{"cve": [{"lastseen": "2016-09-03T12:47:15", "references": ["http://www.openwall.com/lists/oss-security/2009/09/03/5", "http://www.openwall.com/lists/oss-security/2009/08/31/5", "http://www.securityfocus.com/bid/35940", "http://www.vupen.com/english/advisories/2009/2150", "http://silcnet.org/general/news/news_client.php", "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:234", "http://silcnet.org/docs/release/SILC%20Client%201.1.8", "http://silcnet.org/docs/changelog/SILC%20Client%201.1.8", "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.10", "http://www.debian.org/security/2009/dsa-1879", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:235", "http://silcnet.org/general/news/news_toolkit.php"], "description": "Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions.", "edition": 1, "reporter": "NVD", "published": "2009-09-10T14:30:00", "type": "cve", "title": "CVE-2009-3051", "enchantments": {"score": {"modified": "2016-09-03T12:47:15", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3051"], "scanner": [], "cpe": ["cpe:/a:silcnet:silc_toolkit:1.1.2", "cpe:/a:silcnet:silc_client:1.1.6", "cpe:/a:silcnet:silc_toolkit:1.1.4", "cpe:/a:silcnet:silc_client:1.1.4", "cpe:/a:silcnet:silc_toolkit:1.1.3", "cpe:/a:silcnet:silc_toolkit:1.1.1", "cpe:/a:silcnet:silc_client:1.1.2", "cpe:/a:silcnet:silc_toolkit:1.1.9", "cpe:/a:silcnet:silc_client:1.1.7", "cpe:/a:silcnet:silc_toolkit:1.1.8", "cpe:/a:silcnet:silc_client:1.1.1", "cpe:/a:silcnet:silc_toolkit:1.1.6", "cpe:/a:silcnet:silc_client:1.1.3", "cpe:/a:silcnet:silc_toolkit:1.1.5", "cpe:/a:silcnet:silc_toolkit:1.1"], "modified": "2012-10-22T23:10:34", "id": "CVE-2009-3051", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3051", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-04-06T11:37:22", "references": [], "pluginID": "136141256231064899", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-15T00:00:00", "title": "FreeBSD Ports: silc-toolkit", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064899", "id": "OPENVAS:136141256231064899", "sourceData": "#\n#VID 24aa9970-9ccd-11de-af10-000c29a67389\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 24aa9970-9ccd-11de-af10-000c29a67389\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: silc-toolkit\n\nCVE-2009-3051\nMultiple format string vulnerabilities in\nlib/silcclient/client_entry.c in Secure Internet Live Conferencing\n(SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow\nremote attackers to execute arbitrary code via format string\nspecifiers in a nickname field, related to the (1)\nsilc_client_add_client, (2) silc_client_update_client, and (3)\nsilc_client_nickname_format functions.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.10\nhttp://www.openwall.com/lists/oss-security/2009/09/03/5\nhttp://www.vuxml.org/freebsd/24aa9970-9ccd-11de-af10-000c29a67389.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64899\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-3051\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: silc-toolkit\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"silc-toolkit\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.9\")<0) {\n txt += 'Package silc-toolkit version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:15", "references": [], "pluginID": "64578", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-08-17T00:00:00", "title": "FreeBSD Ports: silc-client, silc-irssi-client", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2016-12-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64578", "id": "OPENVAS:64578", "sourceData": "#\n#VID 4e306850-811f-11de-8a67-000c29a67389\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 4e306850-811f-11de-8a67-000c29a67389\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n silc-client\n silc-irssi-client\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://silcnet.org/docs/changelog/SILC%20Client%201.1.8\nhttp://www.vuxml.org/freebsd/4e306850-811f-11de-8a67-000c29a67389.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(64578);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 4865 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-28 17:16:43 +0100 (Wed, 28 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-3051\");\n script_name(\"FreeBSD Ports: silc-client, silc-irssi-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"silc-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package silc-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"silc-irssi-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package silc-irssi-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:09", "references": [], "pluginID": "136141256231064578", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-08-17T00:00:00", "title": "FreeBSD Ports: silc-client, silc-irssi-client", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064578", "id": "OPENVAS:136141256231064578", "sourceData": "#\n#VID 4e306850-811f-11de-8a67-000c29a67389\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 4e306850-811f-11de-8a67-000c29a67389\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n silc-client\n silc-irssi-client\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://silcnet.org/docs/changelog/SILC%20Client%201.1.8\nhttp://www.vuxml.org/freebsd/4e306850-811f-11de-8a67-000c29a67389.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64578\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-3051\");\n script_name(\"FreeBSD Ports: silc-client, silc-irssi-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"silc-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package silc-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"silc-irssi-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package silc-irssi-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:09", "references": ["http://www.openwall.com/lists/oss-security/2009/09/03/5", "http://www.vupen.com/english/advisories/2009/2150", "http://secunia.com/advisories/36134"], "pluginID": "900951", "description": "This host has SILC Client/Toolkit installed, and is prone\n to Format String vulnerability.", "edition": 1, "reporter": "Copyright (C) 2009 SecPod", "published": "2009-09-29T00:00:00", "title": "SILC Client Nickname Field Format String Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2017-01-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=900951", "id": "OPENVAS:900951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_silc_prdts_nickname_format_string_vuln.nasl 5122 2017-01-27 12:16:00Z teissa $\n#\n# SILC Client Nickname Field Format String Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply the patch or upgrade to SILC Client 1.1.8.\n http://silcnet.org/\n http://www.securityfocus.com/bid/35940/solution\n\n *****\n NOTE: Please ignore this warning if the patch is already applied.\n *****\";\n\ntag_impact = \"Attackers can exploit this iisue to execute arbitrary code in the\n context of the affected application and compromise the system.\n Impact Level: Application/System\";\ntag_affected = \"SILC Client prior to 1.1.8\n SILC Toolkit prior to 1.1.10.\";\ntag_insight = \"A format string error occurs in 'lib/silcclient/client_entry.c' while\n processing format string specifiers in the nickname field.\";\ntag_summary = \"This host has SILC Client/Toolkit installed, and is prone\n to Format String vulnerability.\";\n\nif(description)\n{\n script_id(900951);\n script_version(\"$Revision: 5122 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-27 13:16:00 +0100 (Fri, 27 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-29 09:16:03 +0200 (Tue, 29 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-3051\");\n script_bugtraq_id(35940);\n script_name(\"SILC Client Nickname Field Format String Vulnerability\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/36134\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2009/2150\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2009/09/03/5\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_silc_prdts_detect.nasl\");\n script_require_keys(\"SILC/Client/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Check if the SILC-Client version is prior to 1.1.8\nclntVer = get_kb_item(\"SILC/Client/Ver\");\nif(clntVer)\n{\n if(version_is_less(version:clntVer, test_version:\"1.1.8\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:48", "references": [], "pluginID": "64899", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "FreeBSD Ports: silc-toolkit", "type": "openvas", "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2016-12-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64899", "id": "OPENVAS:64899", "sourceData": "#\n#VID 24aa9970-9ccd-11de-af10-000c29a67389\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 24aa9970-9ccd-11de-af10-000c29a67389\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: silc-toolkit\n\nCVE-2009-3051\nMultiple format string vulnerabilities in\nlib/silcclient/client_entry.c in Secure Internet Live Conferencing\n(SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow\nremote attackers to execute arbitrary code via format string\nspecifiers in a nickname field, related to the (1)\nsilc_client_add_client, (2) silc_client_update_client, and (3)\nsilc_client_nickname_format functions.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.10\nhttp://www.openwall.com/lists/oss-security/2009/09/03/5\nhttp://www.vuxml.org/freebsd/24aa9970-9ccd-11de-af10-000c29a67389.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(64899);\n script_version(\"$Revision: 4865 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-28 17:16:43 +0100 (Wed, 28 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-3051\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: silc-toolkit\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"silc-toolkit\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.9\")<0) {\n txt += 'Package silc-toolkit version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:05:46", "references": ["http://www.openwall.com/lists/oss-security/2009/09/03/5", "http://www.vupen.com/english/advisories/2009/2150", "http://secunia.com/advisories/36134"], "pluginID": "1361412562310900951", "description": "This host has SILC Client/Toolkit installed, and is prone\n to Format String vulnerability.", "edition": 3, "reporter": "Copyright (C) 2009 SecPod", "published": "2009-09-29T00:00:00", "title": "SILC Client Nickname Field Format String Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310900951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_silc_prdts_nickname_format_string_vuln.nasl 9350 2018-04-06 07:03:33Z cfischer $\n#\n# SILC Client Nickname Field Format String Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply the patch or upgrade to SILC Client 1.1.8.\n http://silcnet.org/\n http://www.securityfocus.com/bid/35940/solution\n\n *****\n NOTE: Please ignore this warning if the patch is already applied.\n *****\";\n\ntag_impact = \"Attackers can exploit this iisue to execute arbitrary code in the\n context of the affected application and compromise the system.\n Impact Level: Application/System\";\ntag_affected = \"SILC Client prior to 1.1.8\n SILC Toolkit prior to 1.1.10.\";\ntag_insight = \"A format string error occurs in 'lib/silcclient/client_entry.c' while\n processing format string specifiers in the nickname field.\";\ntag_summary = \"This host has SILC Client/Toolkit installed, and is prone\n to Format String vulnerability.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900951\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-29 09:16:03 +0200 (Tue, 29 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-3051\");\n script_bugtraq_id(35940);\n script_name(\"SILC Client Nickname Field Format String Vulnerability\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/36134\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2009/2150\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2009/09/03/5\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_silc_prdts_detect.nasl\");\n script_require_keys(\"SILC/Client/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Check if the SILC-Client version is prior to 1.1.8\nclntVer = get_kb_item(\"SILC/Client/Ver\");\nif(clntVer)\n{\n if(version_is_less(version:clntVer, test_version:\"1.1.8\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:01", "references": [], "pluginID": "136141256231064908", "description": "The remote host is missing an update to silc-toolkit\nannounced via advisory MDVSA-2009:235.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-21T00:00:00", "title": "Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051", "CVE-2009-3163"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064908", "id": "OPENVAS:136141256231064908", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_235.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:235 (silc-toolkit)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in silc-toolkit:\n\nMultiple format string vulnerabilities in lib/silcclient/client_entry.c\nin Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and\nSILC Client before 1.1.8, allow remote attackers to execute arbitrary\ncode via format string specifiers in a nickname field, related to the\n(1) silc_client_add_client, (2) silc_client_update_client, and (3)\nsilc_client_nickname_format functions (CVE-2009-3051).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c\nin Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10,\nand SILC Client 1.1.8 and earlier, allow remote attackers to execute\narbitrary code via format string specifiers in a channel name, related\nto (1) silc_client_command_topic, (2) silc_client_command_kick,\n(3) silc_client_command_leave, and (4) silc_client_command_users\n(CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:235\";\ntag_summary = \"The remote host is missing an update to silc-toolkit\nannounced via advisory MDVSA-2009:235.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64908\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-3051\", \"CVE-2009-3163\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsilc1.1_2\", rpm:\"libsilc1.1_2~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsilcclient1.1_3\", rpm:\"libsilcclient1.1_3~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"silc-toolkit\", rpm:\"silc-toolkit~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"silc-toolkit-devel\", rpm:\"silc-toolkit-devel~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64silc1.1_2\", rpm:\"lib64silc1.1_2~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64silcclient1.1_3\", rpm:\"lib64silcclient1.1_3~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:01", "references": [], "pluginID": "64908", "description": "The remote host is missing an update to silc-toolkit\nannounced via advisory MDVSA-2009:235.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051", "CVE-2009-3163"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64908", "id": "OPENVAS:64908", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_235.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:235 (silc-toolkit)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in silc-toolkit:\n\nMultiple format string vulnerabilities in lib/silcclient/client_entry.c\nin Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and\nSILC Client before 1.1.8, allow remote attackers to execute arbitrary\ncode via format string specifiers in a nickname field, related to the\n(1) silc_client_add_client, (2) silc_client_update_client, and (3)\nsilc_client_nickname_format functions (CVE-2009-3051).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c\nin Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10,\nand SILC Client 1.1.8 and earlier, allow remote attackers to execute\narbitrary code via format string specifiers in a channel name, related\nto (1) silc_client_command_topic, (2) silc_client_command_kick,\n(3) silc_client_command_leave, and (4) silc_client_command_users\n(CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:235\";\ntag_summary = \"The remote host is missing an update to silc-toolkit\nannounced via advisory MDVSA-2009:235.\";\n\n \n\nif(description)\n{\n script_id(64908);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-3051\", \"CVE-2009-3163\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsilc1.1_2\", rpm:\"libsilc1.1_2~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsilcclient1.1_3\", rpm:\"libsilcclient1.1_3~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"silc-toolkit\", rpm:\"silc-toolkit~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"silc-toolkit-devel\", rpm:\"silc-toolkit-devel~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64silc1.1_2\", rpm:\"lib64silc1.1_2~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64silcclient1.1_3\", rpm:\"lib64silcclient1.1_3~1.1.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:18", "references": [], "pluginID": "64822", "description": "The remote host is missing an update to silc-client/silc-toolkit\nannounced via advisory DSA 1879-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-09T00:00:00", "title": "Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64822", "id": "OPENVAS:64822", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1879_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1879-1 (silc-client/silc-toolkit)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the software suite for the\nSILC protocol, a network protocol designed to provide end-to-end security\nfor conferencing services. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nAn incorrect format string in sscanf() used in the ASN1 encoder to scan an\nOID value could overwrite a neighbouring variable on the stack as the\ndestination data type is smaller than the source type on 64-bit. On 64-bit\narchitectures this could result in unexpected application behaviour or even\ncode execution in some cases (CVE-2008-7159).\n\nVarious format string vulnerabilities when handling parsed SILC messages\nallow an attacker to execute arbitrary code with the rights of the victim\nrunning the SILC client via crafted nick names or channel names containing\nformat strings (CVE-2009-3051).\n\nAn incorrect format string in a sscanf() call used in the HTTP server\ncomponent of silcd could result in overwriting a neighbouring variable on\nthe stack as the destination data type is smaller than the source type on\n64-bit. An attacker could exploit this by using crafted Content-Length\nheader values resulting in unexpected application behaviour or even code\nexecution in some cases (CVE-2008-7160).\n\n\nsilc-server doesn't need an update as it uses the shared library provided\nby silc-toolkit. silc-client/silc-toolkit in the oldstable distribution\n(etch) is not affected by this problem.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1\nof silc-client.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client\n(using libsilc from silc-toolkit since this upload).\n\nWe recommend that you upgrade your silc-toolkit/silc-client packages.\";\ntag_summary = \"The remote host is missing an update to silc-client/silc-toolkit\nannounced via advisory DSA 1879-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201879-1\";\n\n\nif(description)\n{\n script_id(64822);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libsilc-1.1-2-dbg\", ver:\"1.1.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-plugin-silc\", ver:\"1.1.4-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsilc-1.1-2-dev\", ver:\"1.1.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsilc-1.1-2\", ver:\"1.1.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"silc\", ver:\"1.1.4-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:56", "references": [], "pluginID": "136141256231064822", "description": "The remote host is missing an update to silc-client/silc-toolkit\nannounced via advisory DSA 1879-1.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064822", "id": "OPENVAS:136141256231064822", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1879_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1879-1 (silc-client/silc-toolkit)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the software suite for the\nSILC protocol, a network protocol designed to provide end-to-end security\nfor conferencing services. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nAn incorrect format string in sscanf() used in the ASN1 encoder to scan an\nOID value could overwrite a neighbouring variable on the stack as the\ndestination data type is smaller than the source type on 64-bit. On 64-bit\narchitectures this could result in unexpected application behaviour or even\ncode execution in some cases (CVE-2008-7159).\n\nVarious format string vulnerabilities when handling parsed SILC messages\nallow an attacker to execute arbitrary code with the rights of the victim\nrunning the SILC client via crafted nick names or channel names containing\nformat strings (CVE-2009-3051).\n\nAn incorrect format string in a sscanf() call used in the HTTP server\ncomponent of silcd could result in overwriting a neighbouring variable on\nthe stack as the destination data type is smaller than the source type on\n64-bit. An attacker could exploit this by using crafted Content-Length\nheader values resulting in unexpected application behaviour or even code\nexecution in some cases (CVE-2008-7160).\n\n\nsilc-server doesn't need an update as it uses the shared library provided\nby silc-toolkit. silc-client/silc-toolkit in the oldstable distribution\n(etch) is not affected by this problem.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1\nof silc-client.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client\n(using libsilc from silc-toolkit since this upload).\n\nWe recommend that you upgrade your silc-toolkit/silc-client packages.\";\ntag_summary = \"The remote host is missing an update to silc-client/silc-toolkit\nannounced via advisory DSA 1879-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201879-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64822\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libsilc-1.1-2-dbg\", ver:\"1.1.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-plugin-silc\", ver:\"1.1.4-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsilc-1.1-2-dev\", ver:\"1.1.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsilc-1.1-2\", ver:\"1.1.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"silc\", ver:\"1.1.4-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:25", "references": ["http://silcnet.org/docs/changelog/SILC%20Client%201.1.8"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.1.8", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "silc-irssi-client", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.1.8", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "silc-client", "operator": "lt"}], "description": "\nSILC changelog reports:\n\nAn unspecified format string vulnerability exists in\n\t silc-client.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2009-07-31T00:00:00", "title": "silc-client -- Format string vulnerability", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3051"], "modified": "2010-05-02T00:00:00", "id": "4E306850-811F-11DE-8A67-000C29A67389", "href": "https://vuxml.freebsd.org/freebsd/4e306850-811f-11de-8a67-000c29a67389.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:47:29", "references": ["http://www.openwall.com/lists/oss-security/2009/09/03/5", "http://www.nessus.org/u?4a8fb1b4", "http://www.nessus.org/u?58fc4159"], "pluginID": "40899", "description": "SILC Changlog reports :\n\nAn unspecified format string vulnerability exists in silc-toolkit.", "edition": 4, "reporter": "Tenable", "published": "2009-09-09T00:00:00", "title": "FreeBSD : silc-toolkit -- Format string vulnerabilities (24aa9970-9ccd-11de-af10-000c29a67389)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2013-06-21T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:silc-toolkit"], "id": "FREEBSD_PKG_24AA99709CCD11DEAF10000C29A67389.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40899", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40899);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:48:17 $\");\n\n script_cve_id(\"CVE-2009-3051\");\n\n script_name(english:\"FreeBSD : silc-toolkit -- Format string vulnerabilities (24aa9970-9ccd-11de-af10-000c29a67389)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SILC Changlog reports :\n\nAn unspecified format string vulnerability exists in silc-toolkit.\"\n );\n # http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.10\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a8fb1b4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.openwall.com/lists/oss-security/2009/09/03/5\"\n );\n # http://www.freebsd.org/ports/portaudit/24aa9970-9ccd-11de-af10-000c29a67389.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58fc4159\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"silc-toolkit<1.1.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:47:34", "references": ["http://www.nessus.org/u?fee9e476", "http://www.nessus.org/u?f8bad6b9"], "pluginID": "40486", "description": "SILC changelog reports :\n\nAn unspecified format string vulnerability exists in silc-client.", "edition": 4, "reporter": "Tenable", "published": "2009-08-05T00:00:00", "title": "FreeBSD : silc-client -- Format string vulnerability (4e306850-811f-11de-8a67-000c29a67389)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051"], "modified": "2013-06-21T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:silc-client", "p-cpe:/a:freebsd:freebsd:silc-irssi-client"], "id": "FREEBSD_PKG_4E306850811F11DE8A67000C29A67389.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40486", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40486);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:52:43 $\");\n\n script_cve_id(\"CVE-2009-3051\");\n\n script_name(english:\"FreeBSD : silc-client -- Format string vulnerability (4e306850-811f-11de-8a67-000c29a67389)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SILC changelog reports :\n\nAn unspecified format string vulnerability exists in silc-client.\"\n );\n # http://silcnet.org/docs/changelog/SILC%20Client%201.1.8\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8bad6b9\"\n );\n # http://www.freebsd.org/ports/portaudit/4e306850-811f-11de-8a67-000c29a67389.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fee9e476\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:silc-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:silc-irssi-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"silc-client<1.1.8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"silc-irssi-client<1.1.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:35:59", "references": [], "pluginID": "48152", "description": "Multiple vulnerabilities was discovered and corrected in silc-toolkit :\n\nMultiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions (CVE-2009-3051).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users (CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.", "edition": 5, "reporter": "Tenable", "published": "2010-07-30T00:00:00", "title": "Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:235)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3051", "CVE-2009-3163"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:silc-toolkit", "p-cpe:/a:mandriva:linux:lib64silcclient1.1_3", "p-cpe:/a:mandriva:linux:silc-toolkit-devel", "cpe:/o:mandriva:linux:2009.1", "p-cpe:/a:mandriva:linux:libsilc1.1_2", "p-cpe:/a:mandriva:linux:libsilcclient1.1_3", "p-cpe:/a:mandriva:linux:lib64silc1.1_2"], "id": "MANDRIVA_MDVSA-2009-235.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=48152", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:235. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(48152);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-3051\", \"CVE-2009-3163\");\n script_xref(name:\"MDVSA\", value:\"2009:235\");\n\n script_name(english:\"Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:235)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and corrected in \nsilc-toolkit :\n\nMultiple format string vulnerabilities in\nlib/silcclient/client_entry.c in Secure Internet Live Conferencing\n(SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow\nremote attackers to execute arbitrary code via format string\nspecifiers in a nickname field, related to the (1)\nsilc_client_add_client, (2) silc_client_update_client, and (3)\nsilc_client_nickname_format functions (CVE-2009-3051).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c in\nSecure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and\nSILC Client 1.1.8 and earlier, allow remote attackers to execute\narbitrary code via format string specifiers in a channel name, related\nto (1) silc_client_command_topic, (2) silc_client_command_kick, (3)\nsilc_client_command_leave, and (4) silc_client_command_users\n(CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64silc1.1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64silcclient1.1_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsilc1.1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsilcclient1.1_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:silc-toolkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64silc1.1_2-1.1.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64silcclient1.1_3-1.1.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsilc1.1_2-1.1.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libsilcclient1.1_3-1.1.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"silc-toolkit-1.1.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"silc-toolkit-devel-1.1.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:59:48", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=535841"], "pluginID": "41003", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "edition": 4, "reporter": "Tenable", "published": "2009-09-17T00:00:00", "title": "openSUSE Security Update : silc-toolkit (silc-toolkit-1280)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:silc-toolkit", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:silc-toolkit-devel"], "id": "SUSE_11_0_SILC-TOOLKIT-090908.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41003", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update silc-toolkit-1280.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41003);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:44:04 $\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\");\n\n script_name(english:\"openSUSE Security Update : silc-toolkit (silc-toolkit-1280)\");\n script_summary(english:\"Check for the silc-toolkit-1280 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of slic-toolkit fixes stack-based overflow while encoding\na ASN.1 OID (CVE-2008-7159) and several format string bugs\n(CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues\nto execute arbitrary code is high.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected silc-toolkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:silc-toolkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"silc-toolkit-1.1.7-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"silc-toolkit-devel-1.1.7-19.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"silc-toolkit\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:34:05", "references": [], "pluginID": "42033", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "edition": 4, "reporter": "Tenable", "published": "2009-10-06T00:00:00", "title": "openSUSE 10 Security Update : silc-toolkit (silc-toolkit-6479)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:silc-toolkit", "p-cpe:/a:novell:opensuse:silc-toolkit-devel"], "id": "SUSE_SILC-TOOLKIT-6479.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42033", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update silc-toolkit-6479.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42033);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:36:49 $\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\");\n\n script_name(english:\"openSUSE 10 Security Update : silc-toolkit (silc-toolkit-6479)\");\n script_summary(english:\"Check for the silc-toolkit-6479 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of slic-toolkit fixes stack-based overflow while encoding\na ASN.1 OID (CVE-2008-7159) and several format string bugs\n(CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues\nto execute arbitrary code is high.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected silc-toolkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:silc-toolkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"silc-toolkit-1.1.2-14.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"silc-toolkit-devel-1.1.2-14.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"silc-toolkit\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:06:54", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=535841"], "pluginID": "41005", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "edition": 4, "reporter": "Tenable", "published": "2009-09-17T00:00:00", "title": "openSUSE Security Update : silc-toolkit (silc-toolkit-1280)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:silc-toolkit", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:silc-toolkit-devel"], "id": "SUSE_11_1_SILC-TOOLKIT-090908.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41005", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update silc-toolkit-1280.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41005);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:55:05 $\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\");\n\n script_name(english:\"openSUSE Security Update : silc-toolkit (silc-toolkit-1280)\");\n script_summary(english:\"Check for the silc-toolkit-1280 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of slic-toolkit fixes stack-based overflow while encoding\na ASN.1 OID (CVE-2008-7159) and several format string bugs\n(CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues\nto execute arbitrary code is high.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected silc-toolkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:silc-toolkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"silc-toolkit-1.1.7-7.66.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"silc-toolkit-devel-1.1.7-7.66.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"silc-toolkit\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:43:46", "references": ["http://support.novell.com/security/cve/CVE-2008-7159.html", "http://support.novell.com/security/cve/CVE-2009-3051.html", "http://support.novell.com/security/cve/CVE-2008-7160.html", "https://bugzilla.novell.com/show_bug.cgi?id=535841"], "pluginID": "41453", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051 / CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "edition": 4, "reporter": "Tenable", "published": "2009-09-24T00:00:00", "title": "SuSE 11 Security Update : silc-toolkit (SAT Patch Number 1282)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2013-10-25T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:silc-toolkit"], "id": "SUSE_11_SILC-TOOLKIT-090908.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41453", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41453);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:56:04 $\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\");\n\n script_name(english:\"SuSE 11 Security Update : silc-toolkit (SAT Patch Number 1282)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of slic-toolkit fixes stack-based overflow while encoding\na ASN.1 OID (CVE-2008-7159) and several format string bugs\n(CVE-2009-3051 / CVE-2008-7160). The probability to exploit this\nissues to execute arbitrary code is high.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-7159.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-7160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3051.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1282.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"silc-toolkit-1.1.7-7.23.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"silc-toolkit-1.1.7-7.23.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:38:03", "references": [], "pluginID": "40997", "description": "Multiple vulnerabilities was discovered and corrected in silc-toolkit :\n\nMultiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions (CVE-2009-3051).\n\nThe silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string (CVE-2008-7159).\n\nThe silc_http_server_parse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header, related to incorrect use of a %lu format string (CVE-2008-7160).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users (CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.\n\nUpdate :\n\nPackages for MES5 was not provided previousely, this update addresses this problem.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "edition": 5, "reporter": "Tenable", "published": "2009-09-16T00:00:00", "title": "Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:234-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:silc-toolkit", "p-cpe:/a:mandriva:linux:libsilcclient-1.1_2", "p-cpe:/a:mandriva:linux:libsilc-1.1_2", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:silc-toolkit-devel", "p-cpe:/a:mandriva:linux:lib64silc-1.1_2", "p-cpe:/a:mandriva:linux:lib64silcclient-1.1_2"], "id": "MANDRIVA_MDVSA-2009-234.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40997", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:234. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40997);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\", \"CVE-2009-3163\");\n script_bugtraq_id(36194);\n script_xref(name:\"MDVSA\", value:\"2009:234-2\");\n\n script_name(english:\"Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:234-2)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and corrected in \nsilc-toolkit :\n\nMultiple format string vulnerabilities in\nlib/silcclient/client_entry.c in Secure Internet Live Conferencing\n(SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow\nremote attackers to execute arbitrary code via format string\nspecifiers in a nickname field, related to the (1)\nsilc_client_add_client, (2) silc_client_update_client, and (3)\nsilc_client_nickname_format functions (CVE-2009-3051).\n\nThe silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in\nSecure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows\nremote attackers to overwrite a stack location and possibly execute\narbitrary code via a crafted OID value, related to incorrect use of a\n%lu format string (CVE-2008-7159).\n\nThe silc_http_server_parse function in lib/silchttp/silchttpserver.c\nin the internal HTTP server in silcd in Secure Internet Live\nConferencing (SILC) Toolkit before 1.1.9 allows remote attackers to\noverwrite a stack location and possibly execute arbitrary code via a\ncrafted Content-Length header, related to incorrect use of a %lu\nformat string (CVE-2008-7160).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c in\nSecure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and\nSILC Client 1.1.8 and earlier, allow remote attackers to execute\narbitrary code via format string specifiers in a channel name, related\nto (1) silc_client_command_topic, (2) silc_client_command_kick, (3)\nsilc_client_command_leave, and (4) silc_client_command_users\n(CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.\n\nUpdate :\n\nPackages for MES5 was not provided previousely, this update addresses\nthis problem.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64silc-1.1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64silcclient-1.1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsilc-1.1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsilcclient-1.1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:silc-toolkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64silc-1.1_2-1.1.2-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64silcclient-1.1_2-1.1.2-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsilc-1.1_2-1.1.2-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libsilcclient-1.1_2-1.1.2-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"silc-toolkit-1.1.2-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"silc-toolkit-devel-1.1.2-2.2mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:35", "references": ["https://security-tracker.debian.org/tracker/CVE-2009-3051", "https://security-tracker.debian.org/tracker/CVE-2008-7159", "https://security-tracker.debian.org/tracker/CVE-2008-7160", "http://www.debian.org/security/2009/dsa-1879"], "pluginID": "44744", "description": "Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-7159 An incorrect format string in sscanf() used in the ASN1 encoder to scan an OID value could overwrite a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. On 64-bit architectures this could result in unexpected application behaviour or even code execution in some cases.\n\n - CVE-2009-3051 Various format string vulnerabilities when handling parsed SILC messages allow an attacker to execute arbitrary code with the rights of the victim running the SILC client via crafted nick names or channel names containing format strings.\n\n - CVE-2008-7160 An incorrect format string in a sscanf() call used in the HTTP server component of silcd could result in overwriting a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. An attacker could exploit this by using crafted Content-Length header values resulting in unexpected application behaviour or even code execution in some cases.\n\nsilc-server doesn't need an update as it uses the shared library provided by silc-toolkit. silc-client/silc-toolkit in the oldstable distribution (etch) is not affected by this problem.", "edition": 5, "reporter": "Tenable", "published": "2010-02-24T00:00:00", "title": "Debian DSA-1879-1 : silc-client/silc-toolkit - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:silc-toolkit"], "id": "DEBIAN_DSA-1879.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=44744", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1879. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44744);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/09 14:30:24\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\", \"CVE-2009-3163\");\n script_bugtraq_id(36194);\n script_xref(name:\"DSA\", value:\"1879\");\n\n script_name(english:\"Debian DSA-1879-1 : silc-client/silc-toolkit - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the software suite for\nthe SILC protocol, a network protocol designed to provide end-to-end\nsecurity for conferencing services. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2008-7159\n An incorrect format string in sscanf() used in the ASN1\n encoder to scan an OID value could overwrite a\n neighbouring variable on the stack as the destination\n data type is smaller than the source type on 64-bit. On\n 64-bit architectures this could result in unexpected\n application behaviour or even code execution in some\n cases.\n\n - CVE-2009-3051\n Various format string vulnerabilities when handling\n parsed SILC messages allow an attacker to execute\n arbitrary code with the rights of the victim running the\n SILC client via crafted nick names or channel names\n containing format strings.\n\n - CVE-2008-7160\n An incorrect format string in a sscanf() call used in\n the HTTP server component of silcd could result in\n overwriting a neighbouring variable on the stack as the\n destination data type is smaller than the source type on\n 64-bit. An attacker could exploit this by using crafted\n Content-Length header values resulting in unexpected\n application behaviour or even code execution in some\n cases.\n\nsilc-server doesn't need an update as it uses the shared library\nprovided by silc-toolkit. silc-client/silc-toolkit in the oldstable\ndistribution (etch) is not affected by this problem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-7160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2009/dsa-1879\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the silc-toolkit/silc-client packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1\nof silc-client.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"irssi-plugin-silc\", reference:\"1.1.4-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libsilc-1.1-2\", reference:\"1.1.7-2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libsilc-1.1-2-dbg\", reference:\"1.1.7-2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libsilc-1.1-2-dev\", reference:\"1.1.7-2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"silc\", reference:\"1.1.4-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:09:58", "references": ["https://security.gentoo.org/glsa/201006-07"], "pluginID": "46774", "description": "The remote host is affected by the vulnerability described in GLSA-201006-07 (SILC: Multiple vulnerabilities)\n\n Multiple vulnerabilities were discovered in SILC Toolkit and SILC Client. For further information please consult the CVE entries referenced below.\n Impact :\n\n A remote attacker could overwrite stack locations and possibly execute arbitrary code via a crafted OID value, Content-Length header or format string specifiers in a nickname field or channel name.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2010-06-02T00:00:00", "title": "GLSA-201006-07 : SILC: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "modified": "2018-07-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:silc-client", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:silc-toolkit"], "id": "GENTOO_GLSA-201006-07.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46774", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201006-07.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46774);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/11 17:09:26\");\n\n script_cve_id(\"CVE-2008-7159\", \"CVE-2008-7160\", \"CVE-2009-3051\", \"CVE-2009-3163\");\n script_bugtraq_id(36194);\n script_xref(name:\"GLSA\", value:\"201006-07\");\n\n script_name(english:\"GLSA-201006-07 : SILC: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201006-07\n(SILC: Multiple vulnerabilities)\n\n Multiple vulnerabilities were discovered in SILC Toolkit and SILC\n Client. For further information please consult the CVE entries\n referenced below.\n \nImpact :\n\n A remote attacker could overwrite stack locations and possibly execute\n arbitrary code via a crafted OID value, Content-Length header or format\n string specifiers in a nickname field or channel name.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201006-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All SILC Toolkit users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/silc-toolkit-1.1.10'\n All SILC Client users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/silc-client-1.1.8'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:silc-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:silc-toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-im/silc-toolkit\", unaffected:make_list(\"ge 1.1.10\"), vulnerable:make_list(\"lt 1.1.10\"))) flag++;\nif (qpkg_check(package:\"net-im/silc-client\", unaffected:make_list(\"ge 1.1.8\"), vulnerable:make_list(\"lt 1.1.8\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SILC\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:34", "references": ["https://vulners.com/securityvulns/securityvulns:doc:22411"], "description": "Multiple format string vulnerabilities on different messages parsing.", "edition": 1, "reporter": "BUGTRAQ", "published": "2009-09-04T00:00:00", "title": "silc format string vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:34", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "silc", "version": "1.1", "operator": "eq"}], "cvelist": ["CVE-2009-3051"], "modified": "2009-09-04T00:00:00", "id": "SECURITYVULNS:VULN:10204", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10204", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:31", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1879-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nSeptember 4th, 2009 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : silc-client/silc-toolkit\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2008-7159 CVE-2008-7160 CVE-2009-3051\r\n\r\nSeveral vulnerabilities have been discovered in the software suite for the\r\nSILC protocol, a network protocol designed to provide end-to-end security\r\nfor conferencing services. The Common Vulnerabilities and Exposures\r\nproject identifies the following problems:\r\n\r\nAn incorrect format string in sscanf() used in the ASN1 encoder to scan an\r\nOID value could overwrite a neighbouring variable on the stack as the\r\ndestination data type is smaller than the source type on 64-bit. On 64-bit\r\narchitectures this could result in unexpected application behaviour or even\r\ncode execution in some cases (CVE-2008-7159).\r\n\r\nVarious format string vulnerabilities when handling parsed SILC messages\r\nallow an attacker to execute arbitrary code with the rights of the victim\r\nrunning the SILC client via crafted nick names or channel names containing\r\nformat strings (CVE-2009-3051).\r\n\r\nAn incorrect format string in a sscanf() call used in the HTTP server\r\ncomponent of silcd could result in overwriting a neighbouring variable on\r\nthe stack as the destination data type is smaller than the source type on\r\n64-bit. An attacker could exploit this by using crafted Content-Length\r\nheader values resulting in unexpected application behaviour or even code\r\nexecution in some cases (CVE-2008-7160).\r\n\r\n\r\nsilc-server doesn't need an update as it uses the shared library provided\r\nby silc-toolkit. silc-client/silc-toolkit in the oldstable distribution\r\n(etch) is not affected by this problem.\r\n\r\nFor the stable distribution (lenny), this problem has been fixed in\r\nversion 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1\r\nof silc-client.\r\n\r\nFor the testing distribution (squeeze), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client\r\n(using libsilc from silc-toolkit since this upload).\r\n\r\nWe recommend that you upgrade your silc-toolkit/silc-client packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc,\r\ns390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7-2+lenny1.dsc\r\n Size/MD5 checksum: 1430 eff8a733cf7e4db92296533394f42b22\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7.orig.tar.gz\r\n Size/MD5 checksum: 2678989 4f2fa6678f4801fd7087b4f92dada6ee\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7-2+lenny1.diff.gz\r\n Size/MD5 checksum: 16935 1e5d1151029379a7ba135799dc1cd166\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4-1+lenny1.dsc\r\n Size/MD5 checksum: 1380 29601c3569b30b5e3d3307689c9c25f8\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4.orig.tar.gz\r\n Size/MD5 checksum: 2202993 979d46c78ace2dade513f33ad0081e85\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4-1+lenny1.diff.gz\r\n Size/MD5 checksum: 11593 efa43890947e5ba7a34631c689abcb60\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_alpha.deb\r\n Size/MD5 checksum: 788516 0cd53c076d01f2ed2f3126385c2ec4e8\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_alpha.deb\r\n Size/MD5 checksum: 720306 b21343d40a367e08b0e215b4a7575d4d\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_alpha.deb\r\n Size/MD5 checksum: 2291652 9dc47295123af7ed95cdf10f2bb48f94\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_alpha.deb\r\n Size/MD5 checksum: 684328 674dd1d1da7fcbd87789fb53a4128bef\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_alpha.deb\r\n Size/MD5 checksum: 602432 76d7f386a31c02a31fefb10167611dea\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_amd64.deb\r\n Size/MD5 checksum: 2010710 669d1bd65dc987f4e27263ddd427409d\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_amd64.deb\r\n Size/MD5 checksum: 816352 569993e597e2bfb086558d79cf404404\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_amd64.deb\r\n Size/MD5 checksum: 575504 8961ff37ee74c66f26ad8115e152e8a8\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_amd64.deb\r\n Size/MD5 checksum: 682922 69d0986a3ee58796abcbd49bb67596e7\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_amd64.deb\r\n Size/MD5 checksum: 636202 0be0cf64803db8179887baa654636a05\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_arm.deb\r\n Size/MD5 checksum: 530304 ef44fd7a87532a5eaa233bf8ff0fe35c\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_arm.deb\r\n Size/MD5 checksum: 1970220 af591e1b1256e237bc3874dc1436dcf8\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_arm.deb\r\n Size/MD5 checksum: 596952 a3f7b72e6f6afa8b112a976f81402211\r\n http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_arm.deb\r\n Size/MD5 checksum: 637190 1918f391d001728b090d1eccd29a1591\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_arm.deb\r\n Size/MD5 checksum: 729096 43b9f94059b92f89d6c0b369d4d0af03\r\n\r\narmel architecture (ARM EABI)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_armel.deb\r\n Size/MD5 checksum: 1962612 4decc400c81cc614b92e4a1ad30ed1af\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_armel.deb\r\n Size/MD5 checksum: 733882 423ec8e7059493bc0fc18e82b806f285\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_armel.deb\r\n Size/MD5 checksum: 532724 29c468a23b0ea6ed185011b32301a62f\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_armel.deb\r\n Size/MD5 checksum: 633846 fb04296b8cafd4e7d963fa7b76aaeb72\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_armel.deb\r\n Size/MD5 checksum: 593904 35f18b5885bbc7d0c3d8266f80b4972e\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_hppa.deb\r\n Size/MD5 checksum: 706862 f1d684f275d2856b5901c6ba281e2c6c\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_hppa.deb\r\n Size/MD5 checksum: 2071298 faf1c7e0ce3ecb2d8f7b7bfda1a8c8e8\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_hppa.deb\r\n Size/MD5 checksum: 748138 bca4aef69adacc2ad3916dec73fa39e2\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_hppa.deb\r\n Size/MD5 checksum: 580570 17528232c8afce64d1001ee70ed51cfd\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_hppa.deb\r\n Size/MD5 checksum: 657840 33e4113f1fe83f46d37fbc402c75cdd2\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_i386.deb\r\n Size/MD5 checksum: 1958352 6e52615a8b32b370b494137f0300feb2\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_i386.deb\r\n Size/MD5 checksum: 757594 d497653d4099715dd6fd93e05b040628\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_i386.deb\r\n Size/MD5 checksum: 613194 ced6311eecca14af5769eb5f8b0c31c5\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_i386.deb\r\n Size/MD5 checksum: 654282 ec5871f734bdbe786fea918239f03e54\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_i386.deb\r\n Size/MD5 checksum: 535140 c337b0f6e4af21cbdf4a78e69f064469\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_ia64.deb\r\n Size/MD5 checksum: 831536 62b8713afd7d9fbe131991906b0dbb97\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_ia64.deb\r\n Size/MD5 checksum: 775238 956a12f89fa6726c7b3a6a7bcb75468b\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_ia64.deb\r\n Size/MD5 checksum: 736840 0204a4e63142577df5144a6130a5ce2c\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_ia64.deb\r\n Size/MD5 checksum: 691606 01a3e15fdbe685d4f07e3bf03c912315\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_ia64.deb\r\n Size/MD5 checksum: 1798590 aa499f0a6891b564a8a8c710416c609d\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_mipsel.deb\r\n Size/MD5 checksum: 543784 d03b80092bd257a9063583688dccb56a\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_mipsel.deb\r\n Size/MD5 checksum: 596180 3fd8c7843ec4bbd84b5e0e6f190caa52\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_mipsel.deb\r\n Size/MD5 checksum: 629238 d61e7398ccfc2bf304698c4ba753dca0\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_mipsel.deb\r\n Size/MD5 checksum: 766454 d1da8cc53723cad21cbbae1509202fb7\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_mipsel.deb\r\n Size/MD5 checksum: 1648330 b53fbf48b759f8ed6e73f57f5b80ec96\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_powerpc.deb\r\n Size/MD5 checksum: 676340 30c793888c95438921365283010c93d1\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_powerpc.deb\r\n Size/MD5 checksum: 759318 d06fa7e4b07582a55db2af4ea3c4b59f\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_powerpc.deb\r\n Size/MD5 checksum: 568176 3ab7e328f4b77832efbd25aac2ed9411\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_powerpc.deb\r\n Size/MD5 checksum: 641016 a324bb31b852d1263d368e5c52c9ad57\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_powerpc.deb\r\n Size/MD5 checksum: 1606250 6064261f608218c011229c2ac3e955bb\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_s390.deb\r\n Size/MD5 checksum: 688236 c74f47601419f18507d11e8ed96b5fce\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_s390.deb\r\n Size/MD5 checksum: 647672 6fc21eb1bac7df10cf097ad9946ff73f\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_s390.deb\r\n Size/MD5 checksum: 767682 dd900105226d9b8477144394d9db91f7\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_s390.deb\r\n Size/MD5 checksum: 577372 0c664657507445643e307f75b7591b11\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_s390.deb\r\n Size/MD5 checksum: 1597620 f46831f1d0039b369670d5d0c2e4dfc7\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_sparc.deb\r\n Size/MD5 checksum: 604228 37f7538fc5407a74d561a7e77d5fd063\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_sparc.deb\r\n Size/MD5 checksum: 644262 0dc6b8b64ba99bfd73b9f0209ef443da\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_sparc.deb\r\n Size/MD5 checksum: 1986452 ccea49c8bda9cd6d1199668a34456eda\r\n http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_sparc.deb\r\n Size/MD5 checksum: 542290 18a8c0d447f2f57496c283480b3194e7\r\n \r\nhttp://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_sparc.deb\r\n Size/MD5 checksum: 707320 e46a755fa1382dbfd179a7d50b129508\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niEYEARECAAYFAkqhL8kACgkQHYflSXNkfP8oNwCfTn3RGpcOGhRoe5yMcA2Vsgmb\r\nKEQAoJVMeF3cRw0Lf5fRKsqRFsrIB81S\r\n=lqqc\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2009-09-04T00:00:00", "title": "[SECURITY] [DSA 1879-1] New silc-client/silc-toolkit packages fix arbitrary code execution", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:31", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "modified": "2009-09-04T00:00:00", "id": "SECURITYVULNS:DOC:22411", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22411", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:31", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=284561", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3163", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3051", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.1.8", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "net-im/silc-client", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.1.10", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "net-im/silc-toolkit", "operator": "lt"}], "edition": 1, "description": "### Background\n\nSILC (Secure Internet Live Conferencing protocol) Toolkit is a software development kit for use in clients, and SILC Client is an IRSSI-based text client. \n\n### Description\n\nMultiple vulnerabilities were discovered in SILC Toolkit and SILC Client. For further information please consult the CVE entries referenced below. \n\n### Impact\n\nA remote attacker could overwrite stack locations and possibly execute arbitrary code via a crafted OID value, Content-Length header or format string specifiers in a nickname field or channel name. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll SILC Toolkit users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/silc-toolkit-1.1.10\"\n\nAll SILC Client users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/silc-client-1.1.8\"", "reporter": "Gentoo Foundation", "published": "2010-06-01T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "SILC: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "modified": "2010-06-01T00:00:00", "id": "GLSA-201006-07", "href": "https://security.gentoo.org/glsa/201006-07", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-07-04T01:43:37", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "ppc", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_powerpc.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "alpha", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_alpha.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "hppa", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_hppa.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "armel", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_armel.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "mipsel", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_mipsel.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "src", "packageFilename": "silc-toolkit_1.1.7-2+lenny1.dsc", "packageName": "silc-toolkit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "i686", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_i386.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "ia64", "packageFilename": "silc_1.1.4-1+lenny1_ia64.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "sparc", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_sparc.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "s390x", "packageFilename": "silc_1.1.4-1+lenny1_s390.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "ia64", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_ia64.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "s390x", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_s390.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "hppa", "packageFilename": "silc_1.1.4-1+lenny1_hppa.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "mipsel", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_mipsel.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4.orig", "arch": "src", "packageFilename": "silc-client_1.1.4.orig.tar.gz", "packageName": "silc-client", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "s390x", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_s390.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "x86-64", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_amd64.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "arm", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_arm.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "i686", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_i386.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1.diff", "arch": "src", "packageFilename": "silc-client_1.1.4-1+lenny1.diff.gz", "packageName": "silc-client", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "s390x", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_s390.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "sparc", "packageFilename": "silc_1.1.4-1+lenny1_sparc.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "x86-64", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_amd64.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "hppa", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_hppa.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "mipsel", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_mipsel.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "sparc", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_sparc.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "ppc", "packageFilename": "silc_1.1.4-1+lenny1_powerpc.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "ppc", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_powerpc.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "arm", "packageFilename": "silc_1.1.4-1+lenny1_arm.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "arm", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_arm.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7.orig", "arch": "src", "packageFilename": "silc-toolkit_1.1.7.orig.tar.gz", "packageName": "silc-toolkit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "arm", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_arm.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "mipsel", "packageFilename": "silc_1.1.4-1+lenny1_mipsel.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "sparc", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_sparc.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "ia64", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_ia64.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "armel", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_armel.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "armel", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_armel.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "x86-64", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_amd64.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "sparc", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_sparc.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "src", "packageFilename": "silc-client_1.1.4-1+lenny1.dsc", "packageName": "silc-client", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "ia64", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_ia64.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "x86-64", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_amd64.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "x86-64", "packageFilename": "silc_1.1.4-1+lenny1_amd64.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "i686", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_i386.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "ppc", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_powerpc.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "alpha", "packageFilename": "silc_1.1.4-1+lenny1_alpha.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "hppa", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_hppa.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "i686", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_i386.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "armel", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_armel.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "alpha", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_alpha.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "s390x", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_s390.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "ia64", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_ia64.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "hppa", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_hppa.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "armel", "packageFilename": "silc_1.1.4-1+lenny1_armel.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "alpha", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_alpha.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "i686", "packageFilename": "silc_1.1.4-1+lenny1_i386.deb", "packageName": "silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "ppc", "packageFilename": "libsilc-1.1-2-dbg_1.1.7-2+lenny1_powerpc.deb", "packageName": "libsilc-1.1-2-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.4-1+lenny1", "arch": "alpha", "packageFilename": "irssi-plugin-silc_1.1.4-1+lenny1_alpha.deb", "packageName": "irssi-plugin-silc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "mipsel", "packageFilename": "libsilc-1.1-2-dev_1.1.7-2+lenny1_mipsel.deb", "packageName": "libsilc-1.1-2-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1.diff", "arch": "src", "packageFilename": "silc-toolkit_1.1.7-2+lenny1.diff.gz", "packageName": "silc-toolkit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.1.7-2+lenny1", "arch": "arm", "packageFilename": "libsilc-1.1-2_1.1.7-2+lenny1_arm.deb", "packageName": "libsilc-1.1-2", "operator": "lt"}], "description": "Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2008-7159](<https://security-tracker.debian.org/tracker/CVE-2008-7159>)\n\nAn incorrect format string in sscanf() used in the ASN1 encoder to scan an OID value could overwrite a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. On 64-bit architectures this could result in unexpected application behaviour or even code execution in some cases.\n\n * [CVE-2009-3051](<https://security-tracker.debian.org/tracker/CVE-2009-3051>)\n\nVarious format string vulnerabilities when handling parsed SILC messages allow an attacker to execute arbitrary code with the rights of the victim running the SILC client via crafted nick names or channel names containing format strings.\n\n * [CVE-2008-7160](<https://security-tracker.debian.org/tracker/CVE-2008-7160>)\n\nAn incorrect format string in a sscanf() call used in the HTTP server component of silcd could result in overwriting a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. An attacker could exploit this by using crafted Content-Length header values resulting in unexpected application behaviour or even code execution in some cases.\n\nsilc-server doesn't need an update as it uses the shared library provided by silc-toolkit. silc-client/silc-toolkit in the oldstable distribution (etch) is not affected by this problem.\n\nFor the stable distribution (lenny), this problem has been fixed in version 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1 of silc-client.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client (using libsilc from silc-toolkit since this upload).\n\nWe recommend that you upgrade your silc-toolkit/silc-client packages.", "edition": 2, "reporter": "Debian", "published": "2009-09-04T00:00:00", "title": "silc-client/silc-toolkit -- several vulnerabilities", "type": "debian", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "modified": "2009-09-04T00:00:00", "id": "DSA-1879", "href": "http://www.debian.org/security/dsa-1879", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
