/lighting/lighting-ui.c in the "LIGHTING\n\tEFFECTS > LIGHT" plugin allows user-assisted remote attackers\n\tto cause a denial of service (application crash) or possibly\n\texecute arbitrary code via a long Position field in a plugin\n\tconfiguration file.\n\nCVE-2010-4541\n\tStack-based buffer overflow in the loadit function in\n\tplug-ins/common/sphere-designer.c in the SPHERE DESIGNER\n\tplugin allows user-assisted remote attackers to cause a denial\n\tof service (application crash) or possibly execute arbitrary\n\tcode via a long "Number of lights" field in a plugin\n\tconfiguration file.\n\nCVE-2010-4542\n\tStack-based buffer overflow in the gfig_read_parameter_gimp_rgb\n\tfunction in in the GFIG plugin allows user-assisted remote\n\tattackers to cause a denial of service (application crash) or\n\tpossibly execute arbitrary code via a long Foreground field in a\n\tplugin configuration file.\n\nCVE-2010-4543\n\tHeap-based buffer overflow in the read_channel_data function in\n\tfile-psp.c in the Paint Shop Pro (PSP) plugin allows remote\n\tattackers to cause a denial of service (application crash) or\n\tpossibly execute arbitrary code via a PSP_COMP_RLE (aka RLE\n\tcompression) image file that begins a long run count at the end\n\tof the image.\n\nCVE-2011-1782\n\tThe correction for CVE-2010-4543 was incomplete.\n\nCVE-2011-2896\n\tThe LZW decompressor in the LZWReadByte function in\n\tplug-ins/common/file-gif-load.c does not properly handle code\n\twords that are absent from the decompression table when\n\tencountered, which allows remote attackers to trigger an\n\tinfinite loop or a heap-based buffer overflow, and possibly\n\texecute arbitrary code, via a crafted compressed stream.\n\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.6.10-1+squeeze3.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 2.6.11-5.\n\nWe recommend that you upgrade your gimp packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-03-06T18:46:58", "type": "debian", "title": "[SECURITY] [DSA 2426-1] gimp security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4540", "CVE-2010-4541", "CVE-2010-4542", "CVE-2010-4543", "CVE-2011-1782", "CVE-2011-2896"], "modified": "2012-03-06T18:46:58", "id": "DEBIAN:DSA-2426-1:E60DB", "href": "https://lists.debian.org/debian-security-announce/2012/msg00054.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-05-30T14:07:18", "description": "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.", "cvss3": {}, "published": "2011-08-19T17:55:00", "type": "debiancve", "title": "CVE-2011-3170", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896", "CVE-2011-3170"], "modified": "2011-08-19T17:55:00", "id": "DEBIANCVE:CVE-2011-3170", "href": "https://security-tracker.debian.org/tracker/CVE-2011-3170", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T14:07:18", "description": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.", "cvss3": {}, "published": "2011-08-19T17:55:00", "type": "debiancve", "title": "CVE-2011-2896", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896"], "modified": "2011-08-19T17:55:00", "id": "DEBIANCVE:CVE-2011-2896", "href": "https://security-tracker.debian.org/tracker/CVE-2011-2896", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T19:31:49", "description": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.", "cvss3": {}, "published": "2011-08-19T17:55:00", "type": "debiancve", "title": "CVE-2011-2895", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-1168", "CVE-2011-2895", "CVE-2011-2896"], "modified": "2011-08-19T17:55:00", "id": "DEBIANCVE:CVE-2011-2895", "href": "https://security-tracker.debian.org/tracker/CVE-2011-2895", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:55:26", "description": "**CentOS Errata and Security Advisory** CESA-2012:1180\n\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create a\nspecially-crafted GIF image file that, when opened, could cause the GIF\nplug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the GIMP's GIF image format\nplug-in. An attacker could create a specially-crafted GIF image file that,\nwhen opened, could cause the GIF plug-in to crash or, potentially, execute\narbitrary code with the privileges of the user running the GIMP.\n(CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\nformat plug-in. An attacker could create a specially-crafted KiSS palette\nfile that, when opened, could cause the CEL plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nthe GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Matthias Weckbecker of the SUSE Security Team\nfor reporting the CVE-2012-3481 issue.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The GIMP must be\nrestarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-August/055732.html\n\n**Affected packages:**\ngimp\ngimp-devel\ngimp-devel-tools\ngimp-help-browser\ngimp-libs\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1180", "cvss3": {}, "published": "2012-08-20T16:23:59", "type": "centos", "title": "gimp security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2896", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2012-08-20T16:23:59", "id": "CESA-2012:1180", "href": "https://lists.centos.org/pipermail/centos-announce/2012-August/055732.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:55:26", "description": "**CentOS Errata and Security Advisory** CESA-2012:1181\n\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the GIMP's Adobe Photoshop (PSD) image file plug-in. An\nattacker could create a specially-crafted PSD image file that, when opened,\ncould cause the PSD plug-in to crash or, potentially, execute arbitrary\ncode with the privileges of the user running the GIMP. (CVE-2009-3909,\nCVE-2012-3402)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the GIMP's GIF image format plug-in. An attacker could create a\nspecially-crafted GIF image file that, when opened, could cause the GIF\nplug-in to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the GIMP. (CVE-2012-3481)\n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the GIMP's GIF image format\nplug-in. An attacker could create a specially-crafted GIF image file that,\nwhen opened, could cause the GIF plug-in to crash or, potentially, execute\narbitrary code with the privileges of the user running the GIMP.\n(CVE-2011-2896)\n\nA heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file\nformat plug-in. An attacker could create a specially-crafted KiSS palette\nfile that, when opened, could cause the CEL plug-in to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nthe GIMP. (CVE-2012-3403)\n\nRed Hat would like to thank Secunia Research for reporting CVE-2009-3909,\nand Matthias Weckbecker of the SUSE Security Team for reporting\nCVE-2012-3481.\n\nUsers of the GIMP are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The GIMP must be\nrestarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-August/055728.html\n\n**Affected packages:**\ngimp\ngimp-devel\ngimp-libs\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:1181", "cvss3": {}, "published": "2012-08-20T15:14:54", "type": "centos", "title": "gimp security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3909", "CVE-2011-2896", "CVE-2012-3402", "CVE-2012-3403", "CVE-2012-3481"], "modified": "2012-08-20T15:14:54", "id": "CESA-2012:1181", "href": "https://lists.centos.org/pipermail/centos-announce/2012-August/055728.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:12:16", "description": "### Background\n\nGIMP is the GNU Image Manipulation Program.\n\n### Description\n\nMultiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GIMP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/gimp-2.6.12-r2\"", "cvss3": {}, "published": "2012-09-28T00:00:00", "type": "gentoo", "title": "GIMP: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1570", "CVE-2009-3909", "CVE-2010-4540", "CVE-2010-4541", "CVE-2010-4542", "CVE-2010-4543", "CVE-2011-1178", "CVE-2011-2896", "CVE-2012-2763", "CVE-2012-3402"], "modified": "2012-09-28T00:00:00", "id": "GLSA-201209-23", "href": "https://security.gentoo.org/glsa/201209-23", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
[SECURITY] Fedora 14 Update: pl-5.7.11-7.fc14
