ID ALA_ALAS-2014-285.NASL Type nessus Reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. Modified 2021-01-02T00:00:00
Description
Stack-based buffer overflow in the yyerror function in
lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have
unspecified impact via a long line in a dot file.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2014-285.
#
include("compat.inc");
if (description)
{
script_id(72303);
script_version("1.4");
script_cvs_date("Date: 2018/04/18 15:09:35");
script_cve_id("CVE-2014-0978");
script_xref(name:"ALAS", value:"2014-285");
script_name(english:"Amazon Linux AMI : graphviz-php (ALAS-2014-285)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Stack-based buffer overflow in the yyerror function in
lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have
unspecified impact via a long line in a dot file."
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2014-285.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update graphviz-php' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:graphviz-php");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2014/02/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/05");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"graphviz-php-2.30.1-6.30.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "graphviz-php");
}
{"id": "ALA_ALAS-2014-285.NASL", "bulletinFamily": "scanner", "title": "Amazon Linux AMI : graphviz-php (ALAS-2014-285)", "description": "Stack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.", "published": "2014-02-05T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/72303", "reporter": "This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.", "references": ["https://alas.aws.amazon.com/ALAS-2014-285.html"], "cvelist": ["CVE-2014-0978"], "type": "nessus", "lastseen": "2021-01-01T01:18:43", "edition": 23, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-0978"]}, {"type": "amazon", "idList": ["ALAS-2014-297", "ALAS-2014-284", "ALAS-2014-285", "ALAS-2014-296"]}, {"type": "openvas", "idList": ["OPENVAS:841687", "OPENVAS:867489", "OPENVAS:867498", "OPENVAS:1361412562310120158", "OPENVAS:1361412562310120004", "OPENVAS:702843", "OPENVAS:1361412562310841687", "OPENVAS:1361412562310867498", "OPENVAS:1361412562310120005", "OPENVAS:1361412562310702843"]}, {"type": "nessus", "idList": ["UBUNTU_USN-2083-1.NASL", "DEBIAN_DSA-2843.NASL", "FEDORA_2014-0621.NASL", "MANDRIVA_MDVSA-2014-024.NASL", "GENTOO_GLSA-201702-06.NASL", "ALA_ALAS-2014-296.NASL", "ALA_ALAS-2014-284.NASL", "FEDORA_2014-0602.NASL", "ALA_ALAS-2014-297.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30242", "SECURITYVULNS:VULN:13529"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2843-1:E50F8"]}, {"type": "ubuntu", "idList": ["USN-2083-1"]}, {"type": "gentoo", "idList": ["GLSA-201702-06"]}, {"type": "fedora", "idList": ["FEDORA:C380B2210D", "FEDORA:3350A6087C4C", "FEDORA:B760E60BC2DC", "FEDORA:10FAA2116D"]}], "modified": "2021-01-01T01:18:43", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2021-01-01T01:18:43", "rev": 2}, "vulnersScore": 6.5}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-285.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72303);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0978\");\n script_xref(name:\"ALAS\", value:\"2014-285\");\n\n script_name(english:\"Amazon Linux AMI : graphviz-php (ALAS-2014-285)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-285.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update graphviz-php' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-php-2.30.1-6.30.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz-php\");\n}\n", "naslFamily": "Amazon Linux Local Security Checks", "pluginID": "72303", "cpe": ["p-cpe:/a:amazon:linux:graphviz-php", "cpe:/o:amazon:linux"], "scheme": null}
{"cve": [{"lastseen": "2020-10-03T12:01:13", "description": "Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.", "edition": 3, "cvss3": {}, "published": "2014-01-10T17:55:00", "title": "CVE-2014-0978", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0978"], "modified": "2017-08-29T01:34:00", "cpe": ["cpe:/a:graphviz:graphviz:2.34.0"], "id": "CVE-2014-0978", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0978", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:graphviz:graphviz:2.34.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-03-17T23:01:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0978"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120005", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120005", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-284)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120005\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:14:44 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-284)\");\n script_tag(name:\"insight\", value:\"Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.\");\n script_tag(name:\"solution\", value:\"Run yum update graphviz to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-284.html\");\n script_cve_id(\"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-php54\", rpm:\"graphviz-php54~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-perl\", rpm:\"graphviz-perl~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-lua\", rpm:\"graphviz-lua~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-guile\", rpm:\"graphviz-guile~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-gd\", rpm:\"graphviz-gd~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-ruby\", rpm:\"graphviz-ruby~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-python\", rpm:\"graphviz-python~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-graphs\", rpm:\"graphviz-graphs~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-debuginfo\", rpm:\"graphviz-debuginfo~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-tcl\", rpm:\"graphviz-tcl~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-devel\", rpm:\"graphviz-devel~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-R\", rpm:\"graphviz-R~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz\", rpm:\"graphviz~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-doc\", rpm:\"graphviz-doc~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-java\", rpm:\"graphviz-java~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T23:00:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0978"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120004", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120004", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-285)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120004\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:14:43 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-285)\");\n script_tag(name:\"insight\", value:\"Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.\");\n script_tag(name:\"solution\", value:\"Run yum update graphviz-php to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-285.html\");\n script_cve_id(\"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-php\", rpm:\"graphviz-php~2.30.1~6.30.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-11T17:43:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "description": "Two buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2014-0978\nIt was discovered that user-supplied input used in the yyerror()\nfunction in lib/cgraph/scan.l is not bound-checked before being\ncopied into an insufficiently sized memory buffer. A\ncontext-dependent attacker could supply a specially crafted input\nfile containing a long line to cause a stack-based buffer overflow,\nresulting in a denial of service (application crash) or potentially\nallowing the execution of arbitrary code.\n\nCVE-2014-1236\nSebastian Krahmer reported an overflow condition in the chkNum()\nfunction in lib/cgraph/scan.l that is triggered as the used regular\nexpression accepts an arbitrary long digit list. With a specially\ncrafted input file, a context-dependent attacker can cause a\nstack-based buffer overflow, resulting in a denial of service\n(application crash) or potentially allowing the execution of\narbitrary code.", "modified": "2020-06-09T00:00:00", "published": "2014-01-13T00:00:00", "id": "OPENVAS:1361412562310702843", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702843", "type": "openvas", "title": "Debian Security Advisory DSA 2843-1 (graphviz - buffer overflow)", "sourceData": "# OpenVAS Vulnerability Test\n# Auto-generated from advisory DSA 2843-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702843\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1236\");\n script_name(\"Debian Security Advisory DSA 2843-1 (graphviz - buffer overflow)\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-01-13 00:00:00 +0100 (Mon, 13 Jan 2014)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2843.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"graphviz on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 2.26.3-5+squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2.26.3-14+deb7u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your graphviz packages.\");\n script_tag(name:\"summary\", value:\"Two buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2014-0978\nIt was discovered that user-supplied input used in the yyerror()\nfunction in lib/cgraph/scan.l is not bound-checked before being\ncopied into an insufficiently sized memory buffer. A\ncontext-dependent attacker could supply a specially crafted input\nfile containing a long line to cause a stack-based buffer overflow,\nresulting in a denial of service (application crash) or potentially\nallowing the execution of arbitrary code.\n\nCVE-2014-1236\nSebastian Krahmer reported an overflow condition in the chkNum()\nfunction in lib/cgraph/scan.l that is triggered as the used regular\nexpression accepts an arbitrary long digit list. With a specially\ncrafted input file, a context-dependent attacker can cause a\nstack-based buffer overflow, resulting in a denial of service\n(application crash) or potentially allowing the execution of\narbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-ocaml\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-08-02T10:48:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "description": "Two buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2014-0978 \nIt was discovered that user-supplied input used in the yyerror()\nfunction in lib/cgraph/scan.l is not bound-checked before being\ncopied into an insufficiently sized memory buffer. A\ncontext-dependent attacker could supply a specially crafted input\nfile containing a long line to cause a stack-based buffer overlow,\nresulting in a denial of service (application crash) or potentially\nallowing the execution of arbitrary code.\n\nCVE-2014-1236 \nSebastian Krahmer reported an overflow condition in the chkNum()\nfunction in lib/cgraph/scan.l that is triggered as the used regular\nexpression accepts an arbitrary long digit list. With a specially\ncrafted input file, a context-dependent attacker can cause a\nstack-based buffer overflow, resulting in a denial of service\n(application crash) or potentially allowing the execution of\narbitrary code.", "modified": "2017-07-18T00:00:00", "published": "2014-01-13T00:00:00", "id": "OPENVAS:702843", "href": "http://plugins.openvas.org/nasl.php?oid=702843", "type": "openvas", "title": "Debian Security Advisory DSA 2843-1 (graphviz - buffer overflow)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2843.nasl 6750 2017-07-18 09:56:47Z teissa $\n# Auto-generated from advisory DSA 2843-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"graphviz on Debian Linux\";\ntag_insight = \"Graph drawing addresses the problem of visualizing structural information\nby constructing geometric representations of abstract graphs and networks.\nAutomatic generation of graph drawings has important applications in key\ntechnologies such as database design, software engineering, VLSI and\nnetwork design and visual interfaces in other domains. Situations where\nthese tools might be particularly useful include:\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 2.26.3-5+squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2.26.3-14+deb7u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your graphviz packages.\";\ntag_summary = \"Two buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2014-0978 \nIt was discovered that user-supplied input used in the yyerror()\nfunction in lib/cgraph/scan.l is not bound-checked before being\ncopied into an insufficiently sized memory buffer. A\ncontext-dependent attacker could supply a specially crafted input\nfile containing a long line to cause a stack-based buffer overlow,\nresulting in a denial of service (application crash) or potentially\nallowing the execution of arbitrary code.\n\nCVE-2014-1236 \nSebastian Krahmer reported an overflow condition in the chkNum()\nfunction in lib/cgraph/scan.l that is triggered as the used regular\nexpression accepts an arbitrary long digit list. With a specially\ncrafted input file, a context-dependent attacker can cause a\nstack-based buffer overflow, resulting in a denial of service\n(application crash) or potentially allowing the execution of\narbitrary code.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702843);\n script_version(\"$Revision: 6750 $\");\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1236\");\n script_name(\"Debian Security Advisory DSA 2843-1 (graphviz - buffer overflow)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-18 11:56:47 +0200 (Tue, 18 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-01-13 00:00:00 +0100 (Mon, 13 Jan 2014)\");\n script_tag(name: \"cvss_base\", value:\"10.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2843.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-ocaml\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphviz-doc\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcdt4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgraph5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraph4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphviz-dev\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-guile\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-lua\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-perl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-php5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-python\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-ruby\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgv-tcl\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvc5-plugins-gtk\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgvpr1\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpathplan4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxdot4\", ver:\"2.26.3-14+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:48:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "Check for the Version of graphviz", "modified": "2017-07-10T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:867489", "href": "http://plugins.openvas.org/nasl.php?oid=867489", "type": "openvas", "title": "Fedora Update for graphviz FEDORA-2014-0621", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for graphviz FEDORA-2014-0621\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867489);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:40:38 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2014-1235\", \"CVE-2014-1236\", \"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for graphviz FEDORA-2014-0621\");\n\n tag_insight = \"A collection of tools for the manipulation and layout of graphs (as in nodes\nand edges, not as in barcharts).\n\";\n\n tag_affected = \"graphviz on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-0621\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128086.html\");\n script_summary(\"Check for the Version of graphviz\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"graphviz\", rpm:\"graphviz~2.30.1~12.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:16:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "Check for the Version of graphviz", "modified": "2017-12-01T00:00:00", "published": "2014-01-20T00:00:00", "id": "OPENVAS:841687", "href": "http://plugins.openvas.org/nasl.php?oid=841687", "type": "openvas", "title": "Ubuntu Update for graphviz USN-2083-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2083_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for graphviz USN-2083-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841687);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-20 10:07:40 +0530 (Mon, 20 Jan 2014)\");\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for graphviz USN-2083-1\");\n\n tag_insight = \"It was discovered that Graphviz incorrectly handled memory in\nthe yyerror function. If a user were tricked into opening a specially crafted\ndot file, an attacker could cause Graphviz to crash, or possibly execute\narbitrary code. (CVE-2014-0978, CVE-2014-1235)\n\nIt was discovered that Graphviz incorrectly handled memory in the chkNum\nfunction. If a user were tricked into opening a specially crafted dot file,\nan attacker could cause Graphviz to crash, or possibly execute arbitrary\ncode. (CVE-2014-1236)\n\nThe default compiler options for affected releases should reduce the\nvulnerability to a denial of service.\";\n\n tag_affected = \"graphviz on Ubuntu 13.10 ,\n Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2083-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2083-1/\");\n script_summary(\"Check for the Version of graphviz\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-12ubuntu1.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-10ubuntu1.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.20.2-8ubuntu3.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-15ubuntu4.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"graphviz\", ver:\"2.26.3-14ubuntu1.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:01:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120158", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120158", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-297)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120158\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:48 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-297)\");\n script_tag(name:\"insight\", value:\"Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a badly formed number and a long digit list. Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. Graphviz was recently reported to be affected by a buffer overflow vulnerability, which seem to have introduced in the fix for CVE-2014-0978 .\");\n script_tag(name:\"solution\", value:\"Run yum update graphviz-php to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-297.html\");\n script_cve_id(\"CVE-2014-1235\", \"CVE-2014-1236\", \"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"graphviz-php\", rpm:\"graphviz-php~2.30.1~12.37.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:48:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "Check for the Version of graphviz", "modified": "2017-07-10T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:867498", "href": "http://plugins.openvas.org/nasl.php?oid=867498", "type": "openvas", "title": "Fedora Update for graphviz FEDORA-2014-0602", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for graphviz FEDORA-2014-0602\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867498);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:40:55 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2014-1235\", \"CVE-2014-1236\", \"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for graphviz FEDORA-2014-0602\");\n\n tag_insight = \"A collection of tools for the manipulation and layout of graphs (as in nodes\nand edges, not as in barcharts).\n\";\n\n tag_affected = \"graphviz on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-0602\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128085.html\");\n script_summary(\"Check for the Version of graphviz\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"graphviz\", rpm:\"graphviz~2.34.0~8.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:1361412562310867498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867498", "type": "openvas", "title": "Fedora Update for graphviz FEDORA-2014-0602", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for graphviz FEDORA-2014-0602\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867498\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:40:55 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2014-1235\", \"CVE-2014-1236\", \"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for graphviz FEDORA-2014-0602\");\n script_tag(name:\"affected\", value:\"graphviz on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-0602\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128085.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'graphviz'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"graphviz\", rpm:\"graphviz~2.34.0~8.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-02-13T00:00:00", "id": "OPENVAS:1361412562310867489", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867489", "type": "openvas", "title": "Fedora Update for graphviz FEDORA-2014-0621", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for graphviz FEDORA-2014-0621\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867489\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-13 11:40:38 +0530 (Thu, 13 Feb 2014)\");\n script_cve_id(\"CVE-2014-1235\", \"CVE-2014-1236\", \"CVE-2014-0978\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for graphviz FEDORA-2014-0621\");\n script_tag(name:\"affected\", value:\"graphviz on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-0621\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128086.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'graphviz'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"graphviz\", rpm:\"graphviz~2.30.1~12.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:36:33", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0978"], "description": "**Issue Overview:**\n\nStack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.\n\n \n**Affected Packages:** \n\n\ngraphviz\n\n \n**Issue Correction:** \nRun _yum update graphviz_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n graphviz-php54-2.30.1-6.30.amzn1.i686 \n graphviz-perl-2.30.1-6.30.amzn1.i686 \n graphviz-lua-2.30.1-6.30.amzn1.i686 \n graphviz-guile-2.30.1-6.30.amzn1.i686 \n graphviz-gd-2.30.1-6.30.amzn1.i686 \n graphviz-ruby-2.30.1-6.30.amzn1.i686 \n graphviz-python-2.30.1-6.30.amzn1.i686 \n graphviz-graphs-2.30.1-6.30.amzn1.i686 \n graphviz-debuginfo-2.30.1-6.30.amzn1.i686 \n graphviz-tcl-2.30.1-6.30.amzn1.i686 \n graphviz-devel-2.30.1-6.30.amzn1.i686 \n graphviz-R-2.30.1-6.30.amzn1.i686 \n graphviz-2.30.1-6.30.amzn1.i686 \n graphviz-doc-2.30.1-6.30.amzn1.i686 \n graphviz-java-2.30.1-6.30.amzn1.i686 \n \n src: \n graphviz-2.30.1-6.30.amzn1.src \n \n x86_64: \n graphviz-tcl-2.30.1-6.30.amzn1.x86_64 \n graphviz-gd-2.30.1-6.30.amzn1.x86_64 \n graphviz-ruby-2.30.1-6.30.amzn1.x86_64 \n graphviz-debuginfo-2.30.1-6.30.amzn1.x86_64 \n graphviz-devel-2.30.1-6.30.amzn1.x86_64 \n graphviz-doc-2.30.1-6.30.amzn1.x86_64 \n graphviz-php54-2.30.1-6.30.amzn1.x86_64 \n graphviz-perl-2.30.1-6.30.amzn1.x86_64 \n graphviz-java-2.30.1-6.30.amzn1.x86_64 \n graphviz-R-2.30.1-6.30.amzn1.x86_64 \n graphviz-graphs-2.30.1-6.30.amzn1.x86_64 \n graphviz-python-2.30.1-6.30.amzn1.x86_64 \n graphviz-2.30.1-6.30.amzn1.x86_64 \n graphviz-lua-2.30.1-6.30.amzn1.x86_64 \n graphviz-guile-2.30.1-6.30.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-02-03T15:27:00", "published": "2014-02-03T15:27:00", "id": "ALAS-2014-284", "href": "https://alas.aws.amazon.com/ALAS-2014-284.html", "title": "Medium: graphviz", "type": "amazon", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-10T12:36:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0978"], "description": "**Issue Overview:**\n\nStack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.\n\n \n**Affected Packages:** \n\n\ngraphviz-php\n\n \n**Issue Correction:** \nRun _yum update graphviz-php_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n graphviz-php-2.30.1-6.30.amzn1.i686 \n \n src: \n graphviz-php-2.30.1-6.30.amzn1.src \n \n x86_64: \n graphviz-php-2.30.1-6.30.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-02-03T15:27:00", "published": "2014-02-03T15:27:00", "id": "ALAS-2014-285", "href": "https://alas.aws.amazon.com/ALAS-2014-285.html", "title": "Medium: graphviz-php", "type": "amazon", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-10T12:36:18", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "**Issue Overview:**\n\nStack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a \"badly formed number\" and a \"long digit list.\" \n\nStack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. \n\nGraphviz was recently reported to be affected by a buffer overflow vulnerability, which seem to have introduced in the fix for [CVE-2014-0978 __](<https://access.redhat.com/security/cve/CVE-2014-0978>).\n\n \n**Affected Packages:** \n\n\ngraphviz-php\n\n \n**Issue Correction:** \nRun _yum update graphviz-php_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n graphviz-php-2.30.1-12.37.amzn1.i686 \n \n src: \n graphviz-php-2.30.1-12.37.amzn1.src \n \n x86_64: \n graphviz-php-2.30.1-12.37.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-03-06T14:55:00", "published": "2014-03-06T14:55:00", "id": "ALAS-2014-297", "href": "https://alas.aws.amazon.com/ALAS-2014-297.html", "title": "Medium: graphviz-php", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-10T12:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "**Issue Overview:**\n\nStack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a \"badly formed number\" and a \"long digit list.\" \n\nStack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. \n\nGraphviz was recently reported to be affected by a buffer overflow vulnerability, which seem to have introduced in the fix for [CVE-2014-0978 __](<https://access.redhat.com/security/cve/CVE-2014-0978>).\n\n \n**Affected Packages:** \n\n\ngraphviz\n\n \n**Issue Correction:** \nRun _yum update graphviz_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n graphviz-lua-2.30.1-12.39.amzn1.i686 \n graphviz-java-2.30.1-12.39.amzn1.i686 \n graphviz-python-2.30.1-12.39.amzn1.i686 \n graphviz-ruby-2.30.1-12.39.amzn1.i686 \n graphviz-guile-2.30.1-12.39.amzn1.i686 \n graphviz-php54-2.30.1-12.39.amzn1.i686 \n graphviz-tcl-2.30.1-12.39.amzn1.i686 \n graphviz-gd-2.30.1-12.39.amzn1.i686 \n graphviz-doc-2.30.1-12.39.amzn1.i686 \n graphviz-graphs-2.30.1-12.39.amzn1.i686 \n graphviz-devel-2.30.1-12.39.amzn1.i686 \n graphviz-2.30.1-12.39.amzn1.i686 \n graphviz-debuginfo-2.30.1-12.39.amzn1.i686 \n graphviz-perl-2.30.1-12.39.amzn1.i686 \n graphviz-R-2.30.1-12.39.amzn1.i686 \n \n src: \n graphviz-2.30.1-12.39.amzn1.src \n \n x86_64: \n graphviz-guile-2.30.1-12.39.amzn1.x86_64 \n graphviz-gd-2.30.1-12.39.amzn1.x86_64 \n graphviz-doc-2.30.1-12.39.amzn1.x86_64 \n graphviz-R-2.30.1-12.39.amzn1.x86_64 \n graphviz-ruby-2.30.1-12.39.amzn1.x86_64 \n graphviz-lua-2.30.1-12.39.amzn1.x86_64 \n graphviz-tcl-2.30.1-12.39.amzn1.x86_64 \n graphviz-2.30.1-12.39.amzn1.x86_64 \n graphviz-java-2.30.1-12.39.amzn1.x86_64 \n graphviz-debuginfo-2.30.1-12.39.amzn1.x86_64 \n graphviz-perl-2.30.1-12.39.amzn1.x86_64 \n graphviz-graphs-2.30.1-12.39.amzn1.x86_64 \n graphviz-devel-2.30.1-12.39.amzn1.x86_64 \n graphviz-python-2.30.1-12.39.amzn1.x86_64 \n graphviz-php54-2.30.1-12.39.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-03-06T14:55:00", "published": "2014-03-06T14:55:00", "id": "ALAS-2014-296", "href": "https://alas.aws.amazon.com/ALAS-2014-296.html", "title": "Medium: graphviz", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T01:18:43", "description": "Stack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.", "edition": 23, "published": "2014-02-05T00:00:00", "title": "Amazon Linux AMI : graphviz (ALAS-2014-284)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0978"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:graphviz-devel", "p-cpe:/a:amazon:linux:graphviz-guile", "p-cpe:/a:amazon:linux:graphviz-php54", "p-cpe:/a:amazon:linux:graphviz", "p-cpe:/a:amazon:linux:graphviz-doc", "p-cpe:/a:amazon:linux:graphviz-ruby", "p-cpe:/a:amazon:linux:graphviz-perl", "p-cpe:/a:amazon:linux:graphviz-R", "p-cpe:/a:amazon:linux:graphviz-graphs", "p-cpe:/a:amazon:linux:graphviz-gd", "p-cpe:/a:amazon:linux:graphviz-tcl", "p-cpe:/a:amazon:linux:graphviz-lua", "p-cpe:/a:amazon:linux:graphviz-java", "p-cpe:/a:amazon:linux:graphviz-debuginfo", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:graphviz-python"], "id": "ALA_ALAS-2014-284.NASL", "href": "https://www.tenable.com/plugins/nessus/72302", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-284.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72302);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0978\");\n script_xref(name:\"ALAS\", value:\"2014-284\");\n\n script_name(english:\"Amazon Linux AMI : graphviz (ALAS-2014-284)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-284.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update graphviz' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-R\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-graphs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-guile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-R-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-debuginfo-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-devel-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-doc-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-gd-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-graphs-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-guile-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-java-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-lua-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-perl-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-php54-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-python-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-ruby-2.30.1-6.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-tcl-2.30.1-6.30.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz / graphviz-R / graphviz-debuginfo / graphviz-devel / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:54:30", "description": "Updated graphviz packages fix security vulnerabilities :\n\nMultiple buffer overflow vulnerabilities in graphviz due to an error\nwithin the yyerror() function (lib/cgraph/scan.l) which can be\nexploited to cause a stack-based buffer overflow via a specially\ncrafted file (CVE-2014-0978) and the acceptance of an arbitrarily long\ndigit list by a regular expression matched against user input\n(CVE-2014-1236).\n\nA build problem was discovered and fixed in swig while building\ngraphviz for Business Server 1, related to the new php-5.5.x version\nas of the MDVSA-2014:014 advisory. Fixed swig packages is being\nprovided with this advisory as well.", "edition": 24, "published": "2014-01-27T00:00:00", "title": "Mandriva Linux Security Advisory : graphviz (MDVSA-2014:024)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "modified": "2014-01-27T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:java-graphviz", "p-cpe:/a:mandriva:linux:lib64graphviz-devel", "p-cpe:/a:mandriva:linux:ocaml-graphviz", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:lib64cdt5", "p-cpe:/a:mandriva:linux:python-graphviz", "p-cpe:/a:mandriva:linux:lua-graphviz", "p-cpe:/a:mandriva:linux:graphviz", "p-cpe:/a:mandriva:linux:ruby-graphviz", "p-cpe:/a:mandriva:linux:lib64gvpr2", "p-cpe:/a:mandriva:linux:tcl-graphviz", "p-cpe:/a:mandriva:linux:lib64cgraph6", "p-cpe:/a:mandriva:linux:lib64xdot4", "p-cpe:/a:mandriva:linux:lib64gvc6", "p-cpe:/a:mandriva:linux:lib64graph5", "p-cpe:/a:mandriva:linux:graphviz-doc", "p-cpe:/a:mandriva:linux:lib64graphviz-static-devel", "p-cpe:/a:mandriva:linux:lib64pathplan4", "p-cpe:/a:mandriva:linux:php-graphviz", "p-cpe:/a:mandriva:linux:swig", "p-cpe:/a:mandriva:linux:perl-graphviz", "p-cpe:/a:mandriva:linux:swig-doc"], "id": "MANDRIVA_MDVSA-2014-024.NASL", "href": "https://www.tenable.com/plugins/nessus/72136", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:024. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72136);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1236\");\n script_bugtraq_id(64674, 64737);\n script_xref(name:\"MDVSA\", value:\"2014:024\");\n\n script_name(english:\"Mandriva Linux Security Advisory : graphviz (MDVSA-2014:024)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated graphviz packages fix security vulnerabilities :\n\nMultiple buffer overflow vulnerabilities in graphviz due to an error\nwithin the yyerror() function (lib/cgraph/scan.l) which can be\nexploited to cause a stack-based buffer overflow via a specially\ncrafted file (CVE-2014-0978) and the acceptance of an arbitrarily long\ndigit list by a regular expression matched against user input\n(CVE-2014-1236).\n\nA build problem was discovered and fixed in swig while building\ngraphviz for Business Server 1, related to the new php-5.5.x version\nas of the MDVSA-2014:014 advisory. Fixed swig packages is being\nprovided with this advisory as well.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1049165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1050872\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:graphviz-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:java-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cdt5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cgraph6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64graph5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64graphviz-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64graphviz-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gvc6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gvpr2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pathplan4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xdot4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lua-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ocaml-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:swig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:swig-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tcl-graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"graphviz-doc-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"java-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64cdt5-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64cgraph6-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64graph5-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64graphviz-devel-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64graphviz-static-devel-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64gvc6-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64gvpr2-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64pathplan4-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64xdot4-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lua-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"ocaml-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"perl-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"ruby-graphviz-2.28.0-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"swig-2.0.4-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"swig-doc-2.0.4-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tcl-graphviz-2.28.0-6.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:48:17", "description": "Two buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2014-0978\n It was discovered that user-supplied input used in the\n yyerror() function in lib/cgraph/scan.l is not\n bound-checked before beeing copied into an\n insufficiently sized memory buffer. A context-dependent\n attacker could supply a specially crafted input file\n containing a long line to cause a stack-based buffer\n overlow, resulting in a denial of service (application\n crash) or potentially allowing the execution of\n arbitrary code.\n\n - CVE-2014-1236\n Sebastian Krahmer reported an overflow condition in the\n chkNum() function in lib/cgraph/scan.l that is triggered\n as the used regular expression accepts an arbitrary long\n digit list. With a specially crafted input file, a\n context-dependent attacker can cause a stack-based\n buffer overflow, resulting in a denial of service\n (application crash) or potentially allowing the\n execution of arbitrary code.", "edition": 17, "published": "2014-01-14T00:00:00", "title": "Debian DSA-2843-1 : graphviz - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "modified": "2014-01-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:graphviz", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2843.NASL", "href": "https://www.tenable.com/plugins/nessus/71934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2843. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71934);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1236\");\n script_bugtraq_id(64674, 64737);\n script_xref(name:\"DSA\", value:\"2843\");\n\n script_name(english:\"Debian DSA-2843-1 : graphviz - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues :\n\n - CVE-2014-0978\n It was discovered that user-supplied input used in the\n yyerror() function in lib/cgraph/scan.l is not\n bound-checked before beeing copied into an\n insufficiently sized memory buffer. A context-dependent\n attacker could supply a specially crafted input file\n containing a long line to cause a stack-based buffer\n overlow, resulting in a denial of service (application\n crash) or potentially allowing the execution of\n arbitrary code.\n\n - CVE-2014-1236\n Sebastian Krahmer reported an overflow condition in the\n chkNum() function in lib/cgraph/scan.l that is triggered\n as the used regular expression accepts an arbitrary long\n digit list. With a specially crafted input file, a\n context-dependent attacker can cause a stack-based\n buffer overflow, resulting in a denial of service\n (application crash) or potentially allowing the\n execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/graphviz\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/graphviz\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2843\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the graphviz packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 2.26.3-5+squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 2.26.3-14+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"graphviz\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"graphviz-dev\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"graphviz-doc\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcdt4\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcgraph5\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgraph4\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgraphviz-dev\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-guile\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-lua\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-ocaml\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-perl\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-php5\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-python\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-ruby\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgv-tcl\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgvc5\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgvc5-plugins-gtk\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libgvpr1\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpathplan4\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxdot4\", reference:\"2.26.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphviz\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphviz-dev\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphviz-doc\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcdt4\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcgraph5\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraph4\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphviz-dev\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-guile\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-lua\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-perl\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-php5\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-python\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-ruby\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgv-tcl\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgvc5\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgvc5-plugins-gtk\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgvpr1\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libpathplan4\", reference:\"2.26.3-14+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxdot4\", reference:\"2.26.3-14+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:12:00", "description": "This is an update that fixes CVE-2014-1235 and CVE-2014-1236. This is\nan update that fixes overflow in yyerror.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2014-02-12T00:00:00", "title": "Fedora 19 : graphviz-2.30.1-12.fc19 (2014-0621)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "modified": "2014-02-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:graphviz"], "id": "FEDORA_2014-0621.NASL", "href": "https://www.tenable.com/plugins/nessus/72442", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0621.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72442);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_bugtraq_id(64674, 64736, 64737);\n script_xref(name:\"FEDORA\", value:\"2014-0621\");\n\n script_name(english:\"Fedora 19 : graphviz-2.30.1-12.fc19 (2014-0621)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an update that fixes CVE-2014-1235 and CVE-2014-1236. This is\nan update that fixes overflow in yyerror.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1049165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1050871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1050872\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128086.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f5328a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected graphviz package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"graphviz-2.30.1-12.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:12:00", "description": "This is an update fixing CVE-2014-1235 and CVE-2014-1236. This is an\nupdate that fixes overflow in yyerror.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2014-02-12T00:00:00", "title": "Fedora 20 : graphviz-2.34.0-8.fc20 (2014-0602)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "modified": "2014-02-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:graphviz"], "id": "FEDORA_2014-0602.NASL", "href": "https://www.tenable.com/plugins/nessus/72441", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0602.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72441);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_bugtraq_id(64674, 64736, 64737);\n script_xref(name:\"FEDORA\", value:\"2014-0602\");\n\n script_name(english:\"Fedora 20 : graphviz-2.34.0-8.fc20 (2014-0602)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an update fixing CVE-2014-1235 and CVE-2014-1236. This is an\nupdate that fixes overflow in yyerror.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1049165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1050871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1050872\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128085.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bae5472d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected graphviz package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"graphviz-2.34.0-8.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:18:44", "description": "Stack-based buffer overflow in the chkNum function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via vectors related to a 'badly formed number' and\na 'long digit list.'\n\nStack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.\n\nGraphviz was recently reported to be affected by a buffer overflow\nvulnerability, which seem to have introduced in the fix for\nCVE-2014-0978 .", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2014-03-12T00:00:00", "title": "Amazon Linux AMI : graphviz (ALAS-2014-296)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:graphviz-devel", "p-cpe:/a:amazon:linux:graphviz-guile", "p-cpe:/a:amazon:linux:graphviz-php54", "p-cpe:/a:amazon:linux:graphviz", "p-cpe:/a:amazon:linux:graphviz-doc", "p-cpe:/a:amazon:linux:graphviz-ruby", "p-cpe:/a:amazon:linux:graphviz-perl", "p-cpe:/a:amazon:linux:graphviz-R", "p-cpe:/a:amazon:linux:graphviz-graphs", "p-cpe:/a:amazon:linux:graphviz-gd", "p-cpe:/a:amazon:linux:graphviz-tcl", "p-cpe:/a:amazon:linux:graphviz-lua", "p-cpe:/a:amazon:linux:graphviz-java", "p-cpe:/a:amazon:linux:graphviz-debuginfo", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:graphviz-python"], "id": "ALA_ALAS-2014-296.NASL", "href": "https://www.tenable.com/plugins/nessus/72944", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-296.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72944);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_xref(name:\"ALAS\", value:\"2014-296\");\n\n script_name(english:\"Amazon Linux AMI : graphviz (ALAS-2014-296)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stack-based buffer overflow in the chkNum function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via vectors related to a 'badly formed number' and\na 'long digit list.'\n\nStack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.\n\nGraphviz was recently reported to be affected by a buffer overflow\nvulnerability, which seem to have introduced in the fix for\nCVE-2014-0978 .\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-296.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update graphviz' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-R\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-graphs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-guile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-R-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-debuginfo-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-devel-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-doc-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-gd-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-graphs-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-guile-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-java-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-lua-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-perl-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-php54-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-python-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-ruby-2.30.1-12.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-tcl-2.30.1-12.39.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz / graphviz-R / graphviz-debuginfo / graphviz-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:18:44", "description": "Stack-based buffer overflow in the chkNum function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via vectors related to a 'badly formed number' and\na 'long digit list.'\n\nStack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.\n\nGraphviz was recently reported to be affected by a buffer overflow\nvulnerability, which seem to have introduced in the fix for\nCVE-2014-0978 .", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2014-03-12T00:00:00", "title": "Amazon Linux AMI : graphviz-php (ALAS-2014-297)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:graphviz-php", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-297.NASL", "href": "https://www.tenable.com/plugins/nessus/72945", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-297.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72945);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_xref(name:\"ALAS\", value:\"2014-297\");\n\n script_name(english:\"Amazon Linux AMI : graphviz-php (ALAS-2014-297)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stack-based buffer overflow in the chkNum function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via vectors related to a 'badly formed number' and\na 'long digit list.'\n\nStack-based buffer overflow in the yyerror function in\nlib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have\nunspecified impact via a long line in a dot file.\n\nGraphviz was recently reported to be affected by a buffer overflow\nvulnerability, which seem to have introduced in the fix for\nCVE-2014-0978 .\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-297.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update graphviz-php' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:graphviz-php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"graphviz-php-2.30.1-12.37.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz-php\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:05:48", "description": "The remote host is affected by the vulnerability described in GLSA-201702-06\n(Graphviz: Multiple vulnerabilities)\n\n Multiple vulnerabilities in Graphviz were discovered. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker, able to control input matched against a regular\n expression or by enticing a user to process a specially crafted file,\n could cause unspecified impacts.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-02-13T00:00:00", "title": "GLSA-201702-06 : Graphviz: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "modified": "2017-02-13T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:graphviz", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201702-06.NASL", "href": "https://www.tenable.com/plugins/nessus/97112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201702-06.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97112);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_xref(name:\"GLSA\", value:\"201702-06\");\n\n script_name(english:\"GLSA-201702-06 : Graphviz: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201702-06\n(Graphviz: Multiple vulnerabilities)\n\n Multiple vulnerabilities in Graphviz were discovered. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker, able to control input matched against a regular\n expression or by enticing a user to process a specially crafted file,\n could cause unspecified impacts.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201702-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Graphviz users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/graphviz-2.36.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/graphviz\", unaffected:make_list(\"ge 2.36.0\"), vulnerable:make_list(\"lt 2.36.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Graphviz\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:26:21", "description": "It was discovered that Graphviz incorrectly handled memory in the\nyyerror function. If a user were tricked into opening a specially\ncrafted dot file, an attacker could cause Graphviz to crash, or\npossibly execute arbitrary code. (CVE-2014-0978, CVE-2014-1235)\n\nIt was discovered that Graphviz incorrectly handled memory in the\nchkNum function. If a user were tricked into opening a specially\ncrafted dot file, an attacker could cause Graphviz to crash, or\npossibly execute arbitrary code. (CVE-2014-1236)\n\nThe default compiler options for affected releases should reduce the\nvulnerability to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2014-01-17T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : graphviz vulnerabilities (USN-2083-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "modified": "2014-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:graphviz", "cpe:/o:canonical:ubuntu_linux:13.04", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2083-1.NASL", "href": "https://www.tenable.com/plugins/nessus/72005", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2083-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72005);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0978\", \"CVE-2014-1235\", \"CVE-2014-1236\");\n script_bugtraq_id(64674, 64736, 64737);\n script_xref(name:\"USN\", value:\"2083-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : graphviz vulnerabilities (USN-2083-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Graphviz incorrectly handled memory in the\nyyerror function. If a user were tricked into opening a specially\ncrafted dot file, an attacker could cause Graphviz to crash, or\npossibly execute arbitrary code. (CVE-2014-0978, CVE-2014-1235)\n\nIt was discovered that Graphviz incorrectly handled memory in the\nchkNum function. If a user were tricked into opening a specially\ncrafted dot file, an attacker could cause Graphviz to crash, or\npossibly execute arbitrary code. (CVE-2014-1236)\n\nThe default compiler options for affected releases should reduce the\nvulnerability to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2083-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected graphviz package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:graphviz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.04|13\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.04 / 13.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"graphviz\", pkgver:\"2.20.2-8ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"graphviz\", pkgver:\"2.26.3-10ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"graphviz\", pkgver:\"2.26.3-12ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"graphviz\", pkgver:\"2.26.3-14ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"graphviz\", pkgver:\"2.26.3-15ubuntu4.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"graphviz\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2843-1 security@debian.org\r\nhttp://www.debian.org/security/ Salvatore Bonaccorso\r\nJanuary 13, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : graphviz\r\nVulnerability : buffer overflow\r\nProblem type : local (remote)\r\nDebian-specific: no\r\nCVE ID : CVE-2014-0978 CVE-2014-1236\r\nDebian Bug : 734745\r\n\r\nTwo buffer overflow vulnerabilities were reported in Graphviz, a rich\r\ncollection of graph drawing tools. The Common Vulnerabilities and\r\nExposures project identifies the following issues:\r\n\r\nCVE-2014-0978\r\n\r\n It was discovered that user-supplied input used in the yyerror()\r\n function in lib/cgraph/scan.l is not bound-checked before beeing\r\n copied into an insufficiently sized memory buffer. A\r\n context-dependent attacker could supply a specially crafted input\r\n file containing a long line to cause a stack-based buffer overlow,\r\n resulting in a denial of service (application crash) or potentially\r\n allowing the execution of arbitrary code.\r\n\r\nCVE-2014-1236\r\n\r\n Sebastian Krahmer reported an overflow condition in the chkNum()\r\n function in lib/cgraph/scan.l that is triggered as the used regular\r\n expression accepts an arbitrary long digit list. With a specially\r\n crafted input file, a context-dependent attacker can cause a\r\n stack-based buffer overflow, resulting in a denial of service\r\n (application crash) or potentially allowing the execution of\r\n arbitrary code.\r\n\r\nFor the oldstable distribution (squeeze), these problems have been fixed in\r\nversion 2.26.3-5+squeeze2.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 2.26.3-14+deb7u1.\r\n\r\nFor the unstable distribution (sid), these problems will be fixed soon.\r\n\r\nWe recommend that you upgrade your graphviz packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJS1F2EAAoJEAVMuPMTQ89EWBwQAISt7imnmeVUWImsvIT7r/pa\r\nWWoN0n8/MWvkyjEmBKHDETbh4sN+7J6Ri7U03m/aK6jJ//Z+uAbYi7GRAOwf2xV0\r\nqyw0xcHlu4G0Z+ECZyXZ+2+vXFV/1D5+5nZpc47xqGhudd0IQQ2JstWwOAHmJmyi\r\ngYN3qsfXW0i3uhBAaZjnfhxfymoq6y9OMRUM7KCNABB+/uBJ1VbZfvnGsTUDas0x\r\nlvK1RyPnm3qHfEP9M8OS1DZWo3CJDuNS1CxJAaPvoGZwSzTCJ0UxuOEp6dTDWfO6\r\nnCE4jfKtoJvzAHZqJNVuY0uEYUB++1AEyu9g9uFxvMaDMS3GxMh9kaihKl7SspR9\r\nYXjtnzburBcBdDsbrCkXsyC+yxtW+h1GqI7F6lh9oT32ap3FZsP9zukUP9z/JL8z\r\nrY8T9xKiotBUw6nlL8aaPBBEXPEDNGGbAiPDriyiAhPPYxoZI24IjYlfcjS3ucip\r\nLqgTGttnboymyYhyVIQNkNxhB1Nu+OasYN9zwmiBvmncjSB5lAIQ6B7EOWMMqV2m\r\nz/ifZHMbt4E1BIvCTG6mnK7BmAxFHKIkQdEPqxQ59x+uzJbtaiIsi/fS5v2GXJhr\r\nPk69Jjskt1t84pLqujbPqtvS6P5fatfQLILWFTTa+PSTNJ3TzlhRtwbMXwRgcbvi\r\n+6lL8C17nOZb5lIyB8BP\r\n=9P+C\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2014-01-15T00:00:00", "published": "2014-01-15T00:00:00", "id": "SECURITYVULNS:DOC:30242", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30242", "title": "[SECURITY] [DSA 2843-1] graphviz security update", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "description": "Buffer overflow on file parsing.", "edition": 1, "modified": "2014-01-15T00:00:00", "published": "2014-01-15T00:00:00", "id": "SECURITYVULNS:VULN:13529", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13529", "title": "graphviz buffer overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:16:19", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1236", "CVE-2014-0978"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2843-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 13, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : graphviz\nVulnerability : buffer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2014-0978 CVE-2014-1236\nDebian Bug : 734745\n\nTwo buffer overflow vulnerabilities were reported in Graphviz, a rich\ncollection of graph drawing tools. The Common Vulnerabilities and\nExposures project identifies the following issues:\n\nCVE-2014-0978\n\n It was discovered that user-supplied input used in the yyerror()\n function in lib/cgraph/scan.l is not bound-checked before beeing\n copied into an insufficiently sized memory buffer. A\n context-dependent attacker could supply a specially crafted input\n file containing a long line to cause a stack-based buffer overlow,\n resulting in a denial of service (application crash) or potentially\n allowing the execution of arbitrary code.\n\nCVE-2014-1236\n\n Sebastian Krahmer reported an overflow condition in the chkNum()\n function in lib/cgraph/scan.l that is triggered as the used regular\n expression accepts an arbitrary long digit list. With a specially\n crafted input file, a context-dependent attacker can cause a\n stack-based buffer overflow, resulting in a denial of service\n (application crash) or potentially allowing the execution of\n arbitrary code.\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 2.26.3-5+squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2.26.3-14+deb7u1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your graphviz packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 4, "modified": "2014-01-13T21:49:34", "published": "2014-01-13T21:49:34", "id": "DEBIAN:DSA-2843-1:E50F8", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00011.html", "title": "[SECURITY] [DSA 2843-1] graphviz security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:35:07", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "description": "It was discovered that Graphviz incorrectly handled memory in the yyerror \nfunction. If a user were tricked into opening a specially crafted dot file, \nan attacker could cause Graphviz to crash, or possibly execute arbitrary \ncode. (CVE-2014-0978, CVE-2014-1235)\n\nIt was discovered that Graphviz incorrectly handled memory in the chkNum \nfunction. If a user were tricked into opening a specially crafted dot file, \nan attacker could cause Graphviz to crash, or possibly execute arbitrary \ncode. (CVE-2014-1236)\n\nThe default compiler options for affected releases should reduce the \nvulnerability to a denial of service.", "edition": 5, "modified": "2014-01-16T00:00:00", "published": "2014-01-16T00:00:00", "id": "USN-2083-1", "href": "https://ubuntu.com/security/notices/USN-2083-1", "title": "Graphviz vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2017-02-11T00:59:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1236", "CVE-2014-1235", "CVE-2014-0978"], "edition": 1, "description": "### Background\n\nGraphviz is an open source graph visualization software.\n\n### Description\n\nMultiple vulnerabilities in Graphviz were discovered. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker, able to control input matched against a regular expression or by enticing a user to process a specially crafted file, could cause unspecified impacts. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Graphviz users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/graphviz-2.36.0\"", "modified": "2017-02-10T00:00:00", "published": "2017-02-10T00:00:00", "href": "https://security.gentoo.org/glsa/201702-06", "id": "GLSA-201702-06", "title": "Graphviz: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0978", "CVE-2014-1235", "CVE-2014-1236"], "description": "A collection of tools for the manipulation and layout of graphs (as in nodes and edges, not as in barcharts). ", "modified": "2014-02-11T23:02:24", "published": "2014-02-11T23:02:24", "id": "FEDORA:10FAA2116D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: graphviz-2.30.1-12.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0978", "CVE-2014-1235", "CVE-2014-1236"], "description": "A collection of tools for the manipulation and layout of graphs (as in nodes and edges, not as in barcharts). ", "modified": "2014-02-11T23:00:32", "published": "2014-02-11T23:00:32", "id": "FEDORA:C380B2210D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: graphviz-2.34.0-8.fc20", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0978", "CVE-2014-1235", "CVE-2014-1236", "CVE-2014-9157"], "description": "A collection of tools for the manipulation and layout of graphs (as in nodes and edges, not as in barcharts). ", "modified": "2014-12-06T02:28:42", "published": "2014-12-06T02:28:42", "id": "FEDORA:B760E60BC2DC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: graphviz-2.34.0-10.fc20", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0978", "CVE-2014-1235", "CVE-2014-1236", "CVE-2014-9157"], "description": "A collection of tools for the manipulation and layout of graphs (as in nodes and edges, not as in barcharts). ", "modified": "2014-12-07T04:40:43", "published": "2014-12-07T04:40:43", "id": "FEDORA:3350A6087C4C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: graphviz-2.30.1-13.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
