The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files.
{"nessus": [{"lastseen": "2021-08-19T13:10:23", "description": "Update to new upstream version 1.2.29. Among other bug fixes, this introduces a minor security fix in the handling of unknown chunks - CVE-2008-1382: http://libpng.sourceforge.net/Advisory-1.2.26.txt http://www.ocert.org/advisories/ocert-2008-003.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-06-04T00:00:00", "type": "nessus", "title": "Fedora 8 : libpng-1.2.29-1.fc8 (2008-4847)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libpng", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-4847.NASL", "href": "https://www.tenable.com/plugins/nessus/33079", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4847.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33079);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"FEDORA\", value:\"2008-4847\");\n\n script_name(english:\"Fedora 8 : libpng-1.2.29-1.fc8 (2008-4847)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream version 1.2.29. Among other bug fixes, this\nintroduces a minor security fix in the handling of unknown chunks -\nCVE-2008-1382: http://libpng.sourceforge.net/Advisory-1.2.26.txt\nhttp://www.ocert.org/advisories/ocert-2008-003.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://libpng.sourceforge.net/Advisory-1.2.26.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://libpng.sourceforge.io/Advisory-1.2.26.txt\"\n );\n # http://www.ocert.org/advisories/ocert-2008-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2008-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=441839\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/010776.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ceaf33f9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"libpng-1.2.29-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:39", "description": "Specially crafted PNG files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code.\n(CVE-2008-1382)", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : libpng (YOU Patch Number 12141)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12141.NASL", "href": "https://www.tenable.com/plugins/nessus/41209", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41209);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\");\n\n script_name(english:\"SuSE9 Security Update : libpng (YOU Patch Number 12141)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PNG files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code.\n(CVE-2008-1382)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1382.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12141.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"libpng-1.2.5-182.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libpng-devel-1.2.5-182.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"libpng-32bit-9-200804151618\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:28", "description": "This update fixes the way that libpng10 handles unknown zero-length chunks, which in previous versions could result in writing to attacker controlled addresses, depending on how the libpng api is used. To be affected, an application would have to call png_set_keep_unknown_chunks(), which tells libpng not to ignore unknown chunks, but to do something with them. The PNG spec allows for 'unknown' chunks, which are ignored by default, but an application could in theory embed some sort of extra data in a png image, then later get it back out via this mechanism. No packages in Fedora are believed to be affected by this issue, but it's possible that third-party applications could be.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-05-29T00:00:00", "type": "nessus", "title": "Fedora 9 : libpng10-1.0.37-1.fc9 (2008-3683)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libpng10", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-3683.NASL", "href": "https://www.tenable.com/plugins/nessus/32458", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-3683.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32458);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"FEDORA\", value:\"2008-3683\");\n\n script_name(english:\"Fedora 9 : libpng10-1.0.37-1.fc9 (2008-3683)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the way that libpng10 handles unknown zero-length\nchunks, which in previous versions could result in writing to attacker\ncontrolled addresses, depending on how the libpng api is used. To be\naffected, an application would have to call\npng_set_keep_unknown_chunks(), which tells libpng not to ignore\nunknown chunks, but to do something with them. The PNG spec allows for\n'unknown' chunks, which are ignored by default, but an application\ncould in theory embed some sort of extra data in a png image, then\nlater get it back out via this mechanism. No packages in Fedora are\nbelieved to be affected by this issue, but it's possible that\nthird-party applications could be.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=441839\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010373.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc9415b5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng10 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libpng10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"libpng10-1.0.37-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng10\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:40", "description": "Secunia reports :\n\nTavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a Denial of Service, disclose potentially sensitive information, or potentially compromise an application using the library.\n\nThe vulnerability is caused due to the improper handling of PNG chunks unknown to the library. This can be exploited to trigger the use of uninitialized memory in e.g. a free() call via unknown PNG chunks having a length of zero.\n\nSuccessful exploitation may allow execution of arbitrary code, but requires that the application calls the png_set_read_user_chunk_fn() function or the png_set_keep_unknown_chunks() function under specific conditions.", "cvss3": {"score": null, "vector": null}, "published": "2008-05-01T00:00:00", "type": "nessus", "title": "FreeBSD : png -- unknown chunk processing uninitialized memory access (57c705d6-12ae-11dd-bab7-0016179b2dd5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:png", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_57C705D612AE11DDBAB70016179B2DD5.NASL", "href": "https://www.tenable.com/plugins/nessus/32110", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32110);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"Secunia\", value:\"29792\");\n\n script_name(english:\"FreeBSD : png -- unknown chunk processing uninitialized memory access (57c705d6-12ae-11dd-bab7-0016179b2dd5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Secunia reports :\n\nTavis Ormandy has reported a vulnerability in libpng, which can be\nexploited by malicious people to cause a Denial of Service, disclose\npotentially sensitive information, or potentially compromise an\napplication using the library.\n\nThe vulnerability is caused due to the improper handling of PNG chunks\nunknown to the library. This can be exploited to trigger the use of\nuninitialized memory in e.g. a free() call via unknown PNG chunks\nhaving a length of zero.\n\nSuccessful exploitation may allow execution of arbitrary code, but\nrequires that the application calls the png_set_read_user_chunk_fn()\nfunction or the png_set_keep_unknown_chunks() function under specific\nconditions.\"\n );\n # http://libpng.sourceforge.net/Advisory-1.2.26.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://libpng.sourceforge.io/Advisory-1.2.26.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/57c705d6-12ae-11dd-bab7-0016179b2dd5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?057c0421\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:png\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"png<1.2.27\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:51", "description": "The remote host is affected by the vulnerability described in GLSA-200804-15 (libpng: Execution of arbitrary code)\n\n Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call png_set_read_user_chunk_fn() or png_set_keep_unknown_chunks().\n Impact :\n\n A remote attacker could entice a user or automated system to process a specially crafted PNG image in an application using libpng and possibly execute arbitrary code with the privileges of the user running the application. Note that processing of unknown chunks is disabled by default in most PNG applications, but some such as ImageMagick are affected.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2008-04-17T00:00:00", "type": "nessus", "title": "GLSA-200804-15 : libpng: Execution of arbitrary code", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libpng", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200804-15.NASL", "href": "https://www.tenable.com/plugins/nessus/31962", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200804-15.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31962);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"GLSA\", value:\"200804-15\");\n\n script_name(english:\"GLSA-200804-15 : libpng: Execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200804-15\n(libpng: Execution of arbitrary code)\n\n Tavis Ormandy of the Google Security Team discovered that libpng does\n not handle zero-length unknown chunks in PNG files correctly, which\n might lead to memory corruption in applications that call\n png_set_read_user_chunk_fn() or png_set_keep_unknown_chunks().\n \nImpact :\n\n A remote attacker could entice a user or automated system to process a\n specially crafted PNG image in an application using libpng and possibly\n execute arbitrary code with the privileges of the user running the\n application. Note that processing of unknown chunks is disabled by\n default in most PNG applications, but some such as ImageMagick are\n affected.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200804-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libpng users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.26-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/libpng\", unaffected:make_list(\"ge 1.2.26-r1\"), vulnerable:make_list(\"lt 1.2.26-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:17", "description": "Specially crafted png files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code (CVE-2008-1382).", "cvss3": {"score": null, "vector": null}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libpng-devel (libpng-devel-66)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpng-devel", "p-cpe:/a:novell:opensuse:libpng-devel-32bit", "p-cpe:/a:novell:opensuse:libpng12-0", "p-cpe:/a:novell:opensuse:libpng12-0-32bit", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_LIBPNG-DEVEL-080625.NASL", "href": "https://www.tenable.com/plugins/nessus/40036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libpng-devel-66.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40036);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\");\n\n script_name(english:\"openSUSE Security Update : libpng-devel (libpng-devel-66)\");\n script_summary(english:\"Check for the libpng-devel-66 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted png files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code\n(CVE-2008-1382).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=378634\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng12-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng12-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libpng-devel-1.2.26-14.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libpng12-0-1.2.26-14.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.26-14.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libpng12-0-32bit-1.2.26-14.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng-devel / libpng-devel-32bit / libpng12-0 / libpng12-0-32bit\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:53", "description": "Specially crafted png files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code (CVE-2008-1382).", "cvss3": {"score": null, "vector": null}, "published": "2008-04-22T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : libpng (libpng-5180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpng", "p-cpe:/a:novell:opensuse:libpng-32bit", "p-cpe:/a:novell:opensuse:libpng-devel", "p-cpe:/a:novell:opensuse:libpng-devel-32bit", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_LIBPNG-5180.NASL", "href": "https://www.tenable.com/plugins/nessus/32024", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libpng-5180.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32024);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\");\n\n script_name(english:\"openSUSE 10 Security Update : libpng (libpng-5180)\");\n script_summary(english:\"Check for the libpng-5180 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted png files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code\n(CVE-2008-1382).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libpng-1.2.8-19.15\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libpng-devel-1.2.8-19.15\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"libpng-32bit-1.2.8-19.15\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.8-19.15\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libpng-1.2.12-29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libpng-devel-1.2.12-29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"libpng-32bit-1.2.12-29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.12-29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libpng-1.2.18-15.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libpng-devel-1.2.18-15.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libpng-32bit-1.2.18-15.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.18-15.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng / libpng-32bit / libpng-devel / libpng-devel-32bit\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:19", "description": "This update fixes the way that libpng10 handles unknown zero-length chunks, which in previous versions could result in writing to attacker controlled addresses, depending on how the libpng api is used. To be affected, an application would have to call png_set_keep_unknown_chunks(), which tells libpng not to ignore unknown chunks, but to do something with them. The PNG spec allows for 'unknown' chunks, which are ignored by default, but an application could in theory embed some sort of extra data in a png image, then later get it back out via this mechanism. No packages in Fedora are believed to be affected by this issue, but it's possible that third-party applications could be.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-05-29T00:00:00", "type": "nessus", "title": "Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libpng10", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2008-3979.NASL", "href": "https://www.tenable.com/plugins/nessus/32460", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-3979.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32460);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"FEDORA\", value:\"2008-3979\");\n\n script_name(english:\"Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the way that libpng10 handles unknown zero-length\nchunks, which in previous versions could result in writing to attacker\ncontrolled addresses, depending on how the libpng api is used. To be\naffected, an application would have to call\npng_set_keep_unknown_chunks(), which tells libpng not to ignore\nunknown chunks, but to do something with them. The PNG spec allows for\n'unknown' chunks, which are ignored by default, but an application\ncould in theory embed some sort of extra data in a png image, then\nlater get it back out via this mechanism. No packages in Fedora are\nbelieved to be affected by this issue, but it's possible that\nthird-party applications could be.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=441839\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010603.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3d5c14a3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng10 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libpng10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"libpng10-1.0.37-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng10\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:28", "description": "This update fixes the way that libpng10 handles unknown zero-length chunks, which in previous versions could result in writing to attacker controlled addresses, depending on how the libpng api is used. To be affected, an application would have to call png_set_keep_unknown_chunks(), which tells libpng not to ignore unknown chunks, but to do something with them. The PNG spec allows for 'unknown' chunks, which are ignored by default, but an application could in theory embed some sort of extra data in a png image, then later get it back out via this mechanism. No packages in Fedora are believed to be affected by this issue, but it's possible that third-party applications could be.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-05-29T00:00:00", "type": "nessus", "title": "Fedora 8 : libpng10-1.0.37-1.fc8 (2008-3937)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libpng10", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-3937.NASL", "href": "https://www.tenable.com/plugins/nessus/32459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-3937.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32459);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"FEDORA\", value:\"2008-3937\");\n\n script_name(english:\"Fedora 8 : libpng10-1.0.37-1.fc8 (2008-3937)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the way that libpng10 handles unknown zero-length\nchunks, which in previous versions could result in writing to attacker\ncontrolled addresses, depending on how the libpng api is used. To be\naffected, an application would have to call\npng_set_keep_unknown_chunks(), which tells libpng not to ignore\nunknown chunks, but to do something with them. The PNG spec allows for\n'unknown' chunks, which are ignored by default, but an application\ncould in theory embed some sort of extra data in a png image, then\nlater get it back out via this mechanism. No packages in Fedora are\nbelieved to be affected by this issue, but it's possible that\nthird-party applications could be.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=441839\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010612.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?59e25909\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng10 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libpng10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"libpng10-1.0.37-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng10\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:08:24", "description": "Tavis Ormandy of the Google Security Team discovered a flaw in how libpng handles zero-length unknown chunks in PNG files, which could lead to memory corruption in applications that make use of certain functions (CVE-2008-1382).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : libpng (MDVSA-2008:156)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64png-devel", "p-cpe:/a:mandriva:linux:lib64png-static-devel", "p-cpe:/a:mandriva:linux:lib64png3", "p-cpe:/a:mandriva:linux:lib64png3-devel", "p-cpe:/a:mandriva:linux:lib64png3-static-devel", "p-cpe:/a:mandriva:linux:libpng-devel", "p-cpe:/a:mandriva:linux:libpng-source", "p-cpe:/a:mandriva:linux:libpng-static-devel", "p-cpe:/a:mandriva:linux:libpng3", "p-cpe:/a:mandriva:linux:libpng3-devel", "p-cpe:/a:mandriva:linux:libpng3-static-devel", "cpe:/o:mandriva:linux:2007.1", "cpe:/o:mandriva:linux:2008.0", "cpe:/o:mandriva:linux:2008.1"], "id": "MANDRIVA_MDVSA-2008-156.NASL", "href": "https://www.tenable.com/plugins/nessus/38060", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:156. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38060);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"MDVSA\", value:\"2008:156\");\n\n script_name(english:\"Mandriva Linux Security Advisory : libpng (MDVSA-2008:156)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy of the Google Security Team discovered a flaw in how\nlibpng handles zero-length unknown chunks in PNG files, which could\nlead to memory corruption in applications that make use of certain\nfunctions (CVE-2008-1382).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png3-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng3-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64png3-1.2.13-2.3mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64png3-devel-1.2.13-2.3mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64png3-static-devel-1.2.13-2.3mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libpng3-1.2.13-2.3mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libpng3-devel-1.2.13-2.3mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libpng3-static-devel-1.2.13-2.3mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64png-devel-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64png-static-devel-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64png3-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpng-devel-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"libpng-source-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpng-static-devel-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpng3-1.2.22-0.2mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64png-devel-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64png-static-devel-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64png3-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpng-devel-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libpng-source-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpng-static-devel-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpng3-1.2.25-2.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:15", "description": "Update to new upstream version 1.2.29. Among other bug fixes, this introduces a minor security fix in the handling of unknown chunks - CVE-2008-1382: http://libpng.sourceforge.net/Advisory-1.2.26.txt http://www.ocert.org/advisories/ocert-2008-003.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-06-04T00:00:00", "type": "nessus", "title": "Fedora 9 : libpng-1.2.29-1.fc9 (2008-4910)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libpng", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-4910.NASL", "href": "https://www.tenable.com/plugins/nessus/33081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4910.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33081);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"FEDORA\", value:\"2008-4910\");\n\n script_name(english:\"Fedora 9 : libpng-1.2.29-1.fc9 (2008-4910)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream version 1.2.29. Among other bug fixes, this\nintroduces a minor security fix in the handling of unknown chunks -\nCVE-2008-1382: http://libpng.sourceforge.net/Advisory-1.2.26.txt\nhttp://www.ocert.org/advisories/ocert-2008-003.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://libpng.sourceforge.net/Advisory-1.2.26.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://libpng.sourceforge.io/Advisory-1.2.26.txt\"\n );\n # http://www.ocert.org/advisories/ocert-2008-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2008-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=441839\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/010823.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47eb9967\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"libpng-1.2.29-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:09", "description": "Update to new upstream version 1.2.29. Among other bug fixes, this introduces a minor security fix in the handling of unknown chunks - CVE-2008-1382: http://libpng.sourceforge.net/Advisory-1.2.26.txt http://www.ocert.org/advisories/ocert-2008-003.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-06-04T00:00:00", "type": "nessus", "title": "Fedora 7 : libpng-1.2.29-1.fc7 (2008-4947)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libpng", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2008-4947.NASL", "href": "https://www.tenable.com/plugins/nessus/33082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4947.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33082);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"FEDORA\", value:\"2008-4947\");\n\n script_name(english:\"Fedora 7 : libpng-1.2.29-1.fc7 (2008-4947)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream version 1.2.29. Among other bug fixes, this\nintroduces a minor security fix in the handling of unknown chunks -\nCVE-2008-1382: http://libpng.sourceforge.net/Advisory-1.2.26.txt\nhttp://www.ocert.org/advisories/ocert-2008-003.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://libpng.sourceforge.net/Advisory-1.2.26.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://libpng.sourceforge.io/Advisory-1.2.26.txt\"\n );\n # http://www.ocert.org/advisories/ocert-2008-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2008-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=441839\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/010854.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0750b8d7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"libpng-1.2.29-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:40", "description": "The remote host is affected by the vulnerability described in GLSA-200805-10 (Pngcrush: User-assisted execution of arbitrary code)\n\n It has been reported that Pngcrush includes a copy of libpng that is vulnerable to a memory corruption (GLSA 200804-15).\n Impact :\n\n A remote attacker could entice a user to process a specially crafted PNG image, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2008-05-13T00:00:00", "type": "nessus", "title": "GLSA-200805-10 : Pngcrush: User-assisted execution of arbitrary code", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:pngcrush", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200805-10.NASL", "href": "https://www.tenable.com/plugins/nessus/32301", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200805-10.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32301);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_xref(name:\"GLSA\", value:\"200805-10\");\n\n script_name(english:\"GLSA-200805-10 : Pngcrush: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200805-10\n(Pngcrush: User-assisted execution of arbitrary code)\n\n It has been reported that Pngcrush includes a copy of libpng that is\n vulnerable to a memory corruption (GLSA 200804-15).\n \nImpact :\n\n A remote attacker could entice a user to process a specially crafted\n PNG image, possibly resulting in the execution of arbitrary code with\n the privileges of the user running the application, or a Denial of\n Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200804-15\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200805-10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Pngcrush users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/pngcrush-1.6.4-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pngcrush\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/pngcrush\", unaffected:make_list(\"ge 1.6.4-r1\"), vulnerable:make_list(\"lt 1.6.4-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Pngcrush\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:39", "description": "Specially crafted png files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code.\n(CVE-2008-1382)", "cvss3": {"score": null, "vector": null}, "published": "2008-04-25T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : libpng (ZYPP Patch Number 5181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBPNG-5181.NASL", "href": "https://www.tenable.com/plugins/nessus/32052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32052);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\");\n\n script_name(english:\"SuSE 10 Security Update : libpng (ZYPP Patch Number 5181)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted png files could overwrite arbitrary memory.\nAttackers could potentially exploit that to execute arbitrary code.\n(CVE-2008-1382)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1382.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5181.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libpng-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libpng-devel-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"libpng-32bit-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libpng-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libpng-devel-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"libpng-32bit-1.2.8-19.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.8-19.15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:33", "description": "New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue.", "cvss3": {"score": null, "vector": null}, "published": "2008-05-01T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2008-119-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:libpng", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2008-119-01.NASL", "href": "https://www.tenable.com/plugins/nessus/32083", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2008-119-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32083);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_xref(name:\"SSA\", value:\"2008-119-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2008-119-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, 11.0, 12.0, and -current to fix a security issue.\"\n );\n # ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab70d067\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.541247\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e148e5a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"libpng\", pkgver:\"1.2.27\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:26", "description": "Updated libpng and libpng10 packages that fix a couple of security issues are now available for Red Hat Enterprise Linux 2.1, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to free() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked against libpng, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing 'unknown' chunks. If an application linked against libpng attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 4 : libpng (CESA-2009:0333)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libpng", "p-cpe:/a:centos:centos:libpng-devel", "p-cpe:/a:centos:centos:libpng10", "p-cpe:/a:centos:centos:libpng10-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-0333.NASL", "href": "https://www.tenable.com/plugins/nessus/43731", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0333 and \n# CentOS Errata and Security Advisory 2009:0333 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43731);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_bugtraq_id(28770, 33827);\n script_xref(name:\"RHSA\", value:\"2009:0333\");\n\n script_name(english:\"CentOS 4 : libpng (CESA-2009:0333)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libpng and libpng10 packages that fix a couple of security\nissues are now available for Red Hat Enterprise Linux 2.1, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked\nagainst libpng, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n'unknown' chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could\ncause the application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update\nto take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015812.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?600d1851\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015813.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?512d1628\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015655.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f865a397\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpng10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpng10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"libpng-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpng-1.2.7-3.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"libpng-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"libpng-devel-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpng-devel-1.2.7-3.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"libpng-devel-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"libpng10-1.0.16-3.el4_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpng10-1.0.16-3.c4.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"libpng10-1.0.16-3.el4_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"libpng10-devel-1.0.16-3.el4_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpng10-devel-1.0.16-3.c4.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"libpng10-devel-1.0.16-3.el4_7.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng / libpng-devel / libpng10 / libpng10-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:46", "description": "A flaw was discovered in libpng that could result in libpng trying to free() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked against libpng, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing 'unknown' chunks. If an application linked against libpng attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash. (CVE-2008-1382)\n\nAll running applications using libpng or libpng10 must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090304_LIBPNG_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60539);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n\n script_name(english:\"Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked\nagainst libpng, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n'unknown' chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could\ncause the application to crash. (CVE-2008-1382)\n\nAll running applications using libpng or libpng10 must be restarted\nfor the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0903&L=scientific-linux-errata&T=0&P=192\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5ad1923\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"libpng-1.2.2-29\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"libpng-devel-1.2.2-29\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"libpng10-1.0.13-20\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"libpng10-devel-1.0.13-20\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"libpng-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpng-devel-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpng10-1.0.16-3.el4_7.3\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpng10-devel-1.0.16-3.el4_7.3\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"libpng-1.2.10-7.1.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpng-devel-1.2.10-7.1.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:08:47", "description": "Updated libpng and libpng10 packages that fix a couple of security issues are now available for Red Hat Enterprise Linux 2.1, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to free() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked against libpng, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing 'unknown' chunks. If an application linked against libpng attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2009-03-05T00:00:00", "type": "nessus", "title": "RHEL 2.1 / 4 / 5 : libpng (RHSA-2009:0333)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libpng", "p-cpe:/a:redhat:enterprise_linux:libpng-devel", "p-cpe:/a:redhat:enterprise_linux:libpng10", "p-cpe:/a:redhat:enterprise_linux:libpng10-devel", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0333.NASL", "href": "https://www.tenable.com/plugins/nessus/35775", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0333. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35775);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_bugtraq_id(28770, 33827);\n script_xref(name:\"RHSA\", value:\"2009:0333\");\n\n script_name(english:\"RHEL 2.1 / 4 / 5 : libpng (RHSA-2009:0333)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libpng and libpng10 packages that fix a couple of security\nissues are now available for Red Hat Enterprise Linux 2.1, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked\nagainst libpng, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n'unknown' chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could\ncause the application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0333\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpng10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpng10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0333\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libpng-1.0.14-12\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libpng-devel-1.0.14-12\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"libpng-1.2.7-3.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"libpng-devel-1.2.7-3.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"libpng10-1.0.16-3.el4_7.3\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"libpng10-devel-1.0.16-3.el4_7.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"libpng-1.2.10-7.1.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"libpng-devel-1.2.10-7.1.el5_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng / libpng-devel / libpng10 / libpng10-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:30", "description": "From Red Hat Security Advisory 2009:0333 :\n\nUpdated libpng and libpng10 packages that fix a couple of security issues are now available for Red Hat Enterprise Linux 2.1, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to free() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked against libpng, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing 'unknown' chunks. If an application linked against libpng attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : libpng (ELSA-2009-0333)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libpng", "p-cpe:/a:oracle:linux:libpng-devel", "p-cpe:/a:oracle:linux:libpng10", "p-cpe:/a:oracle:linux:libpng10-devel", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0333.NASL", "href": "https://www.tenable.com/plugins/nessus/67815", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0333 and \n# Oracle Linux Security Advisory ELSA-2009-0333 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67815);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_bugtraq_id(28770, 33827);\n script_xref(name:\"RHSA\", value:\"2009:0333\");\n\n script_name(english:\"Oracle Linux 4 / 5 : libpng (ELSA-2009-0333)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0333 :\n\nUpdated libpng and libpng10 packages that fix a couple of security\nissues are now available for Red Hat Enterprise Linux 2.1, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred.\nIf a carefully-crafted PNG file was loaded by an application linked\nagainst libpng, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n'unknown' chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could\ncause the application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000901.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000903.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpng10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpng10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"libpng-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpng-devel-1.2.7-3.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpng10-1.0.16-3.el4_7.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpng10-devel-1.0.16-3.el4_7.3\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"libpng-1.2.10-7.1.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libpng-devel-1.2.10-7.1.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng / libpng-devel / libpng10 / libpng10-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:06", "description": "a. VMware Descheduled Time Accounting driver vulnerability may cause a denial of service in Windows based virtual machines.\n\n The VMware Descheduled Time Accounting Service is an optional, experimental service that provides improved guest operating system accounting.\n\n This patch fixes a denial of service vulnerability that could be triggered in a virtual machine by an unprivileged, locally logged-on user in the virtual machine.\n\n Virtual machines are affected under the following conditions :\n\n - The virtual machine is running a Windows operating system.\n\n - The VMware Descheduled Time Accounting driver is installed in the virtual machine. Note that this is an optional (non- default) part of the VMware Tools installation.\n\n - The VMware Descheduled Time Accounting Service is not running in the virtual machine\n\n The VMware Descheduled Time Accounting Service is no longer provided in newer versions of VMware Tools, starting with the versions released in Fusion 2.0.2 and ESX 4.0.\n\n However, virtual machines migrated from vulnerable releases will still be vulnerable if the three conditions listed above are met, until their tools are upgraded.\n\n Steps needed to remediate this vulnerability :\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the new version of Workstation, Player, ACE, Server, Fusion (see below for version information)\n - Upgrade tools in the virtual machine (virtual machine users will be prompted to upgrade).\n\n Guest systems on ESX 3.5, ESXi 3.5, ESX 3.0.2, ESX 3.0.3\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine users will not be prompted to upgrade). Note the VI Client will not show the VMware tools is out of date in the summary tab.\n Please see http://tinyurl.com/27mpjo page 80 for details.\n\n Guests systems on ESX 4.0 and ESXi 4.0 that have been migrated from ESX 3.5, ESXi 3.5, and ESX 3.0.x\n - Install/upgrade the new tools in the virtual machine (virtual machine users will be prompted to upgrade).\n\n If the Descheduled Time Accounting driver was installed, the tools upgrade will result in an updated driver for Workstation, Player, ACE, Server, ESX 3.0.2, ESX 3.0.3, ESX 3.5, ESXi 3.5. For Fusion, ESX 4.0, and ESXi 4.0 the tools upgrade will result in the removal of the driver.\n\n VMware would like to thank Nikita Tarakanov for reporting this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-1805 to this issue.\n\nb. Updated libpng package for the ESX 2.5.5 Service Console\n\n The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.\n\n A flaw was discovered in libpng that could result in libpng trying to free() random memory if certain, unlikely error conditions occurred. If a carefully-crafted PNG file was loaded by an application linked against libpng, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.\n\n A flaw was discovered in the way libpng handled PNG images containing 'unknown' chunks. If an application linked against libpng attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-0040 and CVE-2008-1382 to these issues.\n\n The VMware version number of libpng after applying the update is libpng-1.0.14-12.i386.rpm.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-27T00:00:00", "type": "nessus", "title": "VMSA-2009-0007 : VMware Hosted products and ESX and ESXi patches resolve security issues", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040", "CVE-2009-1805"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:2.5.5", "cpe:/o:vmware:esx:3.0.2", "cpe:/o:vmware:esx:3.0.3"], "id": "VMWARE_VMSA-2009-0007.NASL", "href": "https://www.tenable.com/plugins/nessus/40392", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2009-0007. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40392);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\", \"CVE-2009-1805\");\n script_bugtraq_id(28770, 33827);\n script_xref(name:\"VMSA\", value:\"2009-0007\");\n\n script_name(english:\"VMSA-2009-0007 : VMware Hosted products and ESX and ESXi patches resolve security issues\");\n script_summary(english:\"Checks esxupdate output for the patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote VMware ESX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"a. VMware Descheduled Time Accounting driver vulnerability may cause a\n denial of service in Windows based virtual machines.\n\n The VMware Descheduled Time Accounting Service is an optional,\n experimental service that provides improved guest operating system\n accounting.\n\n This patch fixes a denial of service vulnerability that could be\n triggered in a virtual machine by an unprivileged, locally\n logged-on user in the virtual machine.\n\n Virtual machines are affected under the following conditions :\n\n - The virtual machine is running a Windows operating system.\n\n - The VMware Descheduled Time Accounting driver is installed\n in the virtual machine. Note that this is an optional (non-\n default) part of the VMware Tools installation.\n\n - The VMware Descheduled Time Accounting Service is not running\n in the virtual machine\n\n The VMware Descheduled Time Accounting Service is no longer provided\n in newer versions of VMware Tools, starting with the versions\n released in Fusion 2.0.2 and ESX 4.0.\n\n However, virtual machines migrated from vulnerable releases will\n still be vulnerable if the three conditions listed above are met,\n until their tools are upgraded.\n\n Steps needed to remediate this vulnerability :\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the new version of Workstation, Player, ACE, Server,\n Fusion (see below for version information)\n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade).\n\n Guest systems on ESX 3.5, ESXi 3.5, ESX 3.0.2, ESX 3.0.3\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab.\n Please see http://tinyurl.com/27mpjo page 80 for details.\n\n Guests systems on ESX 4.0 and ESXi 4.0 that have been migrated from\n ESX 3.5, ESXi 3.5, and ESX 3.0.x\n - Install/upgrade the new tools in the virtual machine (virtual\n machine users will be prompted to upgrade).\n\n If the Descheduled Time Accounting driver was installed, the tools\n upgrade will result in an updated driver for Workstation, Player,\n ACE, Server, ESX 3.0.2, ESX 3.0.3, ESX 3.5, ESXi 3.5. For Fusion,\n ESX 4.0, and ESXi 4.0 the tools upgrade will result in the removal\n of the driver.\n\n VMware would like to thank Nikita Tarakanov for reporting this\n issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-1805 to this issue.\n\nb. Updated libpng package for the ESX 2.5.5 Service Console\n\n The libpng packages contain a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files.\n\n A flaw was discovered in libpng that could result in libpng trying\n to free() random memory if certain, unlikely error conditions\n occurred. If a carefully-crafted PNG file was loaded by an\n application linked against libpng, it could cause the application\n to crash or, potentially, execute arbitrary code with the\n privileges of the user running the application.\n\n A flaw was discovered in the way libpng handled PNG images\n containing 'unknown' chunks. If an application linked against libpng\n attempted to process a malformed, unknown chunk in a malicious PNG\n image, it could cause the application to crash.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-0040 and CVE-2008-1382 to these\n issues.\n\n The VMware version number of libpng after applying the update is\n libpng-1.0.14-12.i386.rpm.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2009/000057.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:2.5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2009-05-28\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 2.5.5\", patch:\"13\")) flag++;\n\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1008420\")) flag++;\n\nif (\n esx_check(\n ver : \"ESX 3.0.3\",\n patch : \"ESX303-200905401-SG\",\n patch_updates : make_list(\"ESX303-201002203-UG\", \"ESX303-Update01\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:09:10", "description": "The remote host is affected by the vulnerability described in GLSA-200812-15 (POV-Ray: User-assisted execution of arbitrary code)\n\n POV-Ray uses a statically linked copy of libpng to view and output PNG files. The version shipped with POV-Ray is vulnerable to CVE-2008-3964, CVE-2008-1382, CVE-2006-3334, CVE-2006-0481, CVE-2004-0768. A bug in POV-Ray's build system caused it to load the old version when your installed copy of libpng was >=media-libs/libpng-1.2.10.\n Impact :\n\n An attacker could entice a user to load a specially crafted PNG file as a texture, resulting in the execution of arbitrary code with the permissions of the user running the application.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2008-12-15T00:00:00", "type": "nessus", "title": "GLSA-200812-15 : POV-Ray: User-assisted execution of arbitrary code", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2004-0768", "CVE-2006-0481", "CVE-2006-3334", "CVE-2008-1382", "CVE-2008-3964"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:povray", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200812-15.NASL", "href": "https://www.tenable.com/plugins/nessus/35107", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200812-15.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35107);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0768\", \"CVE-2006-0481\", \"CVE-2006-3334\", \"CVE-2008-1382\", \"CVE-2008-3964\");\n script_bugtraq_id(18698, 28770);\n script_xref(name:\"GLSA\", value:\"200812-15\");\n\n script_name(english:\"GLSA-200812-15 : POV-Ray: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200812-15\n(POV-Ray: User-assisted execution of arbitrary code)\n\n POV-Ray uses a statically linked copy of libpng to view and output PNG\n files. The version shipped with POV-Ray is vulnerable to CVE-2008-3964,\n CVE-2008-1382, CVE-2006-3334, CVE-2006-0481, CVE-2004-0768. A bug in\n POV-Ray's build system caused it to load the old version when your\n installed copy of libpng was >=media-libs/libpng-1.2.10.\n \nImpact :\n\n An attacker could entice a user to load a specially crafted PNG file as\n a texture, resulting in the execution of arbitrary code with the\n permissions of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200812-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All POV-Ray users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/povray-3.6.1-r4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:povray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/15\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/povray\", unaffected:make_list(\"ge 3.6.1-r4\"), vulnerable:make_list(\"lt 3.6.1-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"POV-Ray\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:08:30", "description": "It was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. (CVE-2007-5268, CVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize memory. If a user or automated system were tricked into opening a crafted PNG image, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue did not affect Ubuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker could could cause an application crash in programs using pngtest.\n(CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a keyword string. An attacker could exploit this to set arbitrary memory locations to zero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly initialize pointers. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0040).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2008-5907", "CVE-2009-0040"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libpng12-0", "p-cpe:/a:canonical:ubuntu_linux:libpng12-dev", "p-cpe:/a:canonical:ubuntu_linux:libpng3", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-730-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37042", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-730-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37042);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2008-5907\", \"CVE-2009-0040\");\n script_bugtraq_id(25956, 28276, 28770, 33827);\n script_xref(name:\"USN\", value:\"730-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libpng did not properly perform bounds checking\nin certain operations. An attacker could send a specially crafted PNG\nimage and cause a denial of service in applications linked against\nlibpng. This issue only affected Ubuntu 8.04 LTS. (CVE-2007-5268,\nCVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize\nmemory. If a user or automated system were tricked into opening a\ncrafted PNG image, an attacker could cause a denial of service via\napplication crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue did not affect\nUbuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker\ncould could cause an application crash in programs using pngtest.\n(CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a\nkeyword string. An attacker could exploit this to set arbitrary memory\nlocations to zero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly\ninitialize pointers. If a user or automated system were tricked into\nopening a crafted PNG file, an attacker could cause a denial of\nservice or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2009-0040).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/730-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libpng12-0, libpng12-dev and / or libpng3\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpng12-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpng12-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpng3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpng12-0\", pkgver:\"1.2.8rel-5ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpng12-dev\", pkgver:\"1.2.8rel-5ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpng3\", pkgver:\"1.2.8rel-5ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpng12-0\", pkgver:\"1.2.15~beta5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpng12-dev\", pkgver:\"1.2.15~beta5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpng3\", pkgver:\"1.2.15~beta5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpng12-0\", pkgver:\"1.2.15~beta5-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpng12-dev\", pkgver:\"1.2.15~beta5-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpng3\", pkgver:\"1.2.15~beta5-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpng12-0\", pkgver:\"1.2.27-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpng12-dev\", pkgver:\"1.2.27-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpng3\", pkgver:\"1.2.27-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng12-0 / libpng12-dev / libpng3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:08:50", "description": "Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-2445 The png_handle_tRNS function allows attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.\n\n - CVE-2007-5269 Certain chunk handlers allow attackers to cause a denial of service (crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG images, which trigger out-of-bounds read operations.\n\n - CVE-2008-1382 libpng allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length 'unknown' chunks, which trigger an access of uninitialized memory.\n\n - CVE-2008-5907 The png_check_keyword might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords.\n\n - CVE-2008-6218 A memory leak in the png_handle_tEXt function allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.\n\n - CVE-2009-0040 libpng allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.", "cvss3": {"score": null, "vector": null}, "published": "2009-03-23T00:00:00", "type": "nessus", "title": "Debian DSA-1750-1 : libpng - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2009-0040"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libpng", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1750.NASL", "href": "https://www.tenable.com/plugins/nessus/35988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1750. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35988);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_bugtraq_id(25956, 28276, 28770, 31920, 33827, 33990);\n script_xref(name:\"DSA\", value:\"1750\");\n\n script_name(english:\"Debian DSA-1750-1 : libpng - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2007-2445\n The png_handle_tRNS function allows attackers to cause a\n denial of service (application crash) via a grayscale\n PNG image with a bad tRNS chunk CRC value.\n\n - CVE-2007-5269\n Certain chunk handlers allow attackers to cause a denial\n of service (crash) via crafted pCAL, sCAL, tEXt, iTXt,\n and ztXT chunking in PNG images, which trigger\n out-of-bounds read operations.\n\n - CVE-2008-1382\n libpng allows context-dependent attackers to cause a\n denial of service (crash) and possibly execute arbitrary\n code via a PNG file with zero length 'unknown' chunks,\n which trigger an access of uninitialized memory.\n\n - CVE-2008-5907\n The png_check_keyword might allow context-dependent\n attackers to set the value of an arbitrary memory\n location to zero via vectors involving creation of\n crafted PNG files with keywords.\n\n - CVE-2008-6218\n A memory leak in the png_handle_tEXt function allows\n context-dependent attackers to cause a denial of service\n (memory exhaustion) via a crafted PNG file.\n\n - CVE-2009-0040\n libpng allows context-dependent attackers to cause a\n denial of service (application crash) or possibly\n execute arbitrary code via a crafted PNG file that\n triggers a free of an uninitialized pointer in (1) the\n png_read_png function, (2) pCAL chunk handling, or (3)\n setup of 16-bit gamma tables.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-5269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-6218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1750\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libpng packages.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libpng12-0\", reference:\"1.2.15~beta5-1+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpng12-dev\", reference:\"1.2.15~beta5-1+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpng3\", reference:\"1.2.15~beta5-1+etch2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpng12-0\", reference:\"1.2.27-2+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpng12-dev\", reference:\"1.2.27-2+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpng3\", reference:\"1.2.27-2+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:33:05", "description": "SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Jun/15/17", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 137080-09", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:137080", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_137080-09.NASL", "href": "https://www.tenable.com/plugins/nessus/107484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107484);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (sparc) : 137080-09\");\n script_summary(english:\"Check for patch 137080-09\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 137080-09\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Jun/15/17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137080-09\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 137080-09 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-1382\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:137080\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-09\", obsoleted_by:\"\", package:\"SUNWpng-devel\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-09\", obsoleted_by:\"\", package:\"SUNWpng\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-09\", obsoleted_by:\"\", package:\"SUNWpngS\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWpng / SUNWpng-devel / SUNWpngS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:10:59", "description": "SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Sep/11/17\n\nThis plugin has been deprecated and either replaced with individual 137081 patch-revision plugins, or deemed non-security related.", "cvss3": {"score": null, "vector": null}, "published": "2008-03-04T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 137081-11 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS10_X86_137081.NASL", "href": "https://www.tenable.com/plugins/nessus/31337", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31337);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (x86) : 137081-11 (deprecated)\");\n script_summary(english:\"Check for patch 137081-11\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Sep/11/17\n\nThis plugin has been deprecated and either replaced with individual\n137081 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137081-11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 137081 instead.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:33:31", "description": "SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Jul/17/17", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 137080-10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:137080", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_137080-10.NASL", "href": "https://www.tenable.com/plugins/nessus/107485", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107485);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (sparc) : 137080-10\");\n script_summary(english:\"Check for patch 137080-10\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 137080-10\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Jul/17/17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137080-10\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 137080-10 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-1382\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:137080\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-10\", obsoleted_by:\"\", package:\"SUNWpng-devel\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-10\", obsoleted_by:\"\", package:\"SUNWpng\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-10\", obsoleted_by:\"\", package:\"SUNWpngS\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWpng / SUNWpng-devel / SUNWpngS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:57", "description": "SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Jul/18/12", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 137081-07", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:137081", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_137081-07.NASL", "href": "https://www.tenable.com/plugins/nessus/107981", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107981);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (x86) : 137081-07\");\n script_summary(english:\"Check for patch 137081-07\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 137081-07\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Jul/18/12\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137081-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 137081-07 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-1382\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:137081\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-07\", obsoleted_by:\"\", package:\"SUNWpng-devel\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-07\", obsoleted_by:\"\", package:\"SUNWpng\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-07\", obsoleted_by:\"\", package:\"SUNWpngS\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWpng / SUNWpng-devel / SUNWpngS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:33:19", "description": "SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Jul/17/17", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 137081-10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:137081", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_137081-10.NASL", "href": "https://www.tenable.com/plugins/nessus/107983", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107983);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (x86) : 137081-10\");\n script_summary(english:\"Check for patch 137081-10\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 137081-10\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Jul/17/17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137081-10\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 137081-10 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-1382\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:137081\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-10\", obsoleted_by:\"\", package:\"SUNWpng-devel\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-10\", obsoleted_by:\"\", package:\"SUNWpng\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-10\", obsoleted_by:\"\", package:\"SUNWpngS\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWpng / SUNWpng-devel / SUNWpngS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:57", "description": "SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Jun/15/17", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 137081-09", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:137081", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_137081-09.NASL", "href": "https://www.tenable.com/plugins/nessus/107982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107982);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (x86) : 137081-09\");\n script_summary(english:\"Check for patch 137081-09\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 137081-09\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: libpng Patch.\nDate this patch was last updated by Sun : Jun/15/17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137081-09\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 137081-09 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-1382\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:137081\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-09\", obsoleted_by:\"\", package:\"SUNWpng-devel\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-09\", obsoleted_by:\"\", package:\"SUNWpng\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"137081-09\", obsoleted_by:\"\", package:\"SUNWpngS\", version:\"20.2.6.0,REV=10.0.3.2004.12.16.14.42\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWpng / SUNWpng-devel / SUNWpngS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:33:22", "description": "SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Jul/18/12", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 137080-07", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:137080", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_137080-07.NASL", "href": "https://www.tenable.com/plugins/nessus/107483", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107483);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (sparc) : 137080-07\");\n script_summary(english:\"Check for patch 137080-07\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 137080-07\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Jul/18/12\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137080-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 137080-07 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-1382\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:137080\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-07\", obsoleted_by:\"\", package:\"SUNWpng-devel\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-07\", obsoleted_by:\"\", package:\"SUNWpng\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"137080-07\", obsoleted_by:\"\", package:\"SUNWpngS\", version:\"20.2.6.0,REV=10.0.3.2004.12.15.14.11\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWpng / SUNWpng-devel / SUNWpngS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:11:11", "description": "SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Sep/11/17\n\nThis plugin has been deprecated and either replaced with individual 137080 patch-revision plugins, or deemed non-security related.", "cvss3": {"score": null, "vector": null}, "published": "2008-03-04T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 137080-11 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2445", "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-3964", "CVE-2009-0040"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS10_137080.NASL", "href": "https://www.tenable.com/plugins/nessus/31333", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31333);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2009-0040\");\n\n script_name(english:\"Solaris 10 (sparc) : 137080-11 (deprecated)\");\n script_summary(english:\"Check for patch 137080-11\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"SunOS 5.10: libpng Patch.\nDate this patch was last updated by Sun : Sep/11/17\n\nThis plugin has been deprecated and either replaced with individual\n137080 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/137080-11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 137080 instead.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:29", "description": "The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010)\n\n Vulnerabilities have been discovered in the packages listed below.\n Please review the CVE identifiers in the Reference section for details.\n Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact :\n\n A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions.\n Workaround :\n\n There are no known workarounds at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3005", "CVE-2007-2741", "CVE-2008-0553", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2008-6661", "CVE-2009-0040", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-0946", "CVE-2009-2042", "CVE-2009-2624", "CVE-2009-3736", "CVE-2009-4029", "CVE-2009-4411", "CVE-2009-4896", "CVE-2010-0001", "CVE-2010-0436", "CVE-2010-0732", "CVE-2010-0829", "CVE-2010-1000", "CVE-2010-1205", "CVE-2010-1511", "CVE-2010-2056", "CVE-2010-2060", "CVE-2010-2192", "CVE-2010-2251", "CVE-2010-2529", "CVE-2010-2809", "CVE-2010-2945"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:acl", "p-cpe:/a:gentoo:linux:beanstalkd", "p-cpe:/a:gentoo:linux:bitdefender-console", "p-cpe:/a:gentoo:linux:dvbstreamer", "p-cpe:/a:gentoo:linux:dvipng", "p-cpe:/a:gentoo:linux:gtk%2b", "p-cpe:/a:gentoo:linux:gv", "p-cpe:/a:gentoo:linux:gzip", "p-cpe:/a:gentoo:linux:insight", "p-cpe:/a:gentoo:linux:iputils", "p-cpe:/a:gentoo:linux:kdm", "p-cpe:/a:gentoo:linux:kget", "p-cpe:/a:gentoo:linux:lftp", "p-cpe:/a:gentoo:linux:liblzw", "p-cpe:/a:gentoo:linux:m4", "p-cpe:/a:gentoo:linux:mlmmj", "p-cpe:/a:gentoo:linux:ncompress", "p-cpe:/a:gentoo:linux:pam_krb5", "p-cpe:/a:gentoo:linux:partimage", "p-cpe:/a:gentoo:linux:perl-tk", "p-cpe:/a:gentoo:linux:pmount", "p-cpe:/a:gentoo:linux:slim", "p-cpe:/a:gentoo:linux:sourcenav", "p-cpe:/a:gentoo:linux:splashutils", "p-cpe:/a:gentoo:linux:tk", "p-cpe:/a:gentoo:linux:uzbl", "p-cpe:/a:gentoo:linux:xinit", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-08.NASL", "href": "https://www.tenable.com/plugins/nessus/79961", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-08.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79961);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-3005\", \"CVE-2007-2741\", \"CVE-2008-0553\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2008-6661\", \"CVE-2009-0040\", \"CVE-2009-0360\", \"CVE-2009-0361\", \"CVE-2009-0946\", \"CVE-2009-2042\", \"CVE-2009-2624\", \"CVE-2009-3736\", \"CVE-2009-4029\", \"CVE-2009-4411\", \"CVE-2009-4896\", \"CVE-2010-0001\", \"CVE-2010-0436\", \"CVE-2010-0732\", \"CVE-2010-0829\", \"CVE-2010-1000\", \"CVE-2010-1205\", \"CVE-2010-1511\", \"CVE-2010-2056\", \"CVE-2010-2060\", \"CVE-2010-2192\", \"CVE-2010-2251\", \"CVE-2010-2529\", \"CVE-2010-2809\", \"CVE-2010-2945\");\n script_bugtraq_id(24001, 27655, 28770, 31920, 32751, 33740, 33741, 33827, 33990, 34550, 35233, 37128, 37378, 37455, 37886, 37888, 38211, 39467, 39969, 40141, 40426, 40516, 40939, 41174, 41841, 41911, 42297, 43728);\n script_xref(name:\"GLSA\", value:\"201412-08\");\n\n script_name(english:\"GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-08\n(Multiple packages, Multiple vulnerabilities fixed in 2010)\n\n Vulnerabilities have been discovered in the packages listed below.\n Please review the CVE identifiers in the Reference section for details.\n Insight\n Perl Tk Module\n Source-Navigator\n Tk\n Partimage\n Mlmmj\n acl\n Xinit\n gzip\n ncompress\n liblzw\n splashutils\n GNU M4\n KDE Display Manager\n GTK+\n KGet\n dvipng\n Beanstalk\n Policy Mount\n pam_krb5\n GNU gv\n LFTP\n Uzbl\n Slim\n Bitdefender Console\n iputils\n DVBStreamer\n \nImpact :\n\n A context-dependent attacker may be able to gain escalated privileges,\n execute arbitrary code, cause Denial of Service, obtain sensitive\n information, or otherwise bypass security restrictions.\n \nWorkaround :\n\n There are no known workarounds at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-08\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Insight users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/insight-6.7.1-r1'\n All Perl Tk Module users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-perl/perl-tk-804.028-r2'\n All Source-Navigator users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/sourcenav-5.1.4'\n All Tk users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/tk-8.4.18-r1'\n All Partimage users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-block/partimage-0.6.8'\n All Mlmmj users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/mlmmj-1.2.17.1'\n All acl users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/acl-2.2.49'\n All Xinit users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-apps/xinit-1.2.0-r4'\n All gzip users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.4'\n All ncompress users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/ncompress-4.2.4.3'\n All liblzw users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/liblzw-0.2'\n All splashutils users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=media-gfx/splashutils-1.5.4.3-r3'\n All GNU M4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-devel/m4-1.4.14-r1'\n All KDE Display Manager users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdm-4.3.5-r1'\n All GTK+ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/gtk+-2.18.7'\n All KGet 4.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kget-4.3.5-r1'\n All dvipng users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/dvipng-1.13'\n All Beanstalk users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-misc/beanstalkd-1.4.6'\n All Policy Mount users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/pmount-0.9.23'\n All pam_krb5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-auth/pam_krb5-4.3'\n All GNU gv users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/gv-3.7.1'\n All LFTP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-ftp/lftp-4.0.6'\n All Uzbl users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/uzbl-2010.08.05'\n All Slim users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-misc/slim-1.3.2'\n All iputils users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/iputils-20100418'\n All DVBStreamer users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-tv/dvbstreamer-1.1-r1'\n Gentoo has discontinued support for Bitdefender Console. We recommend\n that users unmerge Bitdefender Console:\n # emerge --unmerge 'app-antivirus/bitdefender-console'\n NOTE: This is a legacy GLSA. Updates for all affected architectures have\n been available since 2011. It is likely that your system is already no\n longer affected by these issues.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:acl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:beanstalkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bitdefender-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dvbstreamer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dvipng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gtk+\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:insight\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:iputils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kget\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:liblzw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:m4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mlmmj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ncompress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pam_krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:partimage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:perl-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pmount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:slim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sourcenav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:splashutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:uzbl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/gzip\", unaffected:make_list(\"ge 1.4\"), vulnerable:make_list(\"lt 1.4\"))) flag++;\nif (qpkg_check(package:\"kde-base/kget\", unaffected:make_list(\"ge 4.3.5-r1\"), vulnerable:make_list(\"lt 4.3.5-r1\"))) flag++;\nif (qpkg_check(package:\"dev-libs/liblzw\", unaffected:make_list(\"ge 0.2\"), vulnerable:make_list(\"lt 0.2\"))) flag++;\nif (qpkg_check(package:\"kde-base/kdm\", unaffected:make_list(\"ge 4.3.5-r1\"), vulnerable:make_list(\"lt 4.3.5-r1\"))) flag++;\nif (qpkg_check(package:\"app-text/dvipng\", unaffected:make_list(\"ge 1.13\"), vulnerable:make_list(\"lt 1.13\"))) flag++;\nif (qpkg_check(package:\"x11-apps/xinit\", unaffected:make_list(\"ge 1.2.0-r4\"), vulnerable:make_list(\"lt 1.2.0-r4\"))) flag++;\nif (qpkg_check(package:\"net-ftp/lftp\", unaffected:make_list(\"ge 4.0.6\"), vulnerable:make_list(\"lt 4.0.6\"))) flag++;\nif (qpkg_check(package:\"net-mail/mlmmj\", unaffected:make_list(\"ge 1.2.17.1\"), vulnerable:make_list(\"lt 1.2.17.1\"))) flag++;\nif (qpkg_check(package:\"sys-apps/pmount\", unaffected:make_list(\"ge 0.9.23\"), vulnerable:make_list(\"lt 0.9.23\"))) flag++;\nif (qpkg_check(package:\"sys-block/partimage\", unaffected:make_list(\"ge 0.6.8\"), vulnerable:make_list(\"lt 0.6.8\"))) flag++;\nif (qpkg_check(package:\"sys-apps/acl\", unaffected:make_list(\"ge 2.2.49\"), vulnerable:make_list(\"lt 2.2.49\"))) flag++;\nif (qpkg_check(package:\"app-arch/ncompress\", unaffected:make_list(\"ge 4.2.4.3\"), vulnerable:make_list(\"lt 4.2.4.3\"))) flag++;\nif (qpkg_check(package:\"media-gfx/splashutils\", unaffected:make_list(\"ge 1.5.4.3-r3\"), vulnerable:make_list(\"lt 1.5.4.3-r3\"))) flag++;\nif (qpkg_check(package:\"www-client/uzbl\", unaffected:make_list(\"ge 2010.08.05\"), vulnerable:make_list(\"lt 2010.08.05\"))) flag++;\nif (qpkg_check(package:\"dev-util/insight\", unaffected:make_list(\"ge 6.7.1-r1\"), vulnerable:make_list(\"lt 6.7.1-r1\"))) flag++;\nif (qpkg_check(package:\"sys-devel/m4\", unaffected:make_list(\"ge 1.4.14-r1\"), vulnerable:make_list(\"lt 1.4.14-r1\"))) flag++;\nif (qpkg_check(package:\"app-antivirus/bitdefender-console\", unaffected:make_list(), vulnerable:make_list(\"le 7.1\"))) flag++;\nif (qpkg_check(package:\"app-text/gv\", unaffected:make_list(\"ge 3.7.1\"), vulnerable:make_list(\"lt 3.7.1\"))) flag++;\nif (qpkg_check(package:\"media-tv/dvbstreamer\", unaffected:make_list(\"ge 1.1-r1\"), vulnerable:make_list(\"lt 1.1-r1\"))) flag++;\nif (qpkg_check(package:\"app-misc/beanstalkd\", unaffected:make_list(\"ge 1.4.6\"), vulnerable:make_list(\"lt 1.4.6\"))) flag++;\nif (qpkg_check(package:\"net-misc/iputils\", unaffected:make_list(\"ge 20100418\"), vulnerable:make_list(\"lt 20100418\"))) flag++;\nif (qpkg_check(package:\"dev-util/sourcenav\", unaffected:make_list(\"ge 5.1.4\"), vulnerable:make_list(\"lt 5.1.4\"))) flag++;\nif (qpkg_check(package:\"x11-libs/gtk+\", unaffected:make_list(\"ge 2.18.7\"), vulnerable:make_list(\"lt 2.18.7\"))) flag++;\nif (qpkg_check(package:\"sys-auth/pam_krb5\", unaffected:make_list(\"ge 4.3\"), vulnerable:make_list(\"lt 4.3\"))) flag++;\nif (qpkg_check(package:\"dev-lang/tk\", unaffected:make_list(\"ge 8.4.18-r1\"), vulnerable:make_list(\"lt 8.4.18-r1\"))) flag++;\nif (qpkg_check(package:\"x11-misc/slim\", unaffected:make_list(\"ge 1.3.2\"), vulnerable:make_list(\"lt 1.3.2\"))) flag++;\nif (qpkg_check(package:\"dev-perl/perl-tk\", unaffected:make_list(\"ge 804.028-r2\"), vulnerable:make_list(\"lt 804.028-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-arch/gzip / kde-base/kget / dev-libs/liblzw / kde-base/kdm / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:30:24", "description": "The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.5. \n\nMac OS X 10.5.5 contains security fixes for a number of programs.", "cvss3": {"score": null, "vector": null}, "published": "2008-09-16T00:00:00", "type": "nessus", "title": "Mac OS X 10.5.x < 10.5.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0314", "CVE-2008-1100", "CVE-2008-1382", "CVE-2008-1387", "CVE-2008-1447", "CVE-2008-1483", "CVE-2008-1657", "CVE-2008-1833", "CVE-2008-1835", "CVE-2008-1836", "CVE-2008-1837", "CVE-2008-2305", "CVE-2008-2312", "CVE-2008-2327", "CVE-2008-2329", "CVE-2008-2330", "CVE-2008-2331", "CVE-2008-2332", "CVE-2008-2376", "CVE-2008-2713", "CVE-2008-3215", "CVE-2008-3608", "CVE-2008-3609", "CVE-2008-3610", "CVE-2008-3611", "CVE-2008-3613", "CVE-2008-3614", "CVE-2008-3616", "CVE-2008-3617", "CVE-2008-3618", "CVE-2008-3619", "CVE-2008-3621", "CVE-2008-3622"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_5_5.NASL", "href": "https://www.tenable.com/plugins/nessus/34211", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34211);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2008-0314\", \n \"CVE-2008-1100\", \n \"CVE-2008-1382\", \n \"CVE-2008-1387\", \n \"CVE-2008-1447\",\n \"CVE-2008-1483\", \n \"CVE-2008-1657\", \n \"CVE-2008-1833\", \n \"CVE-2008-1835\", \n \"CVE-2008-1836\",\n \"CVE-2008-1837\", \n \"CVE-2008-2305\", \n \"CVE-2008-2312\", \n \"CVE-2008-2327\", \n \"CVE-2008-2329\",\n \"CVE-2008-2330\", \n \"CVE-2008-2331\", \n \"CVE-2008-2332\", \n \"CVE-2008-2376\", \n \"CVE-2008-2713\",\n \"CVE-2008-3215\", \n \"CVE-2008-3608\", \n \"CVE-2008-3609\", \n \"CVE-2008-3610\", \n \"CVE-2008-3611\",\n \"CVE-2008-3613\", \n \"CVE-2008-3614\", \n \"CVE-2008-3616\", \n \"CVE-2008-3617\", \n \"CVE-2008-3618\",\n \"CVE-2008-3619\", \n \"CVE-2008-3621\", \n \"CVE-2008-3622\"\n );\n script_bugtraq_id(\n 28444, \n 28531, \n 28756, \n 28770, \n 28784, \n 29750, \n 30131, \n 30832, \n 31086, \n 31189\n );\n script_xref(name:\"IAVA\", value:\"2008-A-0045\");\n\n script_name(english:\"Mac OS X 10.5.x < 10.5.5 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.5.x that is prior\nto 10.5.5. \n\nMac OS X 10.5.5 contains security fixes for a number of programs.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3137\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Sep/msg00005.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.5.5 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79, 119, 189, 200, 255, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/09/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2008/09/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) os = get_kb_item(\"Host/OS\");\nif (!os) exit(0);\n\nif (ereg(pattern:\"Mac OS X 10\\.5\\.[0-4]([^0-9]|$)\", string:os)) security_hole(0);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:30:34", "description": "The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-006 applied. \n\nThis update contains security fixes for a number of programs.", "cvss3": {"score": null, "vector": null}, "published": "2008-09-16T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2008-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0314", "CVE-2008-1100", "CVE-2008-1382", "CVE-2008-1387", "CVE-2008-1447", "CVE-2008-1483", "CVE-2008-1657", "CVE-2008-1833", "CVE-2008-1835", "CVE-2008-1836", "CVE-2008-1837", "CVE-2008-2305", "CVE-2008-2312", "CVE-2008-2327", "CVE-2008-2329", "CVE-2008-2330", "CVE-2008-2331", "CVE-2008-2332", "CVE-2008-2376", "CVE-2008-2713", "CVE-2008-3215", "CVE-2008-3608", "CVE-2008-3609", "CVE-2008-3610", "CVE-2008-3611", "CVE-2008-3613", "CVE-2008-3614", "CVE-2008-3616", "CVE-2008-3617", "CVE-2008-3618", "CVE-2008-3619", "CVE-2008-3621", "CVE-2008-3622"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2008-006.NASL", "href": "https://www.tenable.com/plugins/nessus/34210", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34210);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2008-0314\", \n \"CVE-2008-1100\", \n \"CVE-2008-1382\", \n \"CVE-2008-1387\", \n \"CVE-2008-1447\",\n \"CVE-2008-1483\", \n \"CVE-2008-1657\", \n \"CVE-2008-1833\", \n \"CVE-2008-1835\", \n \"CVE-2008-1836\",\n \"CVE-2008-1837\", \n \"CVE-2008-2305\", \n \"CVE-2008-2312\", \n \"CVE-2008-2327\", \n \"CVE-2008-2329\",\n \"CVE-2008-2330\", \n \"CVE-2008-2331\", \n \"CVE-2008-2332\", \n \"CVE-2008-2376\", \n \"CVE-2008-2713\",\n \"CVE-2008-3215\", \n \"CVE-2008-3608\", \n \"CVE-2008-3609\", \n \"CVE-2008-3610\", \n \"CVE-2008-3611\",\n \"CVE-2008-3613\", \n \"CVE-2008-3614\", \n \"CVE-2008-3616\", \n \"CVE-2008-3617\", \n \"CVE-2008-3618\",\n \"CVE-2008-3619\", \n \"CVE-2008-3621\", \n \"CVE-2008-3622\"\n );\n script_bugtraq_id(\n 28444, \n 28531, \n 28756, \n 28770, \n 28784, \n 29750, \n 30131, \n 30832, \n 31189\n );\n script_xref(name:\"IAVA\", value:\"2008-A-0045\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2008-006)\");\n script_summary(english:\"Check for the presence of Security Update 2008-006\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.4 that does not\nhave the security update 2008-006 applied. \n\nThis update contains security fixes for a number of programs.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3137\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Sep/msg00005.html\" ); \n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2008-006 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79, 119, 189, 200, 255, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/09/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2008/09/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(0);\n\nif (egrep(pattern:\"Darwin.* (8\\.[0-9]\\.|8\\.1[01]\\.)\", string:uname))\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if (!packages) exit(0);\n\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2008-00[6-8]|2009-|20[1-9][0-9]-)\", string:packages))\n security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:36", "description": "The remote host is running a version of Mac OS X 10.5 that is older than version 10.5.5. Mac OS X 10.5.5 contains security fixes for a number of programs.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2008-09-16T00:00:00", "type": "nessus", "title": "Mac OS X < 10.5.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1447", "CVE-2008-1483", "CVE-2008-1657", "CVE-2008-2376", "CVE-2008-2327", "CVE-2008-1382", "CVE-2008-3613", "CVE-2008-2713", "CVE-2008-3627", "CVE-2008-3610", "CVE-2008-1387", "CVE-2008-1833", "CVE-2008-3626", "CVE-2008-0314", "CVE-2008-1836", "CVE-2008-1837", "CVE-2008-1835", "CVE-2008-3608", "CVE-2008-3609", "CVE-2008-3611", "CVE-2008-3616", "CVE-2008-3617", "CVE-2008-3618", "CVE-2008-3619", "CVE-2008-3621", "CVE-2008-3622", "CVE-2008-2305", "CVE-2008-2329", "CVE-2008-2330", "CVE-2008-2331", "CVE-2008-2332", "CVE-2008-2312", "CVE-2008-1100", "CVE-2008-3615", "CVE-2008-3635", "CVE-2008-3624", "CVE-2008-3625", "CVE-2008-3614", "CVE-2008-3628", "CVE-2008-3215", "CVE-2008-3629"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "4682.PRM", "href": "https://www.tenable.com/plugins/nnm/4682", "sourceData": "Binary data 4682.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:19:17", "description": "The remote host is running a version of Mac OS X 10.5 that is older than version 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products : \n\n- Apache\n- ATS\n- BIND\n- CFNetwork\n- CoreGraphics\n-Cscope\n- CUPS\n- Disk Images\n- enscript\n- Flash player\n- Help Viewer\n- iChat\n- Internation Components for Unicode\n- IPSec\n- Kerberos\n- Kernel\n- Launch Services\n- libxml\n- Net-SNMP\n- Network Time\n- Networking\n- OpenSSL\n- PHP\n- QuickDraw Manager\n- ruby\n- Safari\n- Spotlight\n- system_cmds\n- telnet\n- WebKit\n- X11\n- Terminal", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2004-08-18T00:00:00", "type": "nessus", "title": "Mac OS X 10.5 < 10.5.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0945", "CVE-2009-0164", "CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0025", "CVE-2008-5557", "CVE-2004-1184", "CVE-2004-1185", "CVE-2004-1186", "CVE-2008-3651", "CVE-2008-3652", "CVE-2008-3529", "CVE-2008-3443", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3790", "CVE-2008-4309", "CVE-2008-2939", "CVE-2008-3863", "CVE-2008-2383", "CVE-2008-5077", "CVE-2009-0021", "CVE-2009-0040", "CVE-2008-1382", "CVE-2008-3658", "CVE-2008-3660", "CVE-2009-0844", "CVE-2009-0845", "CVE-2009-0846", "CVE-2009-0847", "CVE-2009-0159", "CVE-2009-0946", "CVE-2009-0148", "CVE-2009-0153", "CVE-2009-0519", "CVE-2009-0520", "CVE-2009-0165", "CVE-2008-0456", "CVE-2008-2665", "CVE-2008-2829", "CVE-2009-0150", "CVE-2009-0145", "CVE-2009-0155", "CVE-2009-0161", "CVE-2008-2371", "CVE-2008-3659", "CVE-2008-2666", "CVE-2009-0010", "CVE-2009-0942", "CVE-2009-0158", "CVE-2009-0149", "CVE-2009-0160", "CVE-2009-0157", "CVE-2009-0144", "CVE-2008-1517", "CVE-2009-0154", "CVE-2009-0114", "CVE-2009-0943", "CVE-2009-0162", "CVE-2008-3530", "CVE-2009-1717", "CVE-2009-0944", "CVE-2009-0156", "CVE-2009-0152"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "5023.PRM", "href": "https://www.tenable.com/plugins/nnm/5023", "sourceData": "Binary data 5023.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:55", "description": "The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.7. \n\nMac OS X 10.5.7 contains security fixes for the following products :\n\n - Apache\n - ATS\n - BIND\n - CFNetwork\n - CoreGraphics\n - Cscope\n - CUPS\n - Disk Images\n - enscript\n - Flash Player plug-in\n - Help Viewer\n - iChat\n - International Components for Unicode\n - IPSec\n - Kerberos\n - Kernel\n - Launch Services\n - libxml\n - Net-SNMP\n - Network Time\n - Networking\n - OpenSSL\n - PHP\n - QuickDraw Manager\n - ruby\n - Safari\n - Spotlight\n - system_cmds\n - telnet\n - Terminal\n - WebKit\n - X11", "cvss3": {"score": null, "vector": null}, "published": "2009-05-13T00:00:00", "type": "nessus", "title": "Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2004-1184", "CVE-2004-1185", "CVE-2004-1186", "CVE-2008-0456", "CVE-2008-1382", "CVE-2008-1517", "CVE-2008-2371", "CVE-2008-2383", "CVE-2008-2665", "CVE-2008-2666", "CVE-2008-2829", "CVE-2008-2939", "CVE-2008-3443", "CVE-2008-3529", "CVE-2008-3530", "CVE-2008-3651", "CVE-2008-3652", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3658", "CVE-2008-3659", "CVE-2008-3660", "CVE-2008-3790", "CVE-2008-3863", "CVE-2008-4309", "CVE-2008-5077", "CVE-2008-5557", "CVE-2009-0010", "CVE-2009-0021", "CVE-2009-0025", "CVE-2009-0040", "CVE-2009-0114", "CVE-2009-0144", "CVE-2009-0145", "CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0148", "CVE-2009-0149", "CVE-2009-0150", "CVE-2009-0152", "CVE-2009-0153", "CVE-2009-0154", "CVE-2009-0155", "CVE-2009-0156", "CVE-2009-0157", "CVE-2009-0158", "CVE-2009-0159", "CVE-2009-0160", "CVE-2009-0161", "CVE-2009-0162", "CVE-2009-0164", "CVE-2009-0165", "CVE-2009-0519", "CVE-2009-0520", "CVE-2009-0844", "CVE-2009-0845", "CVE-2009-0846", "CVE-2009-0847", "CVE-2009-0942", "CVE-2009-0943", "CVE-2009-0944", "CVE-2009-0945", "CVE-2009-0946", "CVE-2009-1717"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_5_7.NASL", "href": "https://www.tenable.com/plugins/nessus/38744", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38744);\n script_version(\"1.32\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2004-1184\", \"CVE-2004-1185\", \"CVE-2004-1186\", \"CVE-2008-0456\", \"CVE-2008-1382\",\n \"CVE-2008-1517\", \"CVE-2008-2371\", \"CVE-2008-2383\", \"CVE-2008-2665\", \"CVE-2008-2666\",\n \"CVE-2008-2829\", \"CVE-2008-2939\", \"CVE-2008-3443\", \"CVE-2008-3529\", \"CVE-2008-3530\",\n \"CVE-2008-3651\", \"CVE-2008-3652\", \"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\",\n \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-3790\", \"CVE-2008-3863\",\n \"CVE-2008-4309\", \"CVE-2008-5077\", \"CVE-2008-5557\", \"CVE-2009-0010\", \"CVE-2009-0021\",\n \"CVE-2009-0025\", \"CVE-2009-0040\", \"CVE-2009-0114\", \"CVE-2009-0144\", \"CVE-2009-0145\",\n \"CVE-2009-0146\", \"CVE-2009-0147\", \"CVE-2009-0148\", \"CVE-2009-0149\", \"CVE-2009-0150\",\n \"CVE-2009-0152\", \"CVE-2009-0153\", \"CVE-2009-0154\", \"CVE-2009-0155\", \"CVE-2009-0156\",\n \"CVE-2009-0157\", \"CVE-2009-0158\", \"CVE-2009-0159\", \"CVE-2009-0160\", \"CVE-2009-0161\",\n \"CVE-2009-0162\", \"CVE-2009-0164\", \"CVE-2009-0165\", \"CVE-2009-0519\", \"CVE-2009-0520\",\n \"CVE-2009-0844\", \"CVE-2009-0845\", \"CVE-2009-0846\", \"CVE-2009-0847\", \"CVE-2009-0942\",\n \"CVE-2009-0943\", \"CVE-2009-0944\", \"CVE-2009-0945\", \"CVE-2009-0946\", \"CVE-2009-1717\");\n script_bugtraq_id(27409, 29796, 30087, 30649, 30657, 31612, 32948, 33769, 33890, 34257, 34408,\n 34409, 34481, 34550, 34568, 34665, 34805, 34924, 34932, 34937, 34938, 34939,\n 34941, 34942, 34947, 34948, 34950, 34951, 34952, 34958, 34959, 34962, 34965,\n 34972, 34973, 34974, 35182);\n\n script_name(english:\"Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.5.x that is prior\nto 10.5.7. \n\nMac OS X 10.5.7 contains security fixes for the following products :\n\n - Apache\n - ATS\n - BIND\n - CFNetwork\n - CoreGraphics\n - Cscope\n - CUPS\n - Disk Images\n - enscript\n - Flash Player plug-in\n - Help Viewer\n - iChat\n - International Components for Unicode\n - IPSec\n - Kerberos\n - Kernel\n - Launch Services\n - libxml\n - Net-SNMP\n - Network Time\n - Networking\n - OpenSSL\n - PHP\n - QuickDraw Manager\n - ruby\n - Safari\n - Spotlight\n - system_cmds\n - telnet\n - Terminal\n - WebKit\n - X11\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT3549\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Mac OS X 10.5.7 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 20, 22, 79, 94, 119, 189, 200, 264, 287, 399);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/05/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/01/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2009/05/12\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n \n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) os = get_kb_item(\"Host/OS\");\nif (!os) exit(0);\n\nif (ereg(pattern:\"Mac OS X 10\\.5\\.[0-6]([^0-9]|$)\", string:os)) \n security_hole(0);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:26", "description": "rPath Security Advisory: 2008-0151-1\r\nPublished: 2008-04-29\r\nProducts:\r\n rPath Linux 1\r\n rPath Appliance Platform Linux Service 1\r\n\r\nRating: Major\r\nExposure Level Classification:\r\n Indirect User Deterministic Unauthorized Access\r\nUpdated Versions:\r\n libpng=conary.rpath.com@rpl:1/1.2.26-2.1-1\r\n\r\nrPath Issue Tracking System:\r\n https://issues.rpath.com/browse/RPL-2440\r\n\r\nReferences:\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382\r\n\r\nDescription:\r\n Previous versions of the libpng package may allow indirect attackers\r\n who provide maliciously crafted PNG images to execute arbitrary code\r\n in applications that use the libpng library.\r\n\r\nhttp://wiki.rpath.com/Advisories:rPSA-2008-0151\r\n\r\nCopyright 2008 rPath, Inc.\r\nThis file is distributed under the terms of the MIT License.\r\nA copy is available at http://www.rpath.com/permanent/mit-license.html", "edition": 1, "cvss3": {}, "published": "2008-05-01T00:00:00", "title": "rPSA-2008-0151-1 libpng", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2008-05-01T00:00:00", "id": "SECURITYVULNS:DOC:19753", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19753", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:25", "description": "\r\n2008/04/12 #2008-003 libpng zero-length chunks incorrect handling\r\n\r\nDescription:\r\n\r\nApplications using libpng that install unknown chunk handlers, or copy\r\nunknown chunks, may be vulnerable to a security issue which may result in\r\nincorrect output, information leaks, crashes, or arbitrary code execution.\r\n\r\nThe issue involves libpng incorrectly handling zero length chunks which\r\nresults in uninitialized memory affecting the control flow of the\r\napplication.\r\n\r\nAffected version:\r\n\r\nThe libpng project indicates libpng-1.0.6 through 1.0.32, libpng-1.2.0\r\nthrough 1.2.26, and libpng-1.4.0beta01 through libpng-1.4.0beta19 built with\r\nPNG_READ_UNKNOWN_CHUNKS_SUPPORTED or PNG_READ_USER_CHUNKS_SUPPORTED (default\r\nconfiguration) are affected.\r\n\r\nFixed version:\r\n\r\nlibpng version 1.2.27 and 1.0.33 are in beta and will be released on or about\r\nApril 26, 2008 according to libpng maintainer\r\n\r\nlibpng-1.2.27beta01\r\n\r\nCredit: Tavis Ormandy, oCERT Team | Google Security Team\r\n\r\nCVE: CVE-2008-1382\r\n\r\nTimeline:\r\n\r\n2008-04-05: contacted libpng maintainers\r\n2008-04-05: vendor confirms\r\n2008-04-05: verification of vendor suggested patch\r\n2008-04-12: libpng-1.2.27beta01 released\r\n2008-04-12: libpng project advisory released\r\n2008-04-12: advisory release\r\n\r\nReferences:\r\nhttp://libpng.sourceforge.net/Advisory-1.2.26.txt\r\n\r\nLinks:\r\nhttp://www.libpng.org/pub/png/libpng.html\r\n\r\nPermalink:\r\nhttp://www.ocert.org/advisories/ocert-2008-003.html\r\n\r\n-- \r\nAndrea Barisani | Founder & Project Coordinator\r\n oCERT | Open Source Computer Emergency Response Team\r\n\r\n<lcars@ocert.org> http://www.ocert.org\r\n 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E\r\n "Pluralitas non est ponenda sine necessitate"", "edition": 1, "cvss3": {}, "published": "2008-04-14T00:00:00", "title": "[oCERT-2008-003] libpng zero-length chunks incorrect handling", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-14T00:00:00", "id": "SECURITYVULNS:DOC:19634", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19634", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:29", "description": "Uninitilized memory reference on zero-sized chunk with external chunk handlers.", "edition": 1, "cvss3": {}, "published": "2008-04-14T00:00:00", "title": "libpng uninitialized memory reference", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-14T00:00:00", "id": "SECURITYVULNS:VULN:8900", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8900", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:26", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200805-10\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Pngcrush: User-assisted execution of arbitrary code\r\n Date: May 11, 2008\r\n Bugs: #219033\r\n ID: 200805-10\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nA vulnerability in Pngcrush might result in user-assisted execution of\r\narbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nPngcrush is a multi platform optimizer for PNG (Portable Network\r\nGraphics) files.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 media-gfx/pngcrush < 1.6.4-r1 >= 1.6.4-r1\r\n\r\nDescription\r\n===========\r\n\r\nIt has been reported that Pngcrush includes a copy of libpng that is\r\nvulnerable to a memory corruption (GLSA 200804-15).\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker could entice a user to process a specially crafted\r\nPNG image, possibly resulting in the execution of arbitrary code with\r\nthe privileges of the user running the application, or a Denial of\r\nService.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Pngcrush users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=media-gfx/pngcrush-1.6.4-r1"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2008-1382\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382\r\n [ 2 ] GLSA 200804-15\r\n http://www.gentoo.org/security/en/glsa/glsa-200804-15.xml\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200805-10.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2008 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.7 (GNU/Linux)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niD8DBQFIJ2jEuhJ+ozIKI5gRAvRlAJsE+uTJB71quUjsvbLBmCOLxMRxDQCgiDKG\r\nLgG2O2wKtKMVI6/onkIuHKo=\r\n=fp9X\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2008-05-13T00:00:00", "title": "[ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2008-05-13T00:00:00", "id": "SECURITYVULNS:DOC:19830", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19830", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:09:07", "bulletinFamily": "software", "cvelist": ["CVE-2008-3964", "CVE-2008-1382"], "description": "No description provided", "edition": 2, "modified": "2008-05-13T00:00:00", "published": "2008-05-13T00:00:00", "id": "SECURITYVULNS:VULN:8959", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8959", "title": "libpng code execution", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:30", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\n VMware Security Advisory\r\n\r\nAdvisory ID: VMSA-2009-0007\r\nSynopsis: VMware Hosted products and ESX and ESXi patches\r\n resolve security issues\r\nIssue date: 2009-05-28\r\nUpdated on: 2009-05-28 (initial release of advisory)\r\nCVE numbers: CVE-2009-1805 CVE-2009-0040 CVE-2008-1382\r\n- ------------------------------------------------------------------------\r\n\r\n1. Summary\r\n\r\n VMware Hosted products and ESX and ESXi patches resolve a security\r\n issue. Update patch 13 for ESX 2.5.5 updates the libpng Service\r\n Console RPM.\r\n\r\n2. Relevant releases\r\n\r\n VMware Workstation 6.5.1 and earlier,\r\n VMware Player 2.5.1 and earlier,\r\n VMware ACE 2.5.1 and earlier,\r\n VMware Server 2.0,\r\n VMware Server 1.0.8 and earlier,\r\n VMware Fusion 2.0.1 and earlier.\r\n\r\n VMware ESXi 3.5 without patch ESXe350-200904402-T-BG\r\n\r\n VMware ESX 3.5 without patch ESX350-200904401-BG\r\n\r\n VMware ESX 3.0.3 without patch ESX303-200905401-SG\r\n\r\n VMware ESX 3.0.2 without patch ESX-1008420\r\n\r\n VMware ESX 2.5.5 without update patch 13\r\n\r\n Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08.\r\n Users should plan to upgrade to ESX 3.0.3 and preferably to\r\n the newest release available.\r\n\r\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\r\n to upgrade to ESX 3.0.3 and preferably to the newest release\r\n available.\r\n\r\n3. Problem Description\r\n\r\n a. VMware Descheduled Time Accounting driver vulnerability may cause a\r\n denial of service in Windows based virtual machines.\r\n\r\n The VMware Descheduled Time Accounting Service is an optional,\r\n experimental service that provides improved guest operating system\r\n accounting.\r\n\r\n This patch fixes a denial of service vulnerability that could be\r\n triggered in a virtual machine by an unprivileged, locally\r\n logged-on user in the virtual machine.\r\n\r\n Virtual machines are affected under the following conditions:\r\n\r\n - The virtual machine is running a Windows operating system.\r\n\r\n - The VMware Descheduled Time Accounting driver is installed\r\n in the virtual machine. Note that this is an optional (non-\r\n default) part of the VMware Tools installation.\r\n\r\n - The VMware Descheduled Time Accounting Service is not running\r\n in the virtual machine\r\n\r\n The VMware Descheduled Time Accounting Service is no longer provided\r\n in newer versions of VMware Tools, starting with the versions\r\n released in Fusion 2.0.2 and ESX 4.0.\r\n\r\n However, virtual machines migrated from vulnerable releases will\r\n still be vulnerable if the three conditions listed above are met,\r\n until their tools are upgraded.\r\n\r\n Steps needed to remediate this vulnerability:\r\n\r\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\r\n - Install the new version of Workstation, Player, ACE, Server,\r\n Fusion (see below for version information)\r\n - Upgrade tools in the virtual machine (virtual machine users\r\n will be prompted to upgrade).\r\n\r\n Guest systems on ESX 3.5, ESXi 3.5, ESX 3.0.2, ESX 3.0.3\r\n - Install the relevant patches (see below for patch identifiers)\r\n - Manually upgrade tools in the virtual machine (virtual machine\r\n users will not be prompted to upgrade). Note the VI Client will\r\n not show the VMware tools is out of date in the summary tab.\r\n Please see http://tinyurl.com/27mpjo page 80 for details.\r\n\r\n Guests systems on ESX 4.0 and ESXi 4.0 that have been migrated from\r\n ESX 3.5, ESXi 3.5, and ESX 3.0.x\r\n - Install/upgrade the new tools in the virtual machine (virtual\r\n machine users will be prompted to upgrade).\r\n\r\n If the Descheduled Time Accounting driver was installed, the tools\r\n upgrade will result in an updated driver for Workstation, Player,\r\n ACE, Server, ESX 3.0.2, ESX 3.0.3, ESX 3.5, ESXi 3.5. For Fusion,\r\n ESX 4.0, and ESXi 4.0 the tools upgrade will result in the removal\r\n of the driver.\r\n\r\n VMware would like to thank Nikita Tarakanov for reporting this\r\n issue to us.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the name CVE-2009-1805 to this issue.\r\n\r\n The following table lists what action remediates the vulnerability\r\n (column 4) if a solution is available. See above for remediation\r\n details.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======== ======= =================\r\n VirtualCenter any Windows not affected\r\n\r\n Workstation 6.5.x any 6.5.2 build 156735 or later\r\n Workstation 6.0.x any upgrade to at least 6.5.2\r\n\r\n Player 2.5.x any 2.5.2 build 156735 or later\r\n Player 2.0.x any upgrade to at least 2.5.2\r\n\r\n ACE 2.5.x Windows 2.5.2 build 156735 or later\r\n ACE 2.0.x Windows upgrade to at least 2.5.2\r\n\r\n Server 2.x any 2.0.1 build 156745 or later\r\n Server 1.x any 1.0.9 build 156507 or later\r\n\r\n Fusion 2.x Mac OS/X 2.0.2 build 147997 or later\r\n\r\n ESXi 4.0 ESXi not affected\r\n ESXi 3.5 ESXi ESXe350-200904402-T-BG\r\n\r\n ESX 4.0 ESX not affected\r\n ESX 3.5 ESX ESX350-200904401-BG\r\n ESX 3.0.3 ESX ESX303-200905401-SG\r\n ESX 3.0.2 ESX ESX-1008420\r\n ESX 2.5.5 ESX not affected\r\n\r\n b. Updated libpng package for the ESX 2.5.5 Service Console\r\n\r\n The libpng packages contain a library of functions for creating and\r\n manipulating PNG (Portable Network Graphics) image format files.\r\n\r\n A flaw was discovered in libpng that could result in libpng trying\r\n to free() random memory if certain, unlikely error conditions\r\n occurred. If a carefully-crafted PNG file was loaded by an\r\n application linked against libpng, it could cause the application\r\n to crash or, potentially, execute arbitrary code with the\r\n privileges of the user running the application.\r\n\r\n A flaw was discovered in the way libpng handled PNG images\r\n containing "unknown" chunks. If an application linked against libpng\r\n attempted to process a malformed, unknown chunk in a malicious PNG\r\n image, it could cause the application to crash.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the names CVE-2009-0040 and CVE-2008-1382 to these\r\n issues.\r\n\r\n The VMware version number of libpng after applying the update is\r\n libpng-1.0.14-12.i386.rpm.\r\n\r\n The following table lists what action remediates the vulnerability\r\n (column 4) if a solution is available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======== ======= =================\r\n VirtualCenter any Windows not affected\r\n\r\n hosted * any any not affected\r\n\r\n ESXi 4.0 ESXi not affected\r\n ESXi 3.5 ESXi not affected\r\n\r\n ESX 4.0 ESX not affected\r\n ESX 3.5 ESX not affected\r\n ESX 3.0.3 ESX not affected\r\n ESX 3.0.2 ESX not affected\r\n ESX 2.5.5 ESX Upgrade Patch 13\r\n\r\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion.\r\n\r\n4. Solution\r\n\r\n Please review the patch/release notes for your product and version\r\n and verify the md5sum and/or the sha1sum of your downloaded file.\r\n\r\n VMware Workstation 6.5.2\r\n ------------------------\r\n http://www.vmware.com/download/ws/\r\n Release notes:\r\n http://www.vmware.com/support/ws65/doc/releasenotes_ws652.html\r\n\r\n For Windows\r\n\r\n Workstation for Windows 32-bit and 64-bit\r\n Windows 32-bit and 64-bit .exe\r\n md5sum: 8336586b9f9e5180d5279a0b988e82a6\r\n sha1sum: ccdb6bcb867638e8f4f493bc02c6f70c5ebbb88e\r\n\r\n For Linux\r\n\r\n Workstation for Linux 32-bit\r\n Linux 32-bit .rpm\r\n md5sum: 69b039c848f6b2c94948928d8e9057bb\r\n sha1sum: 37ca77ef550db932cf7b078fcbd6fa0155e3411e\r\n\r\n Workstation for Linux 32-bit\r\n Linux 32-bit .bundle\r\n md5sum: 5d4ccf9c23701d09a671f586a9bb4190\r\n sha1sum: d508111adf479d82049c323b1d0b82200c0ab4dd\r\n\r\n Workstation for Linux 64-bit\r\n Linux 64-bit .rpm\r\n md5sum: 19387416e3b597b901dfe84e4a2bcd97\r\n sha1sum: 0726518abc9a77051d991af570774bae1625ff78\r\n\r\n Workstation for Linux 64-bit\r\n Linux 64-bit .bundle\r\n md5sum: 56dfc3adcf96701f440b19a8cf06c3df\r\n sha1sum: 04aa442a2b9bf2c67d6266a410b20ef146b93bef\r\n\r\n\r\n VMware Player 2.5.2\r\n -------------------\r\n http://www.vmware.com/download/player/\r\n Release notes:\r\n http://www.vmware.com/support/player25/doc/releasenotes_player252.html\r\n\r\n Windows binary\r\n\r\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.2-156735.exe\r\n md5sum: 01356d729e9b031c8904e9560a02c469\r\n\r\n Player for Linux (.rpm)\r\n\r\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-156735.i386.rpm\r\n md5sum: aa047047b72de7f4b53d9c2128b53bec\r\n\r\n Player for Linux (.tar)\r\n\r\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-156735.i386.bundle\r\n md5sum: bd51e8f8ef2417080c6d734f6ea9fb87\r\n\r\n VMware Player 2.5.2 - 64-bit (.rpm)\r\n\r\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-156735.x86_64.rpm\r\n md5sum: 5b488b97b5091d3980eb74ec0a5c065b\r\n\r\n VMware Player 2.5.2 - 64-bit (.bundle)\r\n\r\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.2-156735.x86_64.bundle\r\n md5sum: 25254cd60c4063c2c68a8bf50c2c4869\r\n\r\n\r\n VMware ACE 2.5.2\r\n ----------------\r\n http://www.vmware.com/download/ace/\r\n Release notes:\r\n http://www.vmware.com/support/ace25/doc/releasenotes_ace252.html\r\n\r\n ACE Management Server Virtual Appliance\r\n AMS Virtual Appliance .zip\r\n md5sum: 430ff7792d9d490d1678fc22b4c62121\r\n sha1sum: 98b74e0dba4214b055c95ccea656bfa2731c3fee\r\n\r\n VMware ACE for Windows 32-bit and 64-bit\r\n Windows 32-bit and 64-bit .exe\r\n md5sum: 8336586b9f9e5180d5279a0b988e82a6\r\n\r\n ACE Management Server for Windows\r\n Windows .exe\r\n md5sum: 44918519a7bac2501b211c9825ed8268\r\n sha1sum: 97655c824815f7c4e25f6940c708f835ab616da9\r\n\r\n ACE Management Server for SUSE Enterprise Linux 9\r\n SLES 9 .rpm\r\n md5sum: 7fcb0409474c7e81accc90f25d80b00e\r\n sha1sum: 385b254930dd6b8c53e3c805653c1fa1b07a6161\r\n\r\n ACE Management Server for Red Hat Enterprise Linux 4\r\n RHEL 4 .rpm\r\n md5sum: 745e3115f8557fa04c2ddaf25320a911\r\n sha1sum: ef75d572325a32a7582dbb4c352541978d3cebeb\r\n\r\n\r\n VMware Server 2.0.1\r\n -------------------\r\n http://www.vmware.com/download/server/\r\n Release notes:\r\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver201.html\r\n\r\n For Windows\r\n\r\n VMware Server 2\r\n Version 2.0.1 | 156745 - 03/31/09\r\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\r\n master installer file containing all Windows components of VMware\r\n Server.\r\n md5sum: d0eefaa79e42d13a693c4d732a460ba4\r\n\r\n VIX API 1.6 for Windows.\r\n Version 1.6.2 | 156745 - 03/31/09 37 MB EXE image\r\n md5sum: ad531ed3c37c0a50fb915981f83ca133\r\n\r\n For Linux\r\n\r\n VMware Server 2 for Linux Operating Systems.\r\n Version 2.0.1 | 156745 - 03/31/09 465 MB RPM image\r\n md5sum: eb42331bbd9be30848826b8cab73e0ca\r\n\r\n VMware Server 2 for Linux Operating Systems.\r\n Version 2.0.1 | 156745 - 03/31/09 466 MB TAR image\r\n md5sum: be96bc1696f4cef67755bfd2553ce233\r\n\r\n VMware Server 2 for Linux Operating Systems 64-bit version.\r\n Version 2.0.1 | 156745 - 03/31/09 434 MB RPM image\r\n md5sum: 697a792c70d50e98a347c06b323bd20b\r\n\r\n The core application needed to run VMware Server 2, 64-bit version.\r\n Version 2.0.1 | 156745 - 03/31/09 436 MB TAR image\r\n md5sum: f40498229772910d6a6788b7803f9c38\r\n\r\n VIX API 1.6 for Linux.\r\n Version 1.6.2 | 156745 - 03/31/09 17 MB TAR image\r\n md5sum: 2ef6174b90cdd9a2832b57dbe94cfbb1\r\n\r\n 64-bit VIX API 1.6 for Linux.\r\n Version 1.6.2 | 156745 - 03/31/09 21 MB TAR image\r\n md5sum: 454aeba273f9a89c578223c95b262323\r\n\r\n\r\n VMware Server 1.0.9\r\n -------------------\r\n http://www.vmware.com/download/server/\r\n Release notes:\r\n http://www.vmware.com/support/server/doc/releasenotes_server.html\r\n\r\n VMware Server for Windows 32-bit and 64-bit\r\n\r\nhttp://download3.vmware.com/software/vmserver/VMware-server-installer-1.0.9-156507.exe\r\n md5sum: 8c650f8a0a0521b69c6aba00d910cfb9\r\n\r\n VMware Server Windows client package\r\n\r\nhttp://download3.vmware.com/software/vmserver/VMware-server-win32-client-1.0.9-156507.zip\r\n md5sum: c83e673f7422a4f3edaf7d9337cf5d6d\r\n\r\n VMware Server for Linux\r\n\r\nhttp://download3.vmware.com/software/vmserver/VMware-server-1.0.9-156507.tar.gz\r\n md5sum: ff4b57588514c83b1a828e3b19843ad2\r\n\r\n VMware Server for Linux rpm\r\n\r\nhttp://download3.vmware.com/software/vmserver/VMware-server-1.0.9-156507.i386.rpm\r\n md5sum: c8fc9e9f948f2807b9f8bfb3ca318f36\r\n\r\n Management Interface\r\n\r\nhttp://download3.vmware.com/software/vmserver/VMware-mui-1.0.9-156507.tar.gz\r\n md5sum: dbf99faef8bd26e173cf2514d7bea449\r\n\r\n VMware Server Linux client package\r\n\r\nhttp://download3.vmware.com/software/vmserver/VMware-server-linux-client-1.0.9-156507.zip\r\n md5sum: 7e76a481408454a747bb4d076a6e2524\r\n\r\n\r\n VMware Fusion 2.0.4\r\n -------------------\r\n http://www.vmware.com/download/fusion/\r\n VMware Fusion 2.0.4: with McAfee VirusScan Plus 2009\r\n md5sum:5b63c7ca402588bda6aa590a26d29adf\r\n sha1sum:e575ada73da996bd00b880ae2d0bfcef2daf9f8e\r\n\r\n VMware Fusion 2.0.4: Download including only VMware\r\n md5sum:689eaf46746cdc89a595e0ef81b714b3\r\n sha1sum:46300075feb00df099d5272b984f762416d33791\r\n\r\n\r\n ESXi\r\n ----\r\n ESXi 3.5 patch ESXe350-200904401-O-SG (ESXe350-200904402-T-BG)\r\n http://download3.vmware.com/software/vi/ESXe350-200904401-O-SG.zip\r\n md5sum: 9b11aa16afd676a5190cfd0b68d5a836\r\n http://kb.vmware.com/kb/1010136\r\n\r\n NOTES: The three ESXi patches for Firmware "I", VMware Tools "T,"\r\n and the VI Client "C" are contained in a single offline "O"\r\n download file.\r\n\r\n ESX\r\n ---\r\n ESX 3.5 patch ESX350-200904401-BG\r\n http://download3.vmware.com/software/vi/ESX350-200904401-BG.zip\r\n md5sum: 01847ced394a0556f99ca4c55b2174bf\r\n http://kb.vmware.com/kb/1010126\r\n\r\n ESX 3.0.3 patch ESX303-200905401-SG\r\n http://download3.vmware.com/software/vi/ESX303-200905401-SG.zip\r\n md5sum: bea33fd046957aa38ce0ed67d6b362ed\r\n http://kb.vmware.com/kb/1009940\r\n\r\n ESX 3.0.2 patch ESX-1008420\r\n http://download3.vmware.com/software/vi/ESX-1008420.tgz\r\n md5sum: 0a63dde5307defd48592d4e8b88f3f48\r\n http://kb.vmware.com/kb/1008420\r\n\r\n ESX 2.5.5 Upgrade Patch 13\r\n http://www.vmware.com/support/esx25/doc/esx-255-200905-patch.html\r\n http://download3.vmware.com/software/esx/esx-2.5.5-161312-upgrade.tar.gz\r\n md5sum: a477b7819f5a0d4cbd38b98432a48c88\r\n sha1sum: cceb38898108e48cc5b7e3298a03a369aa783699\r\n\r\n5. References\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1805\r\n\r\n\r\n6. Change log\r\n\r\n2009-05-28 VMSA-2009-0007\r\nInitial security advisory after release of patches for ESX 2.5.5,\r\nESX 3.0.2 and ESX 3.0.3. Relevant patches for ESX 3.5 and new versions\r\nof hosted products mentioned above have already been released.\r\n- -----------------------------------------------------------------------\r\n7. Contact\r\n\r\nE-mail list for product security notifications and announcements:\r\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\r\n\r\nThis Security Advisory is posted to the following lists:\r\n\r\n * security-announce at lists.vmware.com\r\n * bugtraq at securityfocus.com\r\n * full-disclosure at lists.grok.org.uk\r\n\r\nE-mail: security at vmware.com\r\nPGP key at: http://kb.vmware.com/kb/1055\r\n\r\nVMware Security Center\r\nhttp://www.vmware.com/security\r\n\r\nVMware security response policy\r\nhttp://www.vmware.com/support/policies/security_response.html\r\n\r\nGeneral support life cycle policy\r\nhttp://www.vmware.com/support/policies/eos.html\r\n\r\nVMware Infrastructure support life cycle policy\r\nhttp://www.vmware.com/support/policies/eos_vi.html\r\n\r\nCopyright 2009 VMware Inc. All rights reserved.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.5 (MingW32)\r\n\r\niD8DBQFKH2AAS2KysvBH1xkRAnvdAJ4pvL6zsSEtJW93XPITQ2SNZdiisQCfd51Z\r\n3Fm2uMQVbWD7cgpl2UmscBc=\r\n=/FuM\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2009-06-01T00:00:00", "title": "VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382", "CVE-2009-1805"], "modified": "2009-06-01T00:00:00", "id": "SECURITYVULNS:DOC:21916", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21916", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:30", "description": "About the security content of Security Update 2009-002 / Mac OS X v10.5.7\r\n\r\n * Last Modified: May 12, 2009\r\n * Article: HT3549\r\n\r\nSummary\r\n\r\nThis document describes the security content of Security Update 2009-002 / Mac OS X v10.5.7, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see "Apple Security Updates."\r\nProducts Affected\r\n\r\nProduct Security, Mac OS X 10.5\r\nSecurity Update 2009-002 / Mac OS X v10.5.7\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-2939\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11\r\n\r\n Impact: Visiting a malicious website via a proxy may result in cross-site scripting\r\n\r\n Description: An input validation issue exists in Apache's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by applying the Apache patch for version 2.0.63. Further information is available via the Apache web site at http://httpd.apache.org/ Apache 2.0.x is only shipped with Mac OS X Server v10.4.x systems. Mac OS X v10.5.x and Mac OS X Server v10.5.x ship with Apache 2.2.x.\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-2939\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a malicious website via a proxy may result in cross-site scripting\r\n\r\n Description: An input validation issue exists in Apache 2.2.9's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by updating Apache to version 2.2.11. Further information is available via the Apache web site at http://httpd.apache.org/\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-0456\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Web sites that allow users to control the name of a served file may be vulnerable to HTTP response injection\r\n\r\n Description: A request forgery issue exists in Apache. Apache does not escape filenames when negotiating the correct content type to send to a remote browser. A user who can publish files with specially crafted names to a web site can substitute their own response for any web page hosted on the system. This update addresses the issue by escaping filenames in content negotiation responses.\r\n\r\n *\r\n\r\n ATS\r\n\r\n CVE-ID: CVE-2009-0154\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in Apple Type Services' handling of Compact Font Format (CFF) fonts. Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Charlie Miller of Independent Security Evaluators working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n BIND\r\n\r\n CVE-ID: CVE-2009-0025\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: BIND is susceptible to a spoofing attack if configured to use DNSSEC\r\n\r\n Description: BIND incorrectly checks the return value of the OpenSSL DSA_do_verify function. On systems using the DNS Security Extensions (DNSSEC) protocol, a maliciously crafted DSA certificate could bypass the validation, which may lead to a spoofing attack. By default, DNSSEC is not enabled. This update addresses the issue by updating BIND to version 9.3.6-P1 on Mac OS X v10.4, and version 9.4.3-P1 for Mac OS X v10.5 systems. Further information is available via the ISC web site at https://www.isc.org/\r\n\r\n *\r\n\r\n CFNetwork\r\n\r\n CVE-ID: CVE-2009-0144\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Applications that use CFNetwork may send secure cookies in unencrypted HTTP requests\r\n\r\n Description: An implementation issue exists in CFNetwork's parsing of Set-Cookie headers, which may result in certain cookies being unexpectedly sent over a non-encrypted connection. This issue affects non-RFC compliant Set-Cookie headers that are accepted for compatibility reasons. This may result in applications that use CFNetwork, such as Safari, sending sensitive information in unencrypted HTTP requests. This update addresses the issue through improved parsing of Set-Cookie headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Andrew Mortensen of the University of Michigan for reporting this issue.\r\n\r\n *\r\n\r\n CFNetwork\r\n\r\n CVE-ID: CVE-2009-0157\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in the handling of overly long HTTP headers in CFNetwork. Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of HTTP headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Moritz Jodeit of n.runs AG for reporting this issue.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0145\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds and error checking.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0155\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer underflow in CoreGraphics' handling of PDF files may result in a heap buffer overflow. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Barry K. Nathan for reporting this issue.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0146, CVE-2009-0147, CVE-2009-0165\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple heap buffer overflows exist in CoreGraphics' handling of PDF files containing JBIG2 streams. Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Apple, Alin Rad Pop of Secunia Research, and Will Dormann of CERT/CC for reporting this issue.\r\n\r\n *\r\n\r\n Cscope\r\n\r\n CVE-ID: CVE-2009-0148\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted source file with Cscope may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in Cscope's handling of long file system path names. Using Cscope to process a maliciously crafted source file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n CUPS\r\n\r\n CVE-ID: CVE-2009-0164\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted web site may lead to unauthorized access of the Web Interface of CUPS\r\n\r\n Description: Under certain circumstances, the Web Interface of CUPS 1.3.9 and earlier may be accessible to attackers through DNS rebinding attacks. In the default configuration, this may allow a maliciously crafted website to start and stop printers, and access information about printers and jobs. This update addresses the issue by performing additional validation of the Host header. Credit: Apple.\r\n\r\n *\r\n\r\n Disk Images\r\n\r\n CVE-ID: CVE-2009-0150\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Tiller Beauchamp of IOActive for reporting this issue.\r\n\r\n *\r\n\r\n Disk Images\r\n\r\n CVE-ID: CVE-2009-0149\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n enscript\r\n\r\n CVE-ID: CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in enscript\r\n\r\n Description: enscript is updated to version 1.6.4 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the gnu web site at http://www.gnu.org/software/enscript/\r\n\r\n *\r\n\r\n Flash Player plug-in\r\n\r\n CVE-ID: CVE-2009-0519, CVE-2009-0520, CVE-2009-0114\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in Adobe Flash Player plug-in\r\n\r\n Description: Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted web site. The issues are addressed by updating the Flash Player plug-in on Mac OS v10.5.x systems to version 10.0.22.87, and to version 9.0.159.0 on Mac OS X v10.4.11 systems. Further information is available via the Adobe web site at http://www.adobe.com/support/security/bulletins/apsb09-01.html\r\n\r\n *\r\n\r\n Help Viewer\r\n\r\n CVE-ID: CVE-2009-0942\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution\r\n\r\n Description: Help Viewer loads Cascading Style Sheets referenced in URL parameters without validating that the referenced style sheets are located within a registered help book. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of file system paths when loading stylesheets. Credit to Brian Mastenbrook for reporting this issue.\r\n\r\n *\r\n\r\n Help Viewer\r\n\r\n CVE-ID: CVE-2009-0943\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution\r\n\r\n Description: Help Viewer does not validate that full paths to HTML documents are within registered help books. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of "help:" URLs. Credit to Brian Mastenbrook for reporting this issue.\r\n\r\n *\r\n\r\n iChat\r\n\r\n CVE-ID: CVE-2009-0152\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: iChat AIM communications configured for SSL may downgrade to plaintext\r\n\r\n Description: iChat supports Secure Sockets Layer (SSL) for AOL Instant Messenger and Jabber accounts. iChat automatically disables SSL for AOL Instant Messenger accounts when it is unable to connect, and sends subsequent communications in plain text until SSL is manually re-enabled. A remote attacker with the ability to observe network traffic from an affected system may obtain the contents of AOL Instant Messenger conversations. This update addresses the issue by changing the behavior of iChat to always attempt to use SSL, and to use less secure channels only if the "Require SSL" preference is not enabled. This issue does not affect systems prior to Mac OS X v10.5, as they do not support SSL for iChat accounts.\r\n\r\n *\r\n\r\n International Components for Unicode\r\n\r\n CVE-ID: CVE-2009-0153\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Maliciously crafted content may bypass website filters and result in cross-site scripting\r\n\r\n Description: An implementation issue exists in ICU's handling of certain character encodings. Using ICU to convert invalid byte sequences to Unicode may result in over-consumption, where trailing bytes are considered part of the original character. This may be leveraged by an attacker to bypass filters on websites that attempt to mitigate cross-site scripting. This update addresses the issue through improved handling of invalid byte sequences. This issue does not affect systems prior to Mac OS X v10.5. Credit to Chris Weber of Casaba Security for reporting this issue.\r\n\r\n *\r\n\r\n IPSec\r\n\r\n CVE-ID: CVE-2008-3651, CVE-2008-3652\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in the racoon daemon may lead to a denial of service\r\n\r\n Description: Multiple memory leaks exist in the racoon daemon in ipsec-tools before 0.7.1, which may lead to a denial of service. This update addresses the issues through improved memory management.\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0845\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program\r\n\r\n Description: A null pointer dereference issue exists in the Kerberos SPNEGO support. Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue by adding a check for a null pointer. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0846, CVE-2009-0847\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in Kerberos' handling of ASN.1 encoded messages. Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution. Further information on the issues and the patches applied is available via the MIT Kerberos website at http://web.mit.edu/Kerberos/\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0844\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program\r\n\r\n Description: An out-of-bounds memory access exists in Kerberos. Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit: Apple.\r\n\r\n *\r\n\r\n Kernel\r\n\r\n CVE-ID: CVE-2008-1517\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A local user may obtain system privileges\r\n\r\n Description: An unchecked index issue exists in the kernel's handling of workqueues, which may lead to an unexpected system shutdown or arbitrary code execution with Kernel privileges. This update addresses the issue through improved index checking. Credit to an anonymous researcher working with Verisign iDefense VCP for reporting this issue.\r\n\r\n *\r\n\r\n Launch Services\r\n\r\n CVE-ID: CVE-2009-0156\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Downloading a maliciously crafted Mach-O executable may cause Finder to repeatedly terminate and relaunch\r\n\r\n Description: An out-of-bounds memory read access exists in Launch Services. Downloading a maliciously crafted Mach-O executable may cause the Finder to repeatedly terminate and relaunch. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n libxml\r\n\r\n CVE-ID: CVE-2008-3529\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in libxml's handling of long entity names. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n Net-SNMP\r\n\r\n CVE-ID: CVE-2008-4309\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A remote attacker may terminate the operation of the SNMP service\r\n\r\n Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By sending a maliciously crafted SNMPv3 packet, an attacker may cause the SNMP server to terminate, denying service to legitimate clients. This update addresses the issue by applying the Net-SNMP patches on Mac OS X v10.4.11 systems, and by updating net_snmp to version 5.4.2.1 on Mac OS X v10.5.x systems. The SNMP service is not enabled by default on Mac OS X or Mac OS X Server.\r\n\r\n *\r\n\r\n Network Time\r\n\r\n CVE-ID: CVE-2009-0021\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Network Time is susceptible to a spoofing attack if NTP authentication is enabled\r\n\r\n Description: The ntpd daemon incorrectly checks the return value of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4 authentication, this may allow a maliciously crafted signature to bypass the cryptographic signature validation, which may lead to a time spoofing attack. By default, NTP authentication is not enabled. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.\r\n\r\n *\r\n\r\n Network Time\r\n\r\n CVE-ID: CVE-2009-0159\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Using the ntpq command to request peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in the ntpq program. When the ntpq program is used to request peer information from a remote time server, a maliciously crafted response may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n Networking\r\n\r\n CVE-ID: CVE-2008-3530\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A remote user may be able to cause an unexpected system shutdown\r\n\r\n Description: When IPv6 support is enabled, IPv6 nodes use ICMPv6 to report errors encountered while processing packets. An implementation issue in the handling of incoming ICMPv6 "Packet Too Big" messages may cause an unexpected system shutdown. This update addresses the issue through improved handling of ICMPv6 messages.\r\n\r\n *\r\n\r\n OpenSSL\r\n\r\n CVE-ID: CVE-2008-5077\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification\r\n\r\n Description: Several functions within the OpenSSL library incorrectly check the result value of the EVP_VerifyFinal function. A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification for DSA and ECDSA keys. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.\r\n\r\n *\r\n\r\n PHP\r\n\r\n CVE-ID: CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666, CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in PHP 5.2.6\r\n\r\n Description: PHP is updated to version 5.2.8 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at http://www.php.net/\r\n\r\n *\r\n\r\n QuickDraw Manager\r\n\r\n CVE-ID: CVE-2009-0160\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in QuickDraw's handling of PICT images. Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit: Apple.\r\n * QuickDraw Manager\r\n\r\n CVE-ID: CVE-2009-0010\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer underflow in the handling of PICT images may result in a heap buffer overflow. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit to Damian Put and Sebastian Apelt working with TippingPoint's Zero Day Initiative, and Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.\r\n\r\n *\r\n\r\n ruby\r\n\r\n CVE-ID: CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in Ruby 1.8.6\r\n\r\n Description: Multiple vulnerabilities exist in Ruby 1.8.6. This update addresses the issues by updating Ruby to version 1.8.6-p287. Further information is available via the Ruby web site at http://www.ruby-lang.org/en/security/\r\n\r\n *\r\n\r\n ruby\r\n\r\n CVE-ID: CVE-2009-0161\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Ruby programs may accept revoked certificates\r\n\r\n Description: An incomplete error check exists in Ruby's use of the OpenSSL library. The OpenSSL::OCSP Ruby module may interpret an invalid response as an OCSP validation of the certificate. This update addresses the issue through improved error checking while verifying OCSP responses.\r\n\r\n *\r\n\r\n Safari\r\n\r\n CVE-ID: CVE-2009-0162\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "feed:" URL may lead to arbitrary code execution\r\n\r\n Description: Multiple input validation issues exist in Safari's handling of "feed:" URLs. Accessing a maliciously crafted "feed:" URL may lead to the execution of arbitrary JavaScript. This update addresses the issues by performing additional validation of "feed:" URLs. These issues do not affect systems prior to Mac OS X v10.5. Credit to Billy Rios of Microsoft Vulnerability Research (MSVR), and Alfredo Melloni for reporting these issues.\r\n\r\n *\r\n\r\n Spotlight\r\n\r\n CVE-ID: CVE-2009-0944\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in the Mac OS X Microsoft Office Spotlight Importer. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of Microsoft Office files.\r\n\r\n *\r\n\r\n system_cmds\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: The "login" command always runs the default shell with normal priority\r\n\r\n Description: The "login" command starts an interactive shell after a local user is authenticated. The priority level for the interactive shell is reset to the system default, which can cause the shell to run with an unexpectedly high priority. This update addresses the issue by respecting the priority setting of the calling process if the caller is the superuser or the user who was successfully logged in.\r\n\r\n *\r\n\r\n telnet\r\n\r\n CVE-ID: CVE-2009-0158\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in telnet command. Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2009-0945\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted website may lead to arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. For Mac OS X v10.4.11 and Mac OS X Server v10.4.11, updating to Safari 3.2.3 will address this issue. Credit to Nils working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2006-0747, CVE-2007-2754\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11\r\n\r\n Impact: Multiple vulnerabilities in FreeType v2.1.4\r\n\r\n Description: Multiple vulnerabilities exist in FreeType v2.1.4, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. This update addresses the issues by updating FreeType to version 2.3.8. Further information is available via the FreeType site at http://www.freetype.org/ The issues are already addressed in systems running Mac OS X v10.5.6.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2008-2383\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Displaying maliciously crafted data within an xterm terminal may lead to arbitrary code execution\r\n\r\n Description: The xterm program supports a command sequence known as DECRQSS that can be used to return information about the current terminal. The information returned is sent as terminal input similar to keyboard input by a user. Within an xterm terminal, displaying maliciously crafted data containing such sequences may result in command injection. This update addresses the issue by performing additional validation of the output data. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2008-1382, CVE-2009-0040\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in libpng version 1.2.26\r\n\r\n Description: Multiple vulnerabilities exist in libpng version 1.2.26, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating libpng to version 1.2.35. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html These issues do not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2009-0946\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in FreeType v2.3.8\r\n\r\n Description: Multiple integer overflows exist in FreeType v2.3.8, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds checking. Credit to Tavis Ormandy of the Google Security Team for reporting these issues.\r\n", "edition": 1, "cvss3": {}, "published": "2009-05-14T00:00:00", "title": "About the security content of Security Update 2009-002 / Mac OS X v10.5.7", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0150", "CVE-2009-0152", "CVE-2008-3652", "CVE-2008-3659", "CVE-2008-3655", "CVE-2008-2383", "CVE-2009-0010", "CVE-2009-0847", "CVE-2009-0946", "CVE-2009-0943", "CVE-2009-0844", "CVE-2008-2939", "CVE-2009-0021", "CVE-2009-0157", "CVE-2008-3530", "CVE-2009-0164", "CVE-2009-0114", "CVE-2008-2666", "CVE-2009-0162", "CVE-2009-0144", "CVE-2009-0846", "CVE-2009-0520", "CVE-2009-0040", "CVE-2007-2754", "CVE-2008-2371", "CVE-2008-3443", "CVE-2004-1185", "CVE-2004-1184", "CVE-2008-3658", "CVE-2009-0149", "CVE-2008-3660", "CVE-2009-0148", "CVE-2008-5077", "CVE-2008-3529", "CVE-2009-0156", "CVE-2009-0945", "CVE-2009-0159", "CVE-2009-0165", "CVE-2008-3657", "CVE-2006-0747", "CVE-2009-0944", "CVE-2008-2829", "CVE-2009-0147", "CVE-2008-3863", "CVE-2009-0519", "CVE-2009-0154", "CVE-2008-3651", "CVE-2009-0158", "CVE-2009-0145", "CVE-2008-4309", "CVE-2008-1382", "CVE-2009-0942", "CVE-2008-5557", "CVE-2009-0155", "CVE-2008-1517", "CVE-2009-0146", "CVE-2009-0160", "CVE-2008-0456", "CVE-2009-0025", "CVE-2008-3790", "CVE-2009-0161", "CVE-2009-0153", "CVE-2009-0845", "CVE-2004-1186", "CVE-2008-3656", "CVE-2008-2665"], "modified": "2009-05-14T00:00:00", "id": "SECURITYVULNS:DOC:21825", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21825", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-25T10:55:59", "description": "Check for the Version of libpng", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng FEDORA-2008-4910", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860364", "href": "http://plugins.openvas.org/nasl.php?oid=860364", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng FEDORA-2008-4910\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng package contains a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files. PNG\n is a bit-mapped graphics format similar to the GIF format. PNG was\n created to replace the GIF format, since GIF uses a patented data\n compression algorithm.\n\n Libpng should be installed if you need to manipulate PNG format image\n files.\";\n\ntag_affected = \"libpng on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00080.html\");\n script_id(860364);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4910\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Fedora Update for libpng FEDORA-2008-4910\");\n\n script_summary(\"Check for the Version of libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.29~1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:59", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for libpng", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65972", "href": "http://plugins.openvas.org/nasl.php?oid=65972", "sourceData": "#\n#VID slesp1-libpng-5181\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libpng\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65972);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for libpng\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.8~19.15\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.8~19.15\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:12", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Ports: png", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2016-09-28T00:00:00", "id": "OPENVAS:60887", "href": "http://plugins.openvas.org/nasl.php?oid=60887", "sourceData": "#\n#VID 57c705d6-12ae-11dd-bab7-0016179b2dd5\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: png\n\nCVE-2008-1382\nlibpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01\nthrough 1.4.0beta19 allows context-dependent attackers to cause a\ndenial of service (crash) and possibly execute arbitrary code via a\nPNG file with zero length 'unknown' chunks, which trigger an access of\nuninitialized memory.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/29792\nhttp://libpng.sourceforge.net/Advisory-1.2.26.txt\nhttp://www.vuxml.org/freebsd/57c705d6-12ae-11dd-bab7-0016179b2dd5.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60887);\n script_version(\"$Revision: 4164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-28 09:03:16 +0200 (Wed, 28 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-1382\");\n script_bugtraq_id(28770);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: png\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"png\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.2.27\")<0) {\n txt += 'Package png version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:37", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng-devel\n libpng\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023140 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for libpng", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065536", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065536", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5023140.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for libpng\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng-devel\n libpng\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023140 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65536\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for libpng\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.5~182.18\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:50", "description": "Check for the Version of libpng10", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng10 FEDORA-2008-9393", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860559", "href": "http://plugins.openvas.org/nasl.php?oid=860559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng10 FEDORA-2008-9393\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng10 package contains an old version of libpng, a library of functions\n for creating and manipulating PNG (Portable Network Graphics) image format\n files.\n\n This package is needed if you want to run binaries that were linked dynamically\n with libpng 1.0.x.\";\n\ntag_affected = \"libpng10 on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00327.html\");\n script_id(860559);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-9393\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Fedora Update for libpng10 FEDORA-2008-9393\");\n\n script_summary(\"Check for the Version of libpng10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.41~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:34", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for libpng", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065972", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065972", "sourceData": "#\n#VID slesp1-libpng-5181\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libpng\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65972\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for libpng\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.8~19.15\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.8~19.15\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:04", "description": "Check for the Version of libpng10", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng10 FEDORA-2008-9379", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860307", "href": "http://plugins.openvas.org/nasl.php?oid=860307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng10 FEDORA-2008-9379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng10 package contains an old version of libpng, a library of functions\n for creating and manipulating PNG (Portable Network Graphics) image format\n files.\n\n This package is needed if you want to run binaries that were linked dynamically\n with libpng 1.0.x.\";\n\ntag_affected = \"libpng10 on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00320.html\");\n script_id(860307);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-9379\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Fedora Update for libpng10 FEDORA-2008-9379\");\n\n script_summary(\"Check for the Version of libpng10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.41~1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-08T11:44:48", "description": "The remote host is probably affected by the vulnerabilities described in\nCVE-2008-1382\n\nImpact\n libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26,\n and 1.4.0beta01 through 1.4.0beta19 allows context-dependent\n attackers to cause a denial of service (crash) and possibly\n execute arbitrary code via a PNG file with zero length\n unknown chunks, which trigger an access of uninitialized\n memory.", "cvss3": {}, "published": "2008-09-03T00:00:00", "type": "openvas", "title": "libpng vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-12-07T00:00:00", "id": "OPENVAS:90021", "href": "http://plugins.openvas.org/nasl.php?oid=90021", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: libpng_CB-A08-0064.nasl 8023 2017-12-07 08:36:26Z teissa $\n# Description: libpng vulnerability\n#\n# Authors:\n# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>\n#\n# Copyright:\n# Copyright (C) 2008 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_summary = \"The remote host is probably affected by the vulnerabilities described in\nCVE-2008-1382\n\nImpact\n libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26,\n and 1.4.0beta01 through 1.4.0beta19 allows context-dependent\n attackers to cause a denial of service (crash) and possibly\n execute arbitrary code via a PNG file with zero length\n unknown chunks, which trigger an access of uninitialized\n memory.\";\n\ntag_solution = \"All users should upgrade to the latest libpng version of their Linux Distribution.\";\n\n# $Revision: 8023 $\n\nif(description)\n{\n\n script_id(90021);\n script_version(\"$Revision: 8023 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-03 22:30:27 +0200 (Wed, 03 Sep 2008)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2008-1382\");\n name = \"libpng vulnerability\";\n script_name(name);\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n family = \"General\";\n script_family(family);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n\n # This NVT is broken in many ways...\n script_tag(name:\"deprecated\", value:TRUE);\n\n exit(0);\n}\n\nexit( 66 );\n\ninclude(\"ssh_func.inc\");\ninclude(\"version_func.inc\");\n\nlocal_var r;\n\nsock = ssh_login_or_reuse_connection();\nif(!sock){\n exit(0);\n}\n\nr = find_bin(prog_name:\"libpng-config\", sock:sock);\nforeach binary_name (r) {\n binary_name = chomp(binary_name);\n ver = get_bin_version(full_prog_name:binary_name, version_argv:\"--version\", ver_pattern:\"^([0-9.]+)$\");\n if(ver != NULL) {\n if(version_is_less(version:ver[0], test_version:\"1.0.32\") ) {\n security_message(port:0);\n report = string(\"\\nFound : \") + binary_name + \" Version : \" + ver[max_index(ver)-1] + string(\"\\n\");\n security_message(port:0, data:report);\n } else {\n if(version_is_greater_equal(version:ver[0], test_version:\"1.2.0\") &&\n version_is_less(version:ver[0], test_version:\"1.2.27\") ) {\n security_message(port:0);\n report = string(\"\\nFound : \") + binary_name + \" Version : \" + ver[max_index(ver)-1] + string(\"\\n\");\n security_message(port:0, data:report);\n } else {\n if(version_is_equal(version:ver[0], test_version:\"1.4.0\") ) {\n ver = get_bin_version(full_prog_name:binary_name, version_argv:\"--version\", ver_pattern:\"(beta..)\");\n if(ver != NULL) {\n if(version_is_greater_equal(version:ver[0], test_version:\"beta01\") && \n version_is_less(version:ver[0], test_version:\"beta20\") ) {\n security_message(port:0);\n report = string(\"\\nFound : \") + binary_name + \" Version : \" + ver[max_index(ver)-1] + string(\"\\n\");\n security_message(port:0, data:report);\n }\n }\n }\n }\n }\n }\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:55", "description": "The remote host is missing updates announced in\nadvisory GLSA 200805-10.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200805-10 (pngcrush)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61044", "href": "http://plugins.openvas.org/nasl.php?oid=61044", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in Pngcrush might result in user-assisted execution of\narbitrary code.\";\ntag_solution = \"All Pngcrush users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/pngcrush-1.6.4-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200805-10\nhttp://bugs.gentoo.org/show_bug.cgi?id=219033\nhttp://www.gentoo.org/security/en/glsa/glsa-200804-15.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200805-10.\";\n\n \n\nif(description)\n{\n script_id(61044);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200805-10 (pngcrush)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-gfx/pngcrush\", unaffected: make_list(\"ge 1.6.4-r1\"), vulnerable: make_list(\"lt 1.6.4-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:44", "description": "Check for the Version of libpng", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for libpng MDVSA-2008:156 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libpng MDVSA-2008:156 (libpng)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tavis Ormandy of the Google Security Team discovered a flaw in how\n libpng handles zero-length unknown chunks in PNG files, which could\n lead to memory corruption in applications that make use of certain\n functions (CVE-2008-1382).\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"libpng on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-07/msg00044.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830430\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:156\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Mandriva Update for libpng MDVSA-2008:156 (libpng)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3-devel\", rpm:\"lib64png3-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3-static-devel\", rpm:\"lib64png3-static-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:26", "description": "The remote host is probably affected by the vulnerabilities described in\n CVE-2008-1382.", "cvss3": {}, "published": "2008-09-03T00:00:00", "type": "openvas", "title": "libpng 'CVE-2008-1382' Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2018-12-10T00:00:00", "id": "OPENVAS:136141256231090021", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231090021", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: libpng_CB-A08-0064.nasl 12727 2018-12-10 07:22:33Z cfischer $\n# Description: libpng vulnerability\n#\n# Authors:\n# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>\n#\n# Copyright:\n# Copyright (C) 2008 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nCPE = \"cpe:/a:libpng:libpng\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.90021\");\n script_version(\"$Revision: 12727 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-10 08:22:33 +0100 (Mon, 10 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-03 22:30:27 +0200 (Wed, 03 Sep 2008)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2008-1382\");\n script_name(\"libpng 'CVE-2008-1382' Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_libpng_detect_lin.nasl\");\n script_mandatory_keys(\"Libpng/Version\");\n\n script_tag(name:\"solution\", value:\"All users should upgrade to the latest libpng version of their Linux Distribution.\");\n\n script_tag(name:\"summary\", value:\"The remote host is probably affected by the vulnerabilities described in\n CVE-2008-1382.\");\n\n script_tag(name:\"impact\", value:\"libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26,\n and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a\n denial of service (crash) and possibly execute arbitrary code via a PNG file with\n zero length unknown chunks, which trigger an access of uninitialized memory.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos['version'];\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"1.0.6\", test_version2:\"1.0.32\" ) ||\n version_in_range( version:vers, test_version:\"1.2.0\", test_version2:\"1.2.26\" ) ||\n version_in_range( version:vers, test_version:\"1.4.0beta01\", test_version2:\"1.4.0beta19\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"See references\", install_path:path );\n security_message( port:0, data:report );\n}\n\nexit( 0 );", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:56:56", "description": "Check for the Version of libpng10", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng10 FEDORA-2008-3683", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860332", "href": "http://plugins.openvas.org/nasl.php?oid=860332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng10 FEDORA-2008-3683\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng10 package contains an old version of libpng, a library of functions\n for creating and manipulating PNG (Portable Network Graphics) image format\n files.\n\n This package is needed if you want to run binaries that were linked dynamically\n with libpng 1.0.x.\";\n\ntag_affected = \"libpng10 on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00721.html\");\n script_id(860332);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:43:56 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-3683\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Fedora Update for libpng10 FEDORA-2008-3683\");\n\n script_summary(\"Check for the Version of libpng10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.37~1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:53", "description": "Check for the Version of libpng", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng FEDORA-2008-4847", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860317", "href": "http://plugins.openvas.org/nasl.php?oid=860317", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng FEDORA-2008-4847\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng package contains a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files. PNG\n is a bit-mapped graphics format similar to the GIF format. PNG was\n created to replace the GIF format, since GIF uses a patented data\n compression algorithm.\n\n Libpng should be installed if you need to manipulate PNG format image\n files.\";\n\ntag_affected = \"libpng on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00033.html\");\n script_id(860317);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4847\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Fedora Update for libpng FEDORA-2008-4847\");\n\n script_summary(\"Check for the Version of libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.29~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:49", "description": "Check for the Version of libpng10", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng10 FEDORA-2008-3937", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860725", "href": "http://plugins.openvas.org/nasl.php?oid=860725", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng10 FEDORA-2008-3937\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng10 package contains an old version of libpng, a library of functions\n for creating and manipulating PNG (Portable Network Graphics) image format\n files.\n\n This package is needed if you want to run binaries that were linked dynamically\n with libpng 1.0.x.\";\n\ntag_affected = \"libpng10 on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00960.html\");\n script_id(860725);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:43:56 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-3937\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Fedora Update for libpng10 FEDORA-2008-3937\");\n\n script_summary(\"Check for the Version of libpng10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.37~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:28", "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-119-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2008-119-01 libpng", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60875", "href": "http://plugins.openvas.org/nasl.php?oid=60875", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_119_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\n10.2, 11.0, 12.0, and -current to fix a security issue.\n\nAdditional information can be found in the libpng source, or in this\nfile on the libpng FTP site:\n\nftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-119-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-119-01\";\n \nif(description)\n{\n script_id(60875);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-119-01 libpng \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:20", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng-devel\n libpng\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023140 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for libpng", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65536", "href": "http://plugins.openvas.org/nasl.php?oid=65536", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5023140.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for libpng\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng-devel\n libpng\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023140 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65536);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for libpng\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.5~182.18\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:34", "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-119-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2008-119-01 libpng", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2019-04-29T00:00:00", "id": "OPENVAS:136141256231060875", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231060875", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.60875\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"2019-04-29 15:08:03 +0000 (Mon, 29 Apr 2019)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"2019-04-29T15:08:03+0000\");\n script_name(\"Slackware Advisory SSA:2008-119-01 libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-119-01\");\n script_xref(name:\"URL\", value:\"ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt\");\n\n script_tag(name:\"insight\", value:\"New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\n10.2, 11.0, 12.0, and -current to fix a security issue.\n\nAdditional information can be found in the libpng source, or in the referenced\nfile on the libpng FTP site.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2008-119-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"libpng\", ver:\"1.2.27-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:57:12", "description": "Check for the Version of libpng", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for libpng MDVSA-2008:156 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830430", "href": "http://plugins.openvas.org/nasl.php?oid=830430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libpng MDVSA-2008:156 (libpng)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tavis Ormandy of the Google Security Team discovered a flaw in how\n libpng handles zero-length unknown chunks in PNG files, which could\n lead to memory corruption in applications that make use of certain\n functions (CVE-2008-1382).\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"libpng on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-07/msg00044.php\");\n script_id(830430);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:156\");\n script_cve_id(\"CVE-2008-1382\");\n script_name( \"Mandriva Update for libpng MDVSA-2008:156 (libpng)\");\n\n script_summary(\"Check for the Version of libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3-devel\", rpm:\"lib64png3-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3-static-devel\", rpm:\"lib64png3-static-devel~1.2.13~2.3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.22~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.25~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:17", "description": "The remote host is missing updates announced in\nadvisory GLSA 200804-15.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200804-15 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60815", "href": "http://plugins.openvas.org/nasl.php?oid=60815", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in libpng may allow for execution of arbitrary code in\ncertain applications that handle untrusted images.\";\ntag_solution = \"All libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.26-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200804-15\nhttp://bugs.gentoo.org/show_bug.cgi?id=217047\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200804-15.\";\n\n \n\nif(description)\n{\n script_id(60815);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200804-15 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/libpng\", unaffected: make_list(\"ge 1.2.26-r1\"), vulnerable: make_list(\"lt 1.2.26-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:39", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0333.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\nunknown chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.", "cvss3": {}, "published": "2009-03-07T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0333", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063476", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0333.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0333 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0333.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\nunknown chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63476\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0333\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0333.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.0.14~12\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.0.14~12\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.7~3.el4_7.2\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.7~3.el4_7.2\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.7~3.el4_7.2\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.16~3.el4_7.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-debuginfo\", rpm:\"libpng10-debuginfo~1.0.16~3.el4_7.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.16~3.el4_7.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.10~7.1.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.10~7.1.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.10~7.1.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:46", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0333.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\nunknown chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.", "cvss3": {}, "published": "2009-03-07T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0333", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63476", "href": "http://plugins.openvas.org/nasl.php?oid=63476", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0333.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0333 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0333.\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\nunknown chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63476);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0333\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0333.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.0.14~12\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.0.14~12\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.7~3.el4_7.2\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.7~3.el4_7.2\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.7~3.el4_7.2\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.16~3.el4_7.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-debuginfo\", rpm:\"libpng10-debuginfo~1.0.16~3.el4_7.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.16~3.el4_7.3\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.10~7.1.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.10~7.1.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.10~7.1.el5_3.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:25", "description": "The remote host is missing an update to libpng10\nannounced via advisory FEDORA-2009-2045.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-2045 (libpng10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63530", "href": "http://plugins.openvas.org/nasl.php?oid=63530", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2045.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2045 (libpng10)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis release fixes a vulnerability in which some arrays of pointers are not\ninitialized prior to using malloc to define the pointers. If the application\nruns out of memory while executing the allocation loop (which can be forced by\nmalevolent input), libpng10 will jump to a cleanup process that attempts to free\nall of the pointers, including the undefined ones. This issue has been\nassigned CVE-2009-0040\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libpng10' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2045\";\ntag_summary = \"The remote host is missing an update to libpng10\nannounced via advisory FEDORA-2009-2045.\";\n\n\n\nif(description)\n{\n script_id(63530);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2009-0040\", \"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-2045 (libpng10)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486355\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.43~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.43~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-debuginfo\", rpm:\"libpng10-debuginfo~1.0.43~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for libpng10 CESA-2009:0333 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880888", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880888", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libpng10 CESA-2009:0333 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015812.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880888\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0333\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_name(\"CentOS Update for libpng10 CESA-2009:0333 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpng10'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"libpng10 on CentOS 4\");\n script_tag(name:\"insight\", value:\"The libpng packages contain a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files.\n\n A flaw was discovered in libpng that could result in libpng trying to\n free() random memory if certain, unlikely error conditions occurred. If a\n carefully-crafted PNG file was loaded by an application linked against\n libpng, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-0040)\n\n A flaw was discovered in the way libpng handled PNG images containing\n 'unknown' chunks. If an application linked against libpng attempted to\n process a malformed, unknown chunk in a malicious PNG image, it could cause\n the application to crash. (CVE-2008-1382)\n\n Users of libpng and libpng10 should upgrade to these updated packages,\n which contain backported patches to correct these issues. All running\n applications using libpng or libpng10 must be restarted for the update to\n take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:56:44", "description": "The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0333 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63901", "href": "http://plugins.openvas.org/nasl.php?oid=63901", "sourceData": "#CESA-2009:0333 63901 4\n# $Id: ovcesa2009_0333.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0333 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0333\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0333\nhttps://rhn.redhat.com/errata/RHSA-2009-0333.html\";\ntag_summary = \"The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333.\";\n\n\n\nif(description)\n{\n script_id(63901);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0333 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:06", "description": "The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-2128.", "cvss3": {}, "published": "2009-03-02T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-2128 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63463", "href": "http://plugins.openvas.org/nasl.php?oid=63463", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2128.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2128 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFixes CVE-2009-0040\n\nChangeLog:\n\n* Wed Feb 25 2009 Tom Lane 2:1.2.35-1\n- Update to libpng 1.2.35, to fix CVE-2009-0040\n\nRelated: #441839\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libpng' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2128\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-2128.\";\n\n\n\nif(description)\n{\n script_id(63463);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2009-0040\", \"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-2128 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486355\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static\", rpm:\"libpng-static~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:46", "description": "Oracle Linux Local Security Checks ELSA-2009-0333", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0333", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122514", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122514", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0333.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122514\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:05 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0333\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0333 - libpng security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0333\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0333.html\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.10~7.1.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.10~7.1.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for libpng CESA-2009:0333-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880903", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libpng CESA-2009:0333-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-March/015674.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880903\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0333-01\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_name(\"CentOS Update for libpng CESA-2009:0333-01 centos2 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpng'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS2\");\n script_tag(name:\"affected\", value:\"libpng on CentOS 2\");\n script_tag(name:\"insight\", value:\"The libpng packages contain a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files.\n\n A flaw was discovered in libpng that could result in libpng trying to\n free() random memory if certain, unlikely error conditions occurred. If a\n carefully-crafted PNG file was loaded by an application linked against\n libpng, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-0040)\n\n A flaw was discovered in the way libpng handled PNG images containing\n 'unknown' chunks. If an application linked against libpng attempted to\n process a malformed, unknown chunk in a malicious PNG image, it could cause\n the application to crash. (CVE-2008-1382)\n\n Users of libpng and libpng10 should upgrade to these updated packages,\n which contain backported patches to correct these issues. All running\n applications using libpng or libpng10 must be restarted for the update to\n take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.0.14~12\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.0.14~12\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:51", "description": "Check for the Version of libpng10", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for libpng10 CESA-2009:0333 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880888", "href": "http://plugins.openvas.org/nasl.php?oid=880888", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libpng10 CESA-2009:0333 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng packages contain a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files.\n\n A flaw was discovered in libpng that could result in libpng trying to\n free() random memory if certain, unlikely error conditions occurred. If a\n carefully-crafted PNG file was loaded by an application linked against\n libpng, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-0040)\n \n A flaw was discovered in the way libpng handled PNG images containing\n "unknown" chunks. If an application linked against libpng attempted to\n process a malformed, unknown chunk in a malicious PNG image, it could cause\n the application to crash. (CVE-2008-1382)\n \n Users of libpng and libpng10 should upgrade to these updated packages,\n which contain backported patches to correct these issues. All running\n applications using libpng or libpng10 must be restarted for the update to\n take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"libpng10 on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015812.html\");\n script_id(880888);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0333\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_name(\"CentOS Update for libpng10 CESA-2009:0333 centos4 i386\");\n\n script_summary(\"Check for the Version of libpng10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:49", "description": "Check for the Version of libpng", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for libpng CESA-2009:0333-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880903", "href": "http://plugins.openvas.org/nasl.php?oid=880903", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libpng CESA-2009:0333-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng packages contain a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files.\n\n A flaw was discovered in libpng that could result in libpng trying to\n free() random memory if certain, unlikely error conditions occurred. If a\n carefully-crafted PNG file was loaded by an application linked against\n libpng, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-0040)\n \n A flaw was discovered in the way libpng handled PNG images containing\n "unknown" chunks. If an application linked against libpng attempted to\n process a malformed, unknown chunk in a malicious PNG image, it could cause\n the application to crash. (CVE-2008-1382)\n \n Users of libpng and libpng10 should upgrade to these updated packages,\n which contain backported patches to correct these issues. All running\n applications using libpng or libpng10 must be restarted for the update to\n take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"libpng on CentOS 2\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-March/015674.html\");\n script_id(880903);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0333-01\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_name(\"CentOS Update for libpng CESA-2009:0333-01 centos2 i386\");\n\n script_summary(\"Check for the Version of libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.0.14~12\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.0.14~12\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:55", "description": "The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333-01.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0333-01 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63567", "href": "http://plugins.openvas.org/nasl.php?oid=63567", "sourceData": "#CESA-2009:0333-01 63567 1\n# $Id: ovcesa2009_0333_01.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0333-01 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0333-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0333\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333-01.\";\n\n\n\nif(description)\n{\n script_id(63567);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0333-01 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.0.14~12\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.0.14~12\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:19", "description": "The remote host is missing an update to libpng10\nannounced via advisory FEDORA-2009-2045.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-2045 (libpng10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063530", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063530", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2045.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2045 (libpng10)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis release fixes a vulnerability in which some arrays of pointers are not\ninitialized prior to using malloc to define the pointers. If the application\nruns out of memory while executing the allocation loop (which can be forced by\nmalevolent input), libpng10 will jump to a cleanup process that attempts to free\nall of the pointers, including the undefined ones. This issue has been\nassigned CVE-2009-0040\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libpng10' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2045\";\ntag_summary = \"The remote host is missing an update to libpng10\nannounced via advisory FEDORA-2009-2045.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63530\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2009-0040\", \"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-2045 (libpng10)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486355\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.43~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.43~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-debuginfo\", rpm:\"libpng10-debuginfo~1.0.43~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:47", "description": "The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333-01.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0333-01 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063567", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063567", "sourceData": "#CESA-2009:0333-01 63567 1\n# $Id: ovcesa2009_0333_01.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0333-01 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0333-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0333\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333-01.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63567\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0333-01 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.0.14~12\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.0.14~12\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:16", "description": "The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-2128.", "cvss3": {}, "published": "2009-03-02T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-2128 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063463", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063463", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2128.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2128 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFixes CVE-2009-0040\n\nChangeLog:\n\n* Wed Feb 25 2009 Tom Lane 2:1.2.35-1\n- Update to libpng 1.2.35, to fix CVE-2009-0040\n\nRelated: #441839\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libpng' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2128\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-2128.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63463\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2009-0040\", \"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-2128 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=486355\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static\", rpm:\"libpng-static~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.35~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:13", "description": "The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0333 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063901", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063901", "sourceData": "#CESA-2009:0333 63901 4\n# $Id: ovcesa2009_0333.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0333 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0333\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0333\nhttps://rhn.redhat.com/errata/RHSA-2009-0333.html\";\ntag_summary = \"The remote host is missing updates to libpng announced in\nadvisory CESA-2009:0333.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63901\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0333 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng10-devel\", rpm:\"libpng10-devel~1.0.16~3.el4_7.3\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.7~3.el4_7.2\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:49", "description": "The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-6603.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-6603 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2009-2042", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64244", "href": "http://plugins.openvas.org/nasl.php?oid=64244", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_6603.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-6603 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng package contains a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files. PNG\nis a bit-mapped graphics format similar to the GIF format. PNG was\ncreated to replace the GIF format, since GIF uses a patented data\ncompression algorithm.\n\nLibpng should be installed if you need to manipulate PNG format image\nfiles.\n\nUpdate Information:\n\nUpdate to libpng 1.2.37, to fix CVE-2009-2042. This is a pretty low-risk issue,\nbut it's been classified as a security issue...\n\nChangeLog:\n\n* Sat Jun 13 2009 Tom Lane 2:1.2.37-1\n- Update to libpng 1.2.37, to fix CVE-2009-2042\nRelated: #504782\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libpng' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-6603\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-6603.\";\n\n\n\nif(description)\n{\n script_id(64244);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-2042\", \"CVE-2009-0040\", \"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-6603 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504782\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static\", rpm:\"libpng-static~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:48", "description": "Check for the Version of libpng", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng FEDORA-2008-4947", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5269", "CVE-2007-2445", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860682", "href": "http://plugins.openvas.org/nasl.php?oid=860682", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng FEDORA-2008-4947\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng package contains a library of functions for creating and\n manipulating PNG (Portable Network Graphics) image format files. PNG\n is a bit-mapped graphics format similar to the GIF format. PNG was\n created to replace the GIF format, since GIF uses a patented data\n compression algorithm.\n\n Libpng should be installed if you need to manipulate PNG format image\n files.\";\n\ntag_affected = \"libpng on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00111.html\");\n script_id(860682);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4947\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2007-5269\", \"CVE-2007-2445\");\n script_name( \"Fedora Update for libpng FEDORA-2008-4947\");\n\n script_summary(\"Check for the Version of libpng\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.29~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:10", "description": "Check for the Version of libpng10", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for libpng10 FEDORA-2008-3979", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5269", "CVE-2007-2445", "CVE-2008-1382"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860414", "href": "http://plugins.openvas.org/nasl.php?oid=860414", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libpng10 FEDORA-2008-3979\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng10 package contains an old version of libpng, a library of functions\n for creating and manipulating PNG (Portable Network Graphics) image format\n files.\n\n This package is needed if you want to run binaries that were linked dynamically\n with libpng 1.0.x.\";\n\ntag_affected = \"libpng10 on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00951.html\");\n script_id(860414);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:43:56 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-3979\");\n script_cve_id(\"CVE-2008-1382\", \"CVE-2007-5269\", \"CVE-2007-2445\");\n script_name( \"Fedora Update for libpng10 FEDORA-2008-3979\");\n\n script_summary(\"Check for the Version of libpng10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpng10\", rpm:\"libpng10~1.0.37~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:31", "description": "The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-6603.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-6603 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2009-2042", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064244", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064244", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_6603.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-6603 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libpng package contains a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files. PNG\nis a bit-mapped graphics format similar to the GIF format. PNG was\ncreated to replace the GIF format, since GIF uses a patented data\ncompression algorithm.\n\nLibpng should be installed if you need to manipulate PNG format image\nfiles.\n\nUpdate Information:\n\nUpdate to libpng 1.2.37, to fix CVE-2009-2042. This is a pretty low-risk issue,\nbut it's been classified as a security issue...\n\nChangeLog:\n\n* Sat Jun 13 2009 Tom Lane 2:1.2.37-1\n- Update to libpng 1.2.37, to fix CVE-2009-2042\nRelated: #504782\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libpng' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-6603\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory FEDORA-2009-6603.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64244\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-2042\", \"CVE-2009-0040\", \"CVE-2008-1382\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-6603 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504782\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static\", rpm:\"libpng-static~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-debuginfo\", rpm:\"libpng-debuginfo~1.2.37~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:11", "description": "The remote host is missing updates announced in\nadvisory GLSA 200812-15.", "cvss3": {}, "published": "2008-12-23T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200812-15 (povray)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3334", "CVE-2006-0481", "CVE-2004-0768", "CVE-2008-3964", "CVE-2008-1382"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:62964", "href": "http://plugins.openvas.org/nasl.php?oid=62964", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"POV-Ray includes a version of libpng that might allow for the execution of\narbitrary code when reading a specially crafted PNG file\";\ntag_solution = \"All POV-Ray users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/povray-3.6.1-r4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200812-15\nhttp://bugs.gentoo.org/show_bug.cgi?id=153538\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200812-15.\";\n\n \n \n\nif(description)\n{\n script_id(62964);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-23 18:28:16 +0100 (Tue, 23 Dec 2008)\");\n script_cve_id(\"CVE-2004-0768\", \"CVE-2006-0481\", \"CVE-2006-3334\", \"CVE-2008-1382\", \"CVE-2008-3964\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200812-15 (povray)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-gfx/povray\", unaffected: make_list(\"ge 3.6.1-r4\"), vulnerable: make_list(\"lt 3.6.1-r4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:30:12", "description": "The remote host is missing an update to libpng\nannounced via advisory USN-730-1.", "cvss3": {}, "published": "2009-03-07T00:00:00", "type": "openvas", "title": "Ubuntu USN-730-1 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5907", "CVE-2009-0040", "CVE-2007-5269", "CVE-2007-5268", "CVE-2008-3964", "CVE-2008-1382"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:63513", "href": "http://plugins.openvas.org/nasl.php?oid=63513", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_730_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_730_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-730-1 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.4\n\nUbuntu 7.10:\n libpng12-0 1.2.15~beta5-2ubuntu0.2\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.1\n\nUbuntu 8.10:\n libpng12-0 1.2.27-1ubuntu0.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-730-1\";\n\ntag_insight = \"It was discovered that libpng did not properly perform bounds checking in\ncertain operations. An attacker could send a specially crafted PNG image and\ncause a denial of service in applications linked against libpng. This issue\nonly affected Ubuntu 8.04 LTS. (CVE-2007-5268, CVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize memory. If a\nuser or automated system were tricked into opening a crafted PNG image, an\nattacker could cause a denial of service via application crash, or possibly\nexecute arbitrary code with the privileges of the user invoking the program.\nThis issue did not affect Ubuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker could\ncould cause an application crash in programs using pngtest. (CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a keyword\nstring. An attacker could exploit this to set arbitrary memory locations to\nzero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly initialize\npointers. If a user or automated system were tricked into opening a crafted PNG\nfile, an attacker could cause a denial of service or possibly execute arbitrary\ncode with the privileges of the user invoking the program. (CVE-2009-0040)\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory USN-730-1.\";\n\n \n\n\nif(description)\n{\n script_id(63513);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2008-5907\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu USN-730-1 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-730-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.8rel-5ubuntu0.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.8rel-5ubuntu0.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.8rel-5ubuntu0.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.15~beta5-2ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.15~beta5-2ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.15~beta5-2ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.15~beta5-3ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.15~beta5-3ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.15~beta5-3ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.27-1ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.27-1ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.27-1ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:59", "description": "The remote host is missing an update to libpng\nannounced via advisory DSA 1750-1.", "cvss3": {}, "published": "2009-03-31T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1750-1 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-6218", "CVE-2008-5907", "CVE-2009-0040", "CVE-2007-5269", "CVE-2007-2445", "CVE-2008-1382"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63682", "href": "http://plugins.openvas.org/nasl.php?oid=63682", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1750_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1750-1 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nThe png_handle_tRNS function allows attackers to cause a denial of\nservice (application crash) via a grayscale PNG image with a bad tRNS\nchunk CRC value. (CVE-2007-2445)\n\nCertain chunk handlers allow attackers to cause a denial of service\n(crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG\nimages, which trigger out-of-bounds read operations. (CVE-2007-5269)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(crash) and possibly execute arbitrary code via a PNG file with zero\nlength unknown chunks, which trigger an access of uninitialized\nmemory. (CVE-2008-1382)\n\nThe png_check_keyword might allow context-dependent attackers to set the\nvalue of an arbitrary memory location to zero via vectors involving\ncreation of crafted PNG files with keywords. (CVE-2008-5907)\n\nA memory leak in the png_handle_tEXt function allows context-dependent\nattackers to cause a denial of service (memory exhaustion) via a crafted\nPNG file. (CVE-2008-6218)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(application crash) or possibly execute arbitrary code via a crafted PNG\nfile that triggers a free of an uninitialized pointer in (1) the\npng_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit\ngamma tables. (CVE-2009-0040)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.35-1.\n\nWe recommend that you upgrade your libpng packages.\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory DSA 1750-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201750-1\";\n\n\nif(description)\n{\n script_id(63682);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1750-1 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:06", "description": "The remote host is missing an update to libpng\nannounced via advisory DSA 1750-1.", "cvss3": {}, "published": "2009-03-31T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1750-1 (libpng)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-6218", "CVE-2008-5907", "CVE-2009-0040", "CVE-2007-5269", "CVE-2007-2445", "CVE-2008-1382"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063682", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063682", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1750_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1750-1 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nThe png_handle_tRNS function allows attackers to cause a denial of\nservice (application crash) via a grayscale PNG image with a bad tRNS\nchunk CRC value. (CVE-2007-2445)\n\nCertain chunk handlers allow attackers to cause a denial of service\n(crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG\nimages, which trigger out-of-bounds read operations. (CVE-2007-5269)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(crash) and possibly execute arbitrary code via a PNG file with zero\nlength unknown chunks, which trigger an access of uninitialized\nmemory. (CVE-2008-1382)\n\nThe png_check_keyword might allow context-dependent attackers to set the\nvalue of an arbitrary memory location to zero via vectors involving\ncreation of crafted PNG files with keywords. (CVE-2008-5907)\n\nA memory leak in the png_handle_tEXt function allows context-dependent\nattackers to cause a denial of service (memory exhaustion) via a crafted\nPNG file. (CVE-2008-6218)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(application crash) or possibly execute arbitrary code via a crafted PNG\nfile that triggers a free of an uninitialized pointer in (1) the\npng_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit\ngamma tables. (CVE-2009-0040)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.35-1.\n\nWe recommend that you upgrade your libpng packages.\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory DSA 1750-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201750-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63682\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1750-1 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:35", "description": "Gentoo Linux Local Security Checks GLSA 201412-08", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2060", "CVE-2009-4411", "CVE-2008-0553", "CVE-2009-0946", "CVE-2010-1511", "CVE-2009-0361", "CVE-2008-6218", "CVE-2008-5907", "CVE-2010-0436", "CVE-2010-1205", "CVE-2007-2741", "CVE-2010-0829", "CVE-2009-4896", "CVE-2010-2945", "CVE-2010-2809", "CVE-2009-0040", "CVE-2010-2192", "CVE-2010-2056", "CVE-2009-2042", "CVE-2010-0001", "CVE-2008-6661", "CVE-2010-2529", "CVE-2009-4029", "CVE-2006-3005", "CVE-2010-2251", "CVE-2009-0360", "CVE-2010-0732", "CVE-2008-1382", "CVE-2009-3736", "CVE-2010-1000", "CVE-2009-2624"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121294", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121294", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-08.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121294\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:04 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-08\");\n script_tag(name:\"insight\", value:\"Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-08\");\n script_cve_id(\"CVE-2006-3005\", \"CVE-2007-2741\", \"CVE-2008-0553\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2008-6661\", \"CVE-2009-0040\", \"CVE-2009-0360\", \"CVE-2009-0361\", \"CVE-2009-0946\", \"CVE-2009-2042\", \"CVE-2009-2624\", \"CVE-2009-3736\", \"CVE-2009-4029\", \"CVE-2009-4411\", \"CVE-2009-4896\", \"CVE-2010-0001\", \"CVE-2010-0436\", \"CVE-2010-0732\", \"CVE-2010-0829\", \"CVE-2010-1000\", \"CVE-2010-1205\", \"CVE-2010-1511\", \"CVE-2010-2056\", \"CVE-2010-2060\", \"CVE-2010-2192\", \"CVE-2010-2251\", \"CVE-2010-2529\", \"CVE-2010-2809\", \"CVE-2010-2945\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-08\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-util/insight\", unaffected: make_list(\"ge 6.7.1-r1\"), vulnerable: make_list(\"lt 6.7.1-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-perl/perl-tk\", unaffected: make_list(\"ge 804.028-r2\"), vulnerable: make_list(\"lt 804.028-r2\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-util/sourcenav\", unaffected: make_list(\"ge 5.1.4\"), vulnerable: make_list(\"lt 5.1.4\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/tk\", unaffected: make_list(\"ge 8.4.18-r1\"), vulnerable: make_list(\"lt 8.4.18-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"sys-block/partimage\", unaffected: make_list(\"ge 0.6.8\"), vulnerable: make_list(\"lt 0.6.8\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-antivirus/bitdefender-console\", unaffected: make_list(), vulnerable: make_list(\"lt 7.1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"net-mail/mlmmj\", unaffected: make_list(\"ge 1.2.17.1\"), vulnerable: make_list(\"lt 1.2.17.1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"sys-apps/acl\", unaffected: make_list(\"ge 2.2.49\"), vulnerable: make_list(\"lt 2.2.49\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"x11-apps/xinit\", unaffected: make_list(\"ge 1.2.0-r4\"), vulnerable: make_list(\"lt 1.2.0-r4\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-arch/gzip\", unaffected: make_list(\"ge 1.4\"), vulnerable: make_list(\"lt 1.4\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-arch/ncompress\", unaffected: make_list(\"ge 4.2.4.3\"), vulnerable: make_list(\"lt 4.2.4.3\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/liblzw\", unaffected: make_list(\"ge 0.2\"), vulnerable: make_list(\"lt 0.2\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"media-gfx/splashutils\", unaffected: make_list(\"ge 1.5.4.3-r3\"), vulnerable: make_list(\"lt 1.5.4.3-r3\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"sys-devel/m4\", unaffected: make_list(\"ge 1.4.14-r1\"), vulnerable: make_list(\"lt 1.4.14-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"kde-base/kdm\", unaffected: make_list(\"ge 4.3.5-r1\"), vulnerable: make_list(\"lt 4.3.5-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"x11-libs/gtk+\", unaffected: make_list(\"ge 2.18.7\"), vulnerable: make_list(\"lt 2.18.7\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"kde-base/kget\", unaffected: make_list(\"ge 4.3.5-r1\"), vulnerable: make_list(\"lt 4.3.5-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-text/dvipng\", unaffected: make_list(\"ge 1.13\"), vulnerable: make_list(\"lt 1.13\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-misc/beanstalkd\", unaffected: make_list(\"ge 1.4.6\"), vulnerable: make_list(\"lt 1.4.6\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"sys-apps/pmount\", unaffected: make_list(\"ge 0.9.23\"), vulnerable: make_list(\"lt 0.9.23\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"sys-auth/pam_krb5\", unaffected: make_list(\"ge 4.3\"), vulnerable: make_list(\"lt 4.3\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-text/gv\", unaffected: make_list(\"ge 3.7.1\"), vulnerable: make_list(\"lt 3.7.1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"net-ftp/lftp\", unaffected: make_list(\"ge 4.0.6\"), vulnerable: make_list(\"lt 4.0.6\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/uzbl\", unaffected: make_list(\"ge 2010.08.05\"), vulnerable: make_list(\"lt 2010.08.05\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"x11-misc/slim\", unaffected: make_list(\"ge 1.3.2\"), vulnerable: make_list(\"lt 1.3.2\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"net-misc/iputils\", unaffected: make_list(\"ge 20100418\"), vulnerable: make_list(\"lt 20100418\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"media-tv/dvbstreamer\", unaffected: make_list(\"ge 1.1-r1\"), vulnerable: make_list(\"lt 1.1-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:40:05", "description": "The remote host is missing Mac OS X 10.5.5 Update / Security Update 2008-006.", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X 10.5.5 Update / Security Update 2008-006", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3619", "CVE-2008-3613", "CVE-2008-1836", "CVE-2008-2312", "CVE-2008-3215", "CVE-2008-2332", "CVE-2008-1387", "CVE-2008-1447", "CVE-2008-1100", "CVE-2008-1835", "CVE-2008-3618", "CVE-2008-1657", "CVE-2008-2713", "CVE-2008-1483", "CVE-2008-3609", "CVE-2008-3608", "CVE-2008-2376", "CVE-2008-3617", "CVE-2008-1837", "CVE-2008-3616", "CVE-2008-2327", "CVE-2008-2329", "CVE-2008-3622", "CVE-2008-2331", "CVE-2008-3614", "CVE-2008-0314", "CVE-2008-1382", "CVE-2008-3621", "CVE-2008-3611", "CVE-2008-3610", "CVE-2008-1833", "CVE-2008-2305", "CVE-2008-2330"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310102033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310102033", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n# $Id: macosx_upd_10_5_5_secupd_2008-006.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X 10.5.5 Update / Security Update 2008-006\n#\n# LSS-NVT-2010-022\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.102033\");\n script_version(\"$Revision: 14307 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2008-2305\", \"CVE-2008-1100\", \"CVE-2008-1387\", \"CVE-2008-0314\", \"CVE-2008-1833\",\n \"CVE-2008-1835\", \"CVE-2008-1836\", \"CVE-2008-1837\", \"CVE-2008-2713\", \"CVE-2008-3215\",\n \"CVE-2008-2329\", \"CVE-2008-2330\", \"CVE-2008-2331\", \"CVE-2008-3613\", \"CVE-2008-2327\",\n \"CVE-2008-2332\", \"CVE-2008-3608\", \"CVE-2008-1382\", \"CVE-2008-3609\", \"CVE-2008-1447\",\n \"CVE-2008-3610\", \"CVE-2008-3611\", \"CVE-2008-1483\", \"CVE-2008-1657\", \"CVE-2008-3614\",\n \"CVE-2008-2376\", \"CVE-2008-3616\", \"CVE-2008-2312\", \"CVE-2008-3617\", \"CVE-2008-3618\",\n \"CVE-2008-3619\", \"CVE-2008-3621\", \"CVE-2008-3622\");\n script_name(\"Mac OS X 10.5.5 Update / Security Update 2008-006\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[45]\\.\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT3137\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing Mac OS X 10.5.5 Update / Security Update 2008-006.\");\n\n script_tag(name:\"affected\", value:\"One or more of the following components are affected:\n\n ATS\n\n BIND\n\n ClamAV\n\n Directory Services\n\n Finder\n\n ImageIO\n\n Kernel\n\n libresolv\n\n Login Window\n\n mDNSResponder\n\n OpenSSH\n\n QuickDraw Manager\n\n Ruby\n\n SearchKit\n\n System Configuration\n\n System Preferences\n\n Time Machine\n\n VideoConference\n\n Wiki Server\");\n\n script_tag(name:\"solution\", value:\"Update your Mac OS X operating system. Please see the references for more information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver || ssh_osx_ver !~ \"^10\\.[45]\\.\") exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\",\"Mac OS X 10.5.4\",\"Mac OS X Server 10.5.4\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.006\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.006\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.4\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.5\")) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0); }\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.4\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.5\")) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0); }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:49", "description": "The remote host is missing Mac OS X 10.5.5 Update / Security Update 2008-006.\n One or more of the following components are affected:\n\n ATS\n BIND\n ClamAV\n Directory Services\n Finder\n ImageIO\n Kernel\n libresolv\n Login Window\n mDNSResponder\n OpenSSH\n QuickDraw Manager\n Ruby\n SearchKit\n System Configuration\n System Preferences\n Time Machine\n VideoConference\n Wiki Server", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X 10.5.5 Update / Security Update 2008-006", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3619", "CVE-2008-3613", "CVE-2008-1836", "CVE-2008-2312", "CVE-2008-3215", "CVE-2008-2332", "CVE-2008-1387", "CVE-2008-1447", "CVE-2008-1100", "CVE-2008-1835", "CVE-2008-3618", "CVE-2008-1657", "CVE-2008-2713", "CVE-2008-1483", "CVE-2008-3609", "CVE-2008-3608", "CVE-2008-2376", "CVE-2008-3617", "CVE-2008-1837", "CVE-2008-3616", "CVE-2008-2327", "CVE-2008-2329", "CVE-2008-3622", "CVE-2008-2331", "CVE-2008-3614", "CVE-2008-0314", "CVE-2008-1382", "CVE-2008-3621", "CVE-2008-3611", "CVE-2008-3610", "CVE-2008-1833", "CVE-2008-2305", "CVE-2008-2330"], "modified": "2017-02-22T00:00:00", "id": "OPENVAS:102033", "href": "http://plugins.openvas.org/nasl.php?oid=102033", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X 10.5.5 Update / Security Update 2008-006\n#\n# LSS-NVT-2010-022\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\ntag_solution = \"Update your Mac OS X operating system.\n\n For more information see:\n http://support.apple.com/kb/HT3137\";\n\ntag_summary = \"The remote host is missing Mac OS X 10.5.5 Update / Security Update 2008-006.\n One or more of the following components are affected:\n\n ATS\n BIND\n ClamAV\n Directory Services\n Finder\n ImageIO\n Kernel\n libresolv\n Login Window\n mDNSResponder\n OpenSSH\n QuickDraw Manager\n Ruby\n SearchKit\n System Configuration\n System Preferences\n Time Machine\n VideoConference\n Wiki Server\";\n\n\nif(description)\n{\n script_id(102033);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2008-2305\",\"CVE-2008-1100\",\"CVE-2008-1387\",\"CVE-2008-0314\",\"CVE-2008-1833\",\"CVE-2008-1835\",\"CVE-2008-1836\",\"CVE-2008-1837\",\"CVE-2008-2713\",\"CVE-2008-3215\",\"CVE-2008-2329\",\"CVE-2008-2330\",\"CVE-2008-2331\",\"CVE-2008-3613\",\"CVE-2008-2327\",\"CVE-2008-2332\",\"CVE-2008-3608\",\"CVE-2008-1382\",\"CVE-2008-3609\",\"CVE-2008-1447\",\"CVE-2008-3610\",\"CVE-2008-3611\",\"CVE-2008-1483\",\"CVE-2008-1657\",\"CVE-2008-3614\",\"CVE-2008-2376\",\"CVE-2008-3616\",\"CVE-2008-2312\",\"CVE-2008-3617\",\"CVE-2008-3618\",\"CVE-2008-3619\",\"CVE-2008-3621\",\"CVE-2008-3622\");\n script_name(\"Mac OS X 10.5.5 Update / Security Update 2008-006\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_require_ports(\"Services/ssh\", 22);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver) exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\",\"Mac OS X 10.5.4\",\"Mac OS X Server 10.5.4\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message(0); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.006\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.006\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.4\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.5\")) { security_message(0); exit(0); }\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.4\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.5\")) { security_message(0); exit(0); }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:05", "description": "The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002.", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0150", "CVE-2009-0152", "CVE-2008-3652", "CVE-2008-3659", "CVE-2008-3655", "CVE-2008-2383", "CVE-2009-0010", "CVE-2009-0847", "CVE-2009-0946", "CVE-2009-0943", "CVE-2009-0844", "CVE-2008-2939", "CVE-2009-0021", "CVE-2009-0157", "CVE-2008-3530", "CVE-2009-0164", "CVE-2009-0114", "CVE-2008-2666", "CVE-2009-0162", "CVE-2009-0144", "CVE-2009-0846", "CVE-2009-0520", "CVE-2009-0040", "CVE-2007-2754", "CVE-2008-2371", "CVE-2008-3443", "CVE-2004-1185", "CVE-2004-1184", "CVE-2008-3658", "CVE-2009-0149", "CVE-2008-3660", "CVE-2009-0148", "CVE-2008-5077", "CVE-2008-3529", "CVE-2009-0156", "CVE-2009-0945", "CVE-2009-0159", "CVE-2009-0165", "CVE-2008-3657", "CVE-2006-0747", "CVE-2009-0944", "CVE-2008-2829", "CVE-2009-0147", "CVE-2008-3863", "CVE-2009-0519", "CVE-2009-0154", "CVE-2008-3651", "CVE-2009-1717", "CVE-2009-0158", "CVE-2009-0145", "CVE-2008-4309", "CVE-2008-1382", "CVE-2009-0942", "CVE-2008-5557", "CVE-2009-0155", "CVE-2008-1517", "CVE-2009-0146", "CVE-2008-0456", "CVE-2009-0025", "CVE-2008-3790", "CVE-2009-0161", "CVE-2009-0153", "CVE-2009-0845", "CVE-2004-1186", "CVE-2008-3656", "CVE-2008-2665"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310102035", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310102035", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n# $Id: macosx_upd_10_5_7_secupd_2009-002.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002\n#\n# LSS-NVT-2010-024\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.102035\");\n script_version(\"$Revision: 14307 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2008-2939\", \"CVE-2008-0456\", \"CVE-2009-0154\", \"CVE-2009-0025\", \"CVE-2009-0144\",\n \"CVE-2009-0157\", \"CVE-2009-0145\", \"CVE-2009-0155\", \"CVE-2009-0146\", \"CVE-2009-0147\",\n \"CVE-2009-0165\", \"CVE-2009-0148\", \"CVE-2009-0164\", \"CVE-2009-0150\", \"CVE-2009-0149\",\n \"CVE-2004-1184\", \"CVE-2004-1185\", \"CVE-2004-1186\", \"CVE-2008-3863\", \"CVE-2009-0519\",\n \"CVE-2009-0520\", \"CVE-2009-0114\", \"CVE-2009-0942\", \"CVE-2009-0943\", \"CVE-2009-0152\",\n \"CVE-2009-0153\", \"CVE-2008-3651\", \"CVE-2008-3652\", \"CVE-2009-0845\", \"CVE-2009-0846\",\n \"CVE-2009-0847\", \"CVE-2009-0844\", \"CVE-2008-1517\", \"CVE-2009-0156\", \"CVE-2008-3529\",\n \"CVE-2008-4309\", \"CVE-2009-0021\", \"CVE-2009-0159\", \"CVE-2008-3530\", \"CVE-2008-5077\",\n \"CVE-2008-3659\", \"CVE-2008-2829\", \"CVE-2008-3660\", \"CVE-2008-2666\", \"CVE-2008-2371\",\n \"CVE-2008-2665\", \"CVE-2008-3658\", \"CVE-2008-5557\", \"CVE-2009-0010\", \"CVE-2008-3443\",\n \"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2009-0161\",\n \"CVE-2009-0162\", \"CVE-2009-0944\", \"CVE-2009-0158\", \"CVE-2009-1717\", \"CVE-2009-0945\",\n \"CVE-2006-0747\", \"CVE-2007-2754\", \"CVE-2008-2383\", \"CVE-2008-1382\", \"CVE-2009-0040\",\n \"CVE-2009-0946\");\n script_name(\"Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[45]\\.\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT3549\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002.\");\n\n script_tag(name:\"affected\", value:\"One or more of the following components are affected:\n\n Apache\n\n ATS\n\n BIND\n\n CFNetwork\n\n CoreGraphics\n\n Cscope\n\n CUPS\n\n Disk Images\n\n enscript\n\n Flash Player plug-in\n\n Help Viewer\n\n iChat\n\n International Components for Unicode\n\n IPSec\n\n Kerberos\n\n Kernel\n\n Launch Services\n\n libxml\n\n Net-SNMP\n\n Network Time\n\n Networking\n\n OpenSSL\n\n PHP\n\n QuickDraw Manager\n\n ruby\n\n Safari\n\n Spotlight\n\n system_cmds\n\n telnet\n\n Terminal\n\n WebKit\n\n X11\");\n\n script_tag(name:\"solution\", value:\"Update your Mac OS X operating system. Please see the references for more information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver || ssh_osx_ver !~ \"^10\\.[45]\\.\") exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\",\"Mac OS X 10.5.6\",\"Mac OS X Server 10.5.6\",\"Mac OS X Server 10.5.6\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2009.002\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2009.002\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.6\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.7\")) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0); }\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.6\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.7\")) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0); }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:48", "description": "The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002.\n One or more of the following components are affected:\n\n Apache\n ATS\n BIND\n CFNetwork\n CoreGraphics\n Cscope\n CUPS\n Disk Images\n enscript\n Flash Player plug-in\n Help Viewer\n iChat\n International Components for Unicode\n IPSec\n Kerberos\n Kernel\n Launch Services\n libxml\n Net-SNMP\n Network Time\n Networking\n OpenSSL\n PHP\n QuickDraw Manager\n ruby\n Safari\n Spotlight\n system_cmds\n telnet\n Terminal\n WebKit\n X11", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0150", "CVE-2009-0152", "CVE-2008-3652", "CVE-2008-3659", "CVE-2008-3655", "CVE-2008-2383", "CVE-2009-0010", "CVE-2009-0847", "CVE-2009-0946", "CVE-2009-0943", "CVE-2009-0844", "CVE-2008-2939", "CVE-2009-0021", "CVE-2009-0157", "CVE-2008-3530", "CVE-2009-0164", "CVE-2009-0114", "CVE-2008-2666", "CVE-2009-0162", "CVE-2009-0144", "CVE-2009-0846", "CVE-2009-0520", "CVE-2009-0040", "CVE-2007-2754", "CVE-2008-2371", "CVE-2008-3443", "CVE-2004-1185", "CVE-2004-1184", "CVE-2008-3658", "CVE-2009-0149", "CVE-2008-3660", "CVE-2009-0148", "CVE-2008-5077", "CVE-2008-3529", "CVE-2009-0156", "CVE-2009-0945", "CVE-2009-0159", "CVE-2009-0165", "CVE-2008-3657", "CVE-2006-0747", "CVE-2009-0944", "CVE-2008-2829", "CVE-2009-0147", "CVE-2008-3863", "CVE-2009-0519", "CVE-2009-0154", "CVE-2008-3651", "CVE-2009-1717", "CVE-2009-0158", "CVE-2009-0145", "CVE-2008-4309", "CVE-2008-1382", "CVE-2009-0942", "CVE-2008-5557", "CVE-2009-0155", "CVE-2008-1517", "CVE-2009-0146", "CVE-2008-0456", "CVE-2009-0025", "CVE-2008-3790", "CVE-2009-0161", "CVE-2009-0153", "CVE-2009-0845", "CVE-2004-1186", "CVE-2008-3656", "CVE-2008-2665"], "modified": "2017-02-22T00:00:00", "id": "OPENVAS:102035", "href": "http://plugins.openvas.org/nasl.php?oid=102035", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002\n#\n# LSS-NVT-2010-024\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\ntag_solution = \"Update your Mac OS X operating system.\n\n For more information see:\n http://support.apple.com/kb/HT3549\";\n\ntag_summary = \"The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002.\n One or more of the following components are affected:\n\n Apache\n ATS\n BIND\n CFNetwork\n CoreGraphics\n Cscope\n CUPS\n Disk Images\n enscript\n Flash Player plug-in\n Help Viewer\n iChat\n International Components for Unicode\n IPSec\n Kerberos\n Kernel\n Launch Services\n libxml\n Net-SNMP\n Network Time\n Networking\n OpenSSL\n PHP\n QuickDraw Manager\n ruby\n Safari\n Spotlight\n system_cmds\n telnet\n Terminal\n WebKit\n X11\";\n\n\nif(description)\n{\n script_id(102035);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2008-2939\",\"CVE-2008-0456\",\"CVE-2009-0154\",\"CVE-2009-0025\",\"CVE-2009-0144\",\"CVE-2009-0157\",\"CVE-2009-0145\",\"CVE-2009-0155\",\"CVE-2009-0146\",\"CVE-2009-0147\",\"CVE-2009-0165\",\"CVE-2009-0148\",\"CVE-2009-0164\",\"CVE-2009-0150\",\"CVE-2009-0149\",\"CVE-2004-1184\",\"CVE-2004-1185\",\"CVE-2004-1186\",\"CVE-2008-3863\",\"CVE-2009-0519\",\"CVE-2009-0520\",\"CVE-2009-0114\",\"CVE-2009-0942\",\"CVE-2009-0943\",\"CVE-2009-0152\",\"CVE-2009-0153\",\"CVE-2008-3651\",\"CVE-2008-3652\",\"CVE-2009-0845\",\"CVE-2009-0846\",\"CVE-2009-0847\",\"CVE-2009-0844\",\"CVE-2008-1517\",\"CVE-2009-0156\",\"CVE-2008-3529\",\"CVE-2008-4309\",\"CVE-2009-0021\",\"CVE-2009-0159\",\"CVE-2008-3530\",\"CVE-2008-5077\",\"CVE-2008-3659\",\"CVE-2008-2829\",\"CVE-2008-3660\",\"CVE-2008-2666\",\"CVE-2008-2371\",\"CVE-2008-2665\",\"CVE-2008-3658\",\"CVE-2008-5557\",\"CVE-2009-0010\",\"CVE-2008-3443\",\"CVE-2008-3655\",\"CVE-2008-3656\",\"CVE-2008-3657\",\"CVE-2008-3790\",\"CVE-2009-0161\",\"CVE-2009-0162\",\"CVE-2009-0944\",\"CVE-2009-0158\",\"CVE-2009-1717\",\"CVE-2009-0945\",\"CVE-2006-0747\",\"CVE-2007-2754\",\"CVE-2008-2383\",\"CVE-2008-1382\",\"CVE-2009-0040\",\"CVE-2009-0946\");\n script_name(\"Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_require_ports(\"Services/ssh\", 22);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver) exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\",\"Mac OS X 10.5.6\",\"Mac OS X Server 10.5.6\",\"Mac OS X Server 10.5.6\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message(0); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2009.002\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2009.002\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.6\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.7\")) { security_message(0); exit(0); }\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.6\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.5.7\")) { security_message(0); exit(0); }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2021-07-28T14:46:45", "description": "New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\n10.2, 11.0, 12.0, and -current to fix a security issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382\n\nAdditional information can be found in the libpng source, or in this\nfile on the libpng FTP site:\n\n ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt\n\n\nHere are the details from the Slackware 12.0 ChangeLog:\n\npatches/packages/libpng-1.2.27-i486-1_slack12.0.tgz:\n Upgraded to libpng-1.2.27.\n This fixes various bugs, the most important of which have to do with the\n handling of unknown chunks containing zero-length data. Processing a PNG\n image that contains these could cause the application using libpng to crash\n (possibly resulting in a denial of service), could potentially expose the\n contents of uninitialized memory, or could cause the execution of arbitrary\n code as the user running libpng (though it would probably be quite difficult\n to cause the execution of attacker-chosen code). We recommend upgrading the\n package as soon as possible.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382\n ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/libpng-1.2.27-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/libpng-1.2.27-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/libpng-1.2.27-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/libpng-1.2.27-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/libpng-1.2.27-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/libpng-1.2.27-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/libpng-1.2.27-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/libpng-1.2.27-i486-1_slack12.0.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpng-1.2.27-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\n9423c3602ea8c878e27e5a7f615bc3ce libpng-1.2.27-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\n1746300b447e5272e48fbd61700e5a8c libpng-1.2.27-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\n1f2d79d80ac1db5fbbae8c3b3eed12dc libpng-1.2.27-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n54142e20e93c4c4cb4f67d0e66d830aa libpng-1.2.27-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n67759c9512d4eb841aedce7f2ccd0242 libpng-1.2.27-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\ndc9badf923a5e876fe4d3b8a52b94e4f libpng-1.2.27-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\nf604e3e8a6a32f1ca160284f8210677d libpng-1.2.27-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\nbe9224b4e88e9810765048e9583279f7 libpng-1.2.27-i486-1_slack12.0.tgz\n\nSlackware -current package:\n59551d7c03e037afc9fcb2fe2e5bd910 libpng-1.2.27-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg libpng-1.2.27-i486-1_slack12.0.tgz\n\nAny running programs that use libpng should be restarted.", "cvss3": {}, "published": "2008-04-29T07:20:31", "type": "slackware", "title": "[slackware-security] libpng", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-29T07:20:31", "id": "SSA-2008-119-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.541247", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x. ", "cvss3": {}, "published": "2008-05-29T02:35:02", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libpng10-1.0.37-1.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-05-29T02:35:02", "id": "FEDORA:M4T2YVPB003112", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MB3MY2MCH6LB5JPVO7XFZ3BX34VTAWP5/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x. ", "cvss3": {}, "published": "2008-05-29T02:50:47", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: libpng10-1.0.37-1.fc8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-05-29T02:50:47", "id": "FEDORA:M4T2OIN5005308", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IMRXCU3ZII6HLQX25BGVZO7LCKYMATFG/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. ", "cvss3": {}, "published": "2008-06-03T07:30:40", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: libpng-1.2.29-1.fc8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-06-03T07:30:40", "id": "FEDORA:M537TUJR006217", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PDDOYBL3XYGFK4ZOPGHZEAQ72S74RSJS/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x. ", "cvss3": {}, "published": "2008-11-13T03:37:05", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libpng10-1.0.41-1.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-11-13T03:37:05", "id": "FEDORA:4C792208771", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AC2THXUQI4BPCUTZNVBXCJYAGF7S4V2D/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x. ", "cvss3": {}, "published": "2008-11-13T03:37:56", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: libpng10-1.0.41-1.fc8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-11-13T03:37:56", "id": "FEDORA:0612C208DA1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XOVZBCH3CGIOUMCD3YGL75C3CL2EYHH3/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. ", "cvss3": {}, "published": "2009-02-26T15:34:52", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libpng-1.2.35-1.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2009-02-26T15:34:52", "id": "FEDORA:D8552208525", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MFDFFGXHO2YL36BS6K6TF3GUKAYSSN2K/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x. ", "cvss3": {}, "published": "2009-03-09T22:48:33", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libpng10-1.0.43-1.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2009-03-09T22:48:33", "id": "FEDORA:29CCA2084CF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LS74Z6IURDE4P4NKB7ESFGJ5LH4DUXN6/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x. ", "cvss3": {}, "published": "2008-05-29T02:50:16", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: libpng10-1.0.37-1.fc7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2445", "CVE-2007-5269", "CVE-2008-1382"], "modified": "2008-05-29T02:50:16", "id": "FEDORA:M4T2NTHX005156", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/I66QH7FKAI5AHUIHCYAQSEZD7AJ5RCSK/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. ", "cvss3": {}, "published": "2008-06-03T07:36:53", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: libpng-1.2.29-1.fc7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2445", "CVE-2007-5269", "CVE-2008-1382"], "modified": "2008-06-03T07:36:53", "id": "FEDORA:M537AIMI007137", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RIO622GAITVZJSGS27KZNKTWEAZYT2KC/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. ", "cvss3": {}, "published": "2009-06-18T11:50:22", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libpng-1.2.37-1.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040", "CVE-2009-2042"], "modified": "2009-06-18T11:50:22", "id": "FEDORA:6DF3E10F8E7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HD5M6PGPJGO2HN6VU2DFCUWISVA4RM2Y/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T22:01:07", "description": "libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through\n1.4.0beta19 allows context-dependent attackers to cause a denial of service\n(crash) and possibly execute arbitrary code via a PNG file with zero length\n\"unknown\" chunks, which trigger an access of uninitialized memory.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/libpng/+bug/217128>\n", "cvss3": {}, "published": "2008-04-14T00:00:00", "type": "ubuntucve", "title": "CVE-2008-1382", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-14T00:00:00", "id": "UB:CVE-2008-1382", "href": "https://ubuntu.com/security/CVE-2008-1382", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:15:28", "description": "### Background\n\nlibpng is a free ANSI C library used to process and manipulate PNG images. \n\n### Description\n\nTavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call png_set_read_user_chunk_fn() or png_set_keep_unknown_chunks(). \n\n### Impact\n\nA remote attacker could entice a user or automated system to process a specially crafted PNG image in an application using libpng and possibly execute arbitrary code with the privileges of the user running the application. Note that processing of unknown chunks is disabled by default in most PNG applications, but some such as ImageMagick are affected. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll libpng users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libpng-1.2.26-r1\"", "cvss3": {}, "published": "2008-04-15T00:00:00", "type": "gentoo", "title": "libpng: Execution of arbitrary code", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-15T00:00:00", "id": "GLSA-200804-15", "href": "https://security.gentoo.org/glsa/200804-15", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-17T19:15:21", "description": "### Background\n\nPngcrush is a multi platform optimizer for PNG (Portable Network Graphics) files. \n\n### Description\n\nIt has been reported that Pngcrush includes a copy of libpng that is vulnerable to a memory corruption (GLSA 200804-15). \n\n### Impact\n\nA remote attacker could entice a user to process a specially crafted PNG image, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Pngcrush users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/pngcrush-1.6.4-r1\"", "cvss3": {}, "published": "2008-05-11T00:00:00", "type": "gentoo", "title": "Pngcrush: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-05-11T00:00:00", "id": "GLSA-200805-10", "href": "https://security.gentoo.org/glsa/200805-10", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-17T19:14:49", "description": "### Background\n\nPOV-Ray is a well known open-source ray tracer. \n\n### Description\n\nPOV-Ray uses a statically linked copy of libpng to view and output PNG files. The version shipped with POV-Ray is vulnerable to CVE-2008-3964, CVE-2008-1382, CVE-2006-3334, CVE-2006-0481, CVE-2004-0768. A bug in POV-Ray's build system caused it to load the old version when your installed copy of libpng was >=media-libs/libpng-1.2.10. \n\n### Impact\n\nAn attacker could entice a user to load a specially crafted PNG file as a texture, resulting in the execution of arbitrary code with the permissions of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll POV-Ray users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/povray-3.6.1-r4\"", "cvss3": {}, "published": "2008-12-14T00:00:00", "type": "gentoo", "title": "POV-Ray: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0768", "CVE-2006-0481", "CVE-2006-3334", "CVE-2008-1382", "CVE-2008-3964"], "modified": "2008-12-14T00:00:00", "id": "GLSA-200812-15", "href": "https://security.gentoo.org/glsa/200812-15", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-17T19:07:29", "description": "### Background\n\nFor more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. \n\n### Description\n\nVulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. \n\n * Insight\n * Perl Tk Module\n * Source-Navigator\n * Tk\n * Partimage\n * Mlmmj\n * acl\n * Xinit\n * gzip\n * ncompress\n * liblzw\n * splashutils\n * GNU M4\n * KDE Display Manager\n * GTK+\n * KGet\n * dvipng\n * Beanstalk\n * Policy Mount\n * pam_krb5\n * GNU gv\n * LFTP\n * Uzbl\n * Slim\n * Bitdefender Console\n * iputils\n * DVBStreamer\n\n### Impact\n\nA context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. \n\n### Workaround\n\nThere are no known workarounds at this time.\n\n### Resolution\n\nAll Insight users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/insight-6.7.1-r1\"\n \n\nAll Perl Tk Module users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-perl/perl-tk-804.028-r2\"\n \n\nAll Source-Navigator users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/sourcenav-5.1.4\"\n \n\nAll Tk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/tk-8.4.18-r1\"\n \n\nAll Partimage users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-block/partimage-0.6.8\"\n \n\nAll Mlmmj users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-mail/mlmmj-1.2.17.1\"\n \n\nAll acl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/acl-2.2.49\"\n \n\nAll Xinit users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-apps/xinit-1.2.0-r4\"\n \n\nAll gzip users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/gzip-1.4\"\n \n\nAll ncompress users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/ncompress-4.2.4.3\"\n \n\nAll liblzw users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/liblzw-0.2\"\n \n\nAll splashutils users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-gfx/splashutils-1.5.4.3-r3\"\n \n\nAll GNU M4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-devel/m4-1.4.14-r1\"\n \n\nAll KDE Display Manager users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdm-4.3.5-r1\"\n \n\nAll GTK+ users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/gtk+-2.18.7\"\n \n\nAll KGet 4.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kget-4.3.5-r1\"\n \n\nAll dvipng users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/dvipng-1.13\"\n \n\nAll Beanstalk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-misc/beanstalkd-1.4.6\"\n \n\nAll Policy Mount users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/pmount-0.9.23\"\n \n\nAll pam_krb5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-auth/pam_krb5-4.3\"\n \n\nAll GNU gv users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/gv-3.7.1\"\n \n\nAll LFTP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-ftp/lftp-4.0.6\"\n \n\nAll Uzbl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/uzbl-2010.08.05\"\n \n\nAll Slim users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-misc/slim-1.3.2\"\n \n\nAll iputils users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/iputils-20100418\"\n \n\nAll DVBStreamer users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-tv/dvbstreamer-1.1-r1\"\n \n\nGentoo has discontinued support for Bitdefender Console. We recommend that users unmerge Bitdefender Console: \n \n \n # emerge --unmerge \"app-antivirus/bitdefender-console\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2011. It is likely that your system is already no longer affected by these issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2014-12-11T00:00:00", "type": "gentoo", "title": "Multiple packages, Multiple vulnerabilities fixed in 2010", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-3005", "CVE-2007-2741", "CVE-2008-0553", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2008-6661", "CVE-2009-0040", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-0946", "CVE-2009-2042", "CVE-2009-2624", "CVE-2009-3736", "CVE-2009-4029", "CVE-2009-4411", "CVE-2009-4896", "CVE-2010-0001", "CVE-2010-0436", "CVE-2010-0732", "CVE-2010-0829", "CVE-2010-1000", "CVE-2010-1205", "CVE-2010-1511", "CVE-2010-2056", "CVE-2010-2060", "CVE-2010-2192", "CVE-2010-2251", "CVE-2010-2529", "CVE-2010-2809", "CVE-2010-2945"], "modified": "2014-12-11T00:00:00", "id": "GLSA-201412-08", "href": "https://security.gentoo.org/glsa/201412-08", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nSecunia reports:\n\nTavis Ormandy has reported a vulnerability in libpng, which can be\n\t exploited by malicious people to cause a Denial of Service, disclose\n\t potentially sensitive information, or potentially compromise an\n\t application using the library.\nThe vulnerability is caused due to the improper handling of PNG\n\t chunks unknown to the library. This can be exploited to trigger the\n\t use of uninitialized memory in e.g. a free() call via unknown PNG\n\t chunks having a length of zero.\nSuccessful exploitation may allow execution of arbitrary code, but\n\t requires that the application calls the png_set_read_user_chunk_fn()\n\t function or the png_set_keep_unknown_chunks() function under\n\t specific conditions.\n\n\n", "cvss3": {}, "published": "2008-04-12T00:00:00", "type": "freebsd", "title": "png -- unknown chunk processing uninitialized memory access", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-29T00:00:00", "id": "57C705D6-12AE-11DD-BAB7-0016179B2DD5", "href": "https://vuxml.freebsd.org/freebsd/57c705d6-12ae-11dd-bab7-0016179b2dd5.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T21:43:25", "description": "BUGTRAQ ID: 28770\r\nCVE(CAN) ID: CVE-2008-1382\r\n\r\nlibpng\u662f\u591a\u79cd\u5e94\u7528\u7a0b\u5e8f\u6240\u4f7f\u7528\u7684\u89e3\u6790PNG\u56fe\u5f62\u683c\u5f0f\u7684\u51fd\u6570\u5e93\u3002\r\n\r\nlibpng\u5e93\u5728\u5904\u7406\u7578\u5f62\u683c\u5f0f\u7684PNG\u6587\u4ef6\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u6210\u529f\u5229\u7528\u6b64\u6f0f\u6d1e\u5141\u8bb8\u672c\u5730\u653b\u51fb\u8005\u8bfb\u53d6\u654f\u611f\u4fe1\u606f\u3001\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\r\nlibpng\u5e93\u6ca1\u6709\u6b63\u786e\u5730\u5904\u7406\u672a\u77e5\u7c7b\u578b\u7684PNG\u5757\uff0c\u5982\u679c\u4f7f\u7528\u8be5\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u5728\u7279\u5b9a\u60c5\u51b5\u4e0b\u8c03\u7528\u4e86png_set_read_user_chunk_fn()\u6216png_set_keep_unknown_chunks()\u51fd\u6570\u7684\u8bdd\uff0c\u957f\u5ea6\u4e3a0\u7684PNG\u5757\u5c31\u4f1a\u5bfc\u81f4\u901a\u8fc7free()\u8c03\u7528\u4f7f\u7528\u672a\u521d\u59cb\u5316\u7684\u5185\u5b58\u3002\n0\nlibpng libpng 1.2.0 - 1.2.26\r\nlibpng libpng 1.0.6 - 1.0.32\nlibpng\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?modtime=1208169600&big_mirror=0 target=_blank>http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?modtime=1208169600&big_mirror=0</a>\r\n\r\nGentoo\r\n------\r\nGentoo\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08GLSA-200804-15\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nGLSA-200804-15\uff1alibpng: Execution of arbitrary code\r\n\u94fe\u63a5\uff1a<a href=http://security.gentoo.org/glsa/glsa-200804-15.xml target=_blank>http://security.gentoo.org/glsa/glsa-200804-15.xml</a>\r\n\r\n\u6240\u6709libpng\u7528\u6237\u90fd\u5e94\u5347\u7ea7\u5230\u6700\u65b0\u7248\u672c\uff1a\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.26-r1"", "cvss3": {}, "published": "2008-04-15T00:00:00", "type": "seebug", "title": "Libpng\u5e93\u672a\u77e5\u7c7b\u578b\u5757\u5904\u7406\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-1382"], "modified": "2008-04-15T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3166", "id": "SSV:3166", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2022-03-23T11:54:57", "description": "libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length \"unknown\" chunks, which trigger an access of uninitialized memory.", "cvss3": {}, "published": "2008-04-14T16:05:00", "type": "cve", "title": "CVE-2008-1382", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382"], "modified": "2018-10-11T20:32:00", "cpe": ["cpe:/a:libpng:libpng:1.2.15", "cpe:/a:libpng:libpng:1.2.17", "cpe:/a:libpng:libpng:1.2.23", "cpe:/a:libpng:libpng:1.2.24", "cpe:/a:libpng:libpng:1.2.21", "cpe:/a:libpng:libpng:1.2.1", "cpe:/a:libpng:libpng:1.2.4", "cpe:/a:libpng:libpng:1.2.25", "cpe:/a:libpng:libpng:1.2.19", "cpe:/a:libpng:libpng:1.2.9", "cpe:/a:libpng:libpng:1.0.14", "cpe:/a:libpng:libpng:1.2.14", "cpe:/a:libpng:libpng:1.0.31", "cpe:/a:libpng:libpng:1.2.2", "cpe:/a:libpng:libpng:1.2.22", "cpe:/a:libpng:libpng:1.0.16", "cpe:/a:libpng:libpng:1.2.6", "cpe:/a:libpng:libpng:1.0.12", "cpe:/a:libpng:libpng:1.2.10", "cpe:/a:libpng:libpng:1.2.13", "cpe:/a:libpng:libpng:1.2.8", "cpe:/a:libpng:libpng:1.2.26", "cpe:/a:libpng:libpng:1.0.18", "cpe:/a:libpng:libpng:1.0.6", "cpe:/a:libpng:libpng:1.2.16", "cpe:/a:libpng:libpng:1.2.20", "cpe:/a:libpng:libpng:1.0.27", "cpe:/a:libpng:libpng:1.0.10", "cpe:/a:libpng:libpng:1.0.21", "cpe:/a:libpng:libpng:1.0.26", "cpe:/a:libpng:libpng:1.0.29", "cpe:/a:libpng:libpng:1.0.32", "cpe:/a:libpng:libpng:1.0.20", "cpe:/a:libpng:libpng:1.0.24", "cpe:/a:libpng:libpng:1.0.8", "cpe:/a:libpng:libpng:1.0.15", "cpe:/a:libpng:libpng:1.2.5", "cpe:/a:libpng:libpng:1.0.7", "cpe:/a:libpng:libpng:1.0.22", "cpe:/a:libpng:libpng:1.0.23", "cpe:/a:libpng:libpng:1.0.30", "cpe:/a:libpng:libpng:1.2.7", "cpe:/a:libpng:libpng:1.0.11", "cpe:/a:libpng:libpng:1.0.28", "cpe:/a:libpng:libpng:1.0.25", "cpe:/a:libpng:libpng:1.0.17", "cpe:/a:libpng:libpng:1.2.0", "cpe:/a:libpng:libpng:1.0.19", "cpe:/a:libpng:libpng:1.0.9", "cpe:/a:libpng:libpng:1.4", "cpe:/a:libpng:libpng:1.0.13", "cpe:/a:libpng:libpng:1.2.11", "cpe:/a:libpng:libpng:1.2.3"], "id": "CVE-2008-1382", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1382", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:libpng:libpng:1.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.3:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta9:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta18:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:rc01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.3:rc6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.29:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.30:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.21:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta11:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta7:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:d:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta16:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.8:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta30:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta16:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.19:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta8:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.23:beta03:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta11:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta31:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:g:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta10:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.8:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.15:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.19:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.31:rc01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.29:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta9:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta13:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta15:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.23:beta02:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta7:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.11:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta20:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.24:beta01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:beta03:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta16:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.1:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.24:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:i:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta12:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.4:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta13:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.24:rc01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.14:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:rc01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.8:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.13:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.17:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.13:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:beta01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.16:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:beta04:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:rc6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:beta05:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.21:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.23:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.24:beta02:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:beta02:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:j:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta12:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta18:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:beta06:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta8:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta19:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta14:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.11:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.28:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.23:beta05:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.23:beta04:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.12:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.23:rc01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta27:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.29:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.10:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.23:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:rc6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.17:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.28:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:beta04:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:beta01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.19:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:rc6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta9:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta17:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.16:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.14:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.25:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta21:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta17:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.17:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta7:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:rc02:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.17:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:h:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:f:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.28:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.25:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:beta03:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta18:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.23:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta8:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta8:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.11:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.5:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta19:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.23:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta14:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta14:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:beta02:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.23:beta01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta25:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:beta06:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta23:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta12:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.24:beta03:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.28:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta26:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.23:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta15:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta10:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta24:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:rc3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta28:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.4:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.17:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta22:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta29:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta9:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.4:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.19:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta7:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:e:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.21:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.17:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:beta04:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.15:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta11:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.6:a:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:rc5:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.20:beta02:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.10:beta1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.7:beta17:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:beta01:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.11:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.29:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.25:beta03:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.9:beta10:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta7:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta15:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.9:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.11:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.28:rc6:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:rc4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.26:beta05:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.19:beta3:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.14:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.8:beta4:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta13:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.27:rc1:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.2.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.4:beta10:*:*:*:*:*:*", "cpe:2.3:a:libpng:libpng:1.0.15:rc2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:30:16", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1382. Reason: This candidate is a reservation duplicate of CVE-2008-1382. Notes: All CVE users should reference CVE-2008-1382 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2020-01-17T19:15:00", "type": "cve", "title": "CVE-2007-6070", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6070", "CVE-2008-1382"], "modified": "2020-01-17T19:15:00", "cpe": [], "id": "CVE-2007-6070", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6070", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}], "centos": [{"lastseen": "2022-02-27T12:02:33", "description": "**CentOS Errata and Security Advisory** CESA-2009:0333-01\n\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n\"unknown\" chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-March/052593.html\n\n**Affected packages:**\nlibpng\nlibpng-devel\n\n", "cvss3": {}, "published": "2009-03-11T03:53:56", "type": "centos", "title": "libpng security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2009-03-11T03:53:56", "id": "CESA-2009:0333-01", "href": "https://lists.centos.org/pipermail/centos-announce/2009-March/052593.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T12:02:17", "description": "**CentOS Errata and Security Advisory** CESA-2009:0333\n\n\nThe libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n\"unknown\" chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-April/052731.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-April/052732.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-March/052574.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-March/052579.html\n\n**Affected packages:**\nlibpng\nlibpng-devel\nlibpng10\nlibpng10-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:0333", "cvss3": {}, "published": "2009-03-05T18:16:07", "type": "centos", "title": "libpng, libpng10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2009-04-20T21:43:41", "id": "CESA-2009:0333", "href": "https://lists.centos.org/pipermail/centos-announce/2009-March/052574.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:38", "description": "[1.2.10-7.1.el5_3.2]\n- Back-port fixes for CVE-2008-1382 and CVE-2009-0040.\nResolves: #487168", "cvss3": {}, "published": "2009-03-04T00:00:00", "type": "oraclelinux", "title": "libpng security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2009-03-04T00:00:00", "id": "ELSA-2009-0333", "href": "http://linux.oracle.com/errata/ELSA-2009-0333.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:59", "description": "libpng:\n[1.2.2-29]\n- Back-port fix for CVE-2009-0040.\nResolves: #487165\n- Note: so far as I can tell, this version isn't affected by CVE-2008-1382.\nlibpng10:\n[1.0.13-20]\n- Fix inter-subpackage Requires, per rpmdiff complaint\nRelated: #487170\n[1.0.13-19]\n- Back-port fix for CVE-2009-0040.\nResolves: #487170\n- Note: so far as I can tell, this version isn't affected by CVE-2008-1382.", "cvss3": {}, "published": "2009-03-04T00:00:00", "type": "oraclelinux", "title": "libpng security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-0040", "CVE-2008-1382"], "modified": "2009-03-04T00:00:00", "id": "ELSA-2009-0340", "href": "http://linux.oracle.com/errata/ELSA-2009-0340.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:36:17", "description": "The libpng packages contain a library of functions for creating and\nmanipulating PNG (Portable Network Graphics) image format files.\n\nA flaw was discovered in libpng that could result in libpng trying to\nfree() random memory if certain, unlikely error conditions occurred. If a\ncarefully-crafted PNG file was loaded by an application linked against\nlibpng, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-0040)\n\nA flaw was discovered in the way libpng handled PNG images containing\n\"unknown\" chunks. If an application linked against libpng attempted to\nprocess a malformed, unknown chunk in a malicious PNG image, it could cause\nthe application to crash. (CVE-2008-1382)\n\nUsers of libpng and libpng10 should upgrade to these updated packages,\nwhich contain backported patches to correct these issues. All running\napplications using libpng or libpng10 must be restarted for the update to\ntake effect.", "cvss3": {}, "published": "2009-03-04T00:00:00", "type": "redhat", "title": "(RHSA-2009:0333) Moderate: libpng security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040"], "modified": "2019-03-22T19:42:34", "id": "RHSA-2009:0333", "href": "https://access.redhat.com/errata/RHSA-2009:0333", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "vmware": [{"lastseen": "2022-06-19T20:03:02", "description": "a. VMware Descheduled Time Accounting driver vulnerability may cause a denial of service in Windows based virtual machines.The VMware Descheduled Time Accounting Service is an optional,experimental service that provides improved guest operating systemaccounting.This patch fixes a denial of service vulnerability that could betriggered in a virtual machine by an unprivileged, locallylogged-on user in the virtual machine.Virtual machines are affected under the following conditions:- The virtual machine is running a Windows operating system.- The VMware Descheduled Time Accounting driver is installedin the virtual machine. Note that this is an optional (non-default) part of the VMware Tools installation.- The VMware Descheduled Time Accounting Service is not runningin the virtual machineThe VMware Descheduled Time Accounting Service is no longer providedin newer versions of VMware Tools, starting with the versionsreleased in Fusion 2.0.2 and ESX 4.0.However, virtual machines migrated from vulnerable releases willstill be vulnerable if the three conditions listed above are met,until their tools are upgraded.Steps needed to remediate this vulnerability:Guest systems on VMware Workstation, Player, ACE, Server, Fusion- Install the new version of Workstation, Player, ACE, Server,Fusion (see below for version information)- Upgrade tools in the virtual machine (virtual machine userswill be prompted to upgrade).Guest systems on ESX 3.5, ESXi 3.5, ESX 3.0.2, ESX 3.0.3- Install the relevant patches (see below for patch identifiers)- Manually upgrade tools in the virtual machine (virtual machineusers will not be prompted to upgrade). Note the VI Client willnot show the VMware tools is out of date in the summary tab.Please see http://tinyurl.com/27mpjo page 80 for details.Guests systems on ESX 4.0 and ESXi 4.0 that have been migrated fromESX 3.5, ESXi 3.5, and ESX 3.0.x- Install/upgrade the new tools in the virtual machine (virtualmachine users will be prompted to upgrade).If the Descheduled Time Accounting driver was installed, the toolsupgrade will result in an updated driver for Workstation, Player,ACE, Server, ESX 3.0.2, ESX 3.0.3, ESX 3.5, ESXi 3.5. For Fusion,ESX 4.0, and ESXi 4.0 the tools upgrade will result in the removalof the driver.VMware would like to thank Nikita Tarakanov for reporting thisissue to us.The Common Vulnerabilities and Exposures project (cve.mitre.org)has assigned the name CVE-2009-1805 to this issue.The following table lists what action remediates the vulnerability(column 4) if a solution is available. See above for remediationdetails.", "cvss3": {}, "published": "2009-05-28T00:00:00", "type": "vmware", "title": "VMware Hosted products and ESX and ESXi patches resolve security issues", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1382", "CVE-2009-0040", "CVE-2009-1805"], "modified": "2009-05-28T00:00:00", "id": "VMSA-2009-0007", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0007.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T01:19:19", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1750-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nMarch 22, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : libpng\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 CVE-2009-0040\nDebian Bug : 446308 476669 516256 512665\n\nSeveral vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nThe png_handle_tRNS function allows attackers to cause a denial of\nservice (application crash) via a grayscale PNG image with a bad tRNS\nchunk CRC value. (CVE-2007-2445)\n\nCertain chunk handlers allow attackers to cause a denial of service\n(crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG\nimages, which trigger out-of-bounds read operations. (CVE-2007-5269)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(crash) and possibly execute arbitrary code via a PNG file with zero\nlength "unknown" chunks, which trigger an access of uninitialized\nmemory. (CVE-2008-1382)\n\nThe png_check_keyword might allow context-dependent attackers to set the\nvalue of an arbitrary memory location to zero via vectors involving\ncreation of crafted PNG files with keywords. (CVE-2008-5907)\n\nA memory leak in the png_handle_tEXt function allows context-dependent\nattackers to cause a denial of service (memory exhaustion) via a crafted\nPNG file. (CVE-2008-6218)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(application crash) or possibly execute arbitrary code via a crafted PNG\nfile that triggers a free of an uninitialized pointer in (1) the\npng_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit\ngamma tables. (CVE-2009-0040)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.35-1.\n\nWe recommend that you upgrade your libpng packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5 checksum: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.diff.gz\n Size/MD5 checksum: 18622 e1e1b7d74b9af5861bdcfc50154d2b4c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.dsc\n Size/MD5 checksum: 1033 a0668aeec893b093e1f8f68316a04041\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.15~beta5-1+etch2_all.deb\n Size/MD5 checksum: 882 eb0e501247bd91837c090cf3353e07c6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_alpha.deb\n Size/MD5 checksum: 214038 1dd9a6d646d8ae533fbabbb32e03149a\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_alpha.deb\n Size/MD5 checksum: 204478 d04c5a2151ca4aa8b1fa6f1b3078e418\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_alpha.udeb\n Size/MD5 checksum: 85270 1fcfca5bfd47a2f6611074832273ac0b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_amd64.deb\n Size/MD5 checksum: 188124 703758e444f77281b9104e20c358b521\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_amd64.deb\n Size/MD5 checksum: 179186 d2596f942999be2acb79e77d12d99c2e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_amd64.udeb\n Size/MD5 checksum: 69056 4bd8858ff3ef96c108d2f357e67c7b73\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_arm.udeb\n Size/MD5 checksum: 63714 14bd7b3fa29b01ebc18b6611eea486d1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_arm.deb\n Size/MD5 checksum: 168764 54a349016bbdd6624fe8552bd951fee0\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_arm.deb\n Size/MD5 checksum: 182720 79e501f9c79d31b0f9c8b5a4f16f6a2e\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_hppa.udeb\n Size/MD5 checksum: 74440 e240adb3f2b0f8ed35a3c2fe2dd35da1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_hppa.deb\n Size/MD5 checksum: 187052 e5f7162d516fc3d8e953726d7fb5b6ae\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_hppa.deb\n Size/MD5 checksum: 194360 83928ed4057deade50551874a6a85d27\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_i386.udeb\n Size/MD5 checksum: 67656 66d9d533e26e4f74fbdd01bf55fa40b1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_i386.deb\n Size/MD5 checksum: 187710 20da5a533679aee19edf5cd0c339f2c9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_i386.deb\n Size/MD5 checksum: 170784 b19d4f0f8be4d65dbb847079ce2effa8\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_ia64.deb\n Size/MD5 checksum: 227792 eb01ade8e4b4dba3215832b8c632548a\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_ia64.udeb\n Size/MD5 checksum: 108076 cb3ae7c7c66dcafce969608a437fdade\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_ia64.deb\n Size/MD5 checksum: 227388 83fa9e2ba1a370fe1b973688ab6096dd\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mips.deb\n Size/MD5 checksum: 187814 daa3c7c3aeae294c661324528e0f6c3e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mips.deb\n Size/MD5 checksum: 187016 e556557c1c570c66656232422af38c8e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mips.udeb\n Size/MD5 checksum: 67730 ae7ea1cd95eacae754ba35e9fae19818\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mipsel.udeb\n Size/MD5 checksum: 67996 4be0aa40152ac55a7355aea2204d7888\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mipsel.deb\n Size/MD5 checksum: 187852 19a6eddae81d4f9d768f8c0ef442b0ed\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mipsel.deb\n Size/MD5 checksum: 187282 119ae6083edd419fed3fe970cc507919\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_powerpc.deb\n Size/MD5 checksum: 178452 e48dc544abc3df3ec474930639e29469\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_powerpc.deb\n Size/MD5 checksum: 186636 b8319bb815dec618288cdd35cd37c191\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_powerpc.udeb\n Size/MD5 checksum: 67430 a3717e7c30011e60be99ce04983f2984\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_s390.deb\n Size/MD5 checksum: 178548 790f01dc85511343a4ef9b4832f3b1fa\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_s390.deb\n Size/MD5 checksum: 190648 a79ea20f0b8af58765d2b14ec276aa5a\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_s390.udeb\n Size/MD5 checksum: 71438 aa83c3a2ab4da51670da3eafcedddac9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_sparc.udeb\n Size/MD5 checksum: 64914 13bcdda845e00493e1b25413452302d0\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_sparc.deb\n Size/MD5 checksum: 184734 0f0e7865607948f07a604c86fd4f94bb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_sparc.deb\n Size/MD5 checksum: 172558 2853d84c9f9823d0bfe77b1fca00348d\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.diff.gz\n Size/MD5 checksum: 16783 64d84ee2a3098905d361711dc96698c9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.dsc\n Size/MD5 checksum: 1492 8c82810267b23916b6207fa40f0b6bce\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny2_all.deb\n Size/MD5 checksum: 878 8d46f725bd49014cdb4e15508baea203\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_alpha.deb\n Size/MD5 checksum: 287802 470918bf3d543a1128df53d4bed78b3f\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_alpha.deb\n Size/MD5 checksum: 182372 df321c1623004da3cf1daacae952e8b6\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_alpha.udeb\n Size/MD5 checksum: 86746 975dccb76f777be09e8e5353704bf6bf\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_amd64.udeb\n Size/MD5 checksum: 71944 3f3bdfdee4699b4b3e5c793686330036\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_amd64.deb\n Size/MD5 checksum: 254598 122c139abf34eb461eca9847ec9dffe7\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_amd64.deb\n Size/MD5 checksum: 167190 1c17a5378b2e6b8fa8760847510f208b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_arm.deb\n Size/MD5 checksum: 245788 9d3fe182d56caad3f9d8a436ca109b57\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_arm.udeb\n Size/MD5 checksum: 64754 81ee041de30e2e5343d38965ab0645c1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_arm.deb\n Size/MD5 checksum: 160222 5741adc357ec8f3f09c4c8e72f02ec88\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_armel.udeb\n Size/MD5 checksum: 67178 71747c7d6f7bffde46bb38055948b781\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_armel.deb\n Size/MD5 checksum: 246680 bb9df968f72c62d5adceab0079c86e02\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_armel.deb\n Size/MD5 checksum: 163028 60bf255a23031c9c105d3582ed2c21bd\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_hppa.deb\n Size/MD5 checksum: 261298 a0bac6595474dc5778c764fab4acd9be\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_hppa.deb\n Size/MD5 checksum: 170170 de217ce54775d5f648ad369f4ce7cb72\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_hppa.udeb\n Size/MD5 checksum: 74124 affd4f1155bd1d571615b6c767886974\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_i386.udeb\n Size/MD5 checksum: 70314 865ea6726b205467e770d56d1530fdd2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_i386.deb\n Size/MD5 checksum: 165892 cfcd37b7eee72625d13f09328bc24e23\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_i386.deb\n Size/MD5 checksum: 247056 bc860a52608d966576f581c27e89a86c\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_ia64.deb\n Size/MD5 checksum: 305532 d6f329a47a523353fcd527c48abb078c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_ia64.deb\n Size/MD5 checksum: 207604 78b003ade0b48d1510f436f2e5008588\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_ia64.udeb\n Size/MD5 checksum: 112070 a0f1e5e8a85bcc1995faa1e031f5e16e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mips.udeb\n Size/MD5 checksum: 68198 a68e0ba1f7a39bd9984414f4160de5bc\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mips.deb\n Size/MD5 checksum: 262138 f3580912592abe14609134cab2242728\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mips.deb\n Size/MD5 checksum: 163666 0c9f75230c396553e6062eb397d6b95c\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mipsel.deb\n Size/MD5 checksum: 163956 dfda7e322af96e8ae5104cfd9f955e92\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mipsel.udeb\n Size/MD5 checksum: 68468 9c357d2d831dca03ed0887c58a18c523\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mipsel.deb\n Size/MD5 checksum: 262162 a1d0ba1b7adb92a95180e6d65b398b5b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_powerpc.udeb\n Size/MD5 checksum: 70814 3053467f8b8864802cc7261742abfa00\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_powerpc.deb\n Size/MD5 checksum: 166240 13acfd773d2a31bd555ac1936411fe95\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_powerpc.deb\n Size/MD5 checksum: 253322 d4a722d84e5c2f263d72a59dea00ce17\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_s390.deb\n Size/MD5 checksum: 253696 bc748b49195dcd01b5288349e3e85510\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_s390.udeb\n Size/MD5 checksum: 73624 f35735be37fc376c56941795a185c742\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_s390.deb\n Size/MD5 checksum: 169052 4cf962619d634ea59a39d14c32134594\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_sparc.udeb\n Size/MD5 checksum: 66216 07bcad5c11908d2fe6d358dfc94d9051\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_sparc.deb\n Size/MD5 checksum: 247212 f388365559e6b9313aa6048c6fa341f9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_sparc.deb\n Size/MD5 checksum: 162316 16f01a96b1fec79e9614df831dba6a05\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2009-03-22T17:16:04", "type": "debian", "title": "[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2445", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2009-0040"], "modified": "2009-03-22T17:16:04", "id": "DEBIAN:DSA-1750-1:2594D", "href": "https://lists.debian.org/debian-security-announce/2009/msg00060.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T13:29:00", "description": "It was discovered that libpng did not properly perform bounds checking in \ncertain operations. An attacker could send a specially crafted PNG image and \ncause a denial of service in applications linked against libpng. This issue \nonly affected Ubuntu 8.04 LTS. (CVE-2007-5268, CVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize memory. If a \nuser or automated system were tricked into opening a crafted PNG image, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the program. \nThis issue did not affect Ubuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker could \ncould cause an application crash in programs using pngtest. (CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a keyword \nstring. An attacker could exploit this to set arbitrary memory locations to \nzero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly initialize \npointers. If a user or automated system were tricked into opening a crafted PNG \nfile, an attacker could cause a denial of service or possibly execute arbitrary \ncode with the privileges of the user invoking the program. (CVE-2009-0040)\n", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "ubuntu", "title": "libpng vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5269", "CVE-2007-5268", "CVE-2009-0040", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-3964"], "modified": "2009-03-06T00:00:00", "id": "USN-730-1", "href": "https://ubuntu.com/security/notices/USN-730-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-07-06T05:12:09", "description": "\nSeveral vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\n\n* [CVE-2007-2445](https://security-tracker.debian.org/tracker/CVE-2007-2445)\nThe png\\_handle\\_tRNS function allows attackers to cause a denial of service\n (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.\n* [CVE-2007-5269](https://security-tracker.debian.org/tracker/CVE-2007-5269)\nCertain chunk handlers allow attackers to cause a denial of service (crash)\n via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG images, which\n trigger out-of-bounds read operations.\n* [CVE-2008-1382](https://security-tracker.debian.org/tracker/CVE-2008-1382)\nlibpng allows context-dependent attackers to cause a denial of service\n (crash) and possibly execute arbitrary code via a PNG file with zero\n length \"unknown\" chunks, which trigger an access of uninitialized\n memory.\n* [CVE-2008-5907](https://security-tracker.debian.org/tracker/CVE-2008-5907)\nThe png\\_check\\_keyword might allow context-dependent attackers to set the\n value of an arbitrary memory location to zero via vectors involving\n creation of crafted PNG files with keywords.\n* [CVE-2008-6218](https://security-tracker.debian.org/tracker/CVE-2008-6218)\nA memory leak in the png\\_handle\\_tEXt function allows context-dependent\n attackers to cause a denial of service (memory exhaustion) via a crafted\n PNG file.\n* [CVE-2009-0040](https://security-tracker.debian.org/tracker/CVE-2009-0040)\nlibpng allows context-dependent attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code via a crafted PNG\n file that triggers a free of an uninitialized pointer in (1) the\n png\\_read\\_png function, (2) pCAL chunk handling, or (3) setup of 16-bit\n gamma tables.\n\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 1.2.15~beta5-1+etch2.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only [CVE-2008-5907](https://security-tracker.debian.org/tracker/CVE-2008-5907), [CVE-2008-5907](https://security-tracker.debian.org/tracker/CVE-2008-5907) and\n[CVE-2009-0040](https://security-tracker.debian.org/tracker/CVE-2009-0040) affect the stable distribution.)\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.35-1.\n\n\nWe recommend that you upgrade your libpng packages.\n\n\n", "cvss3": {}, "published": "2009-03-22T00:00:00", "type": "osv", "title": "libpng - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2445", "CVE-2007-5269", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2009-0040"], "modified": "2022-07-06T01:52:04", "id": "OSV:DSA-1750-1", "href": "https://osv.dev/vulnerability/DSA-1750-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
[SECURITY] Fedora 9 Update: libpng-1.2.29-1.fc9
