CentOS 4 : xpdf (CESA-2009:1680)

🗓️ 21 Dec 2009 00:00:00Reported by TenableType

Updated xpdf package for CentOS 4 resolves buffer overflow security fla

Reporter	Title	Published	Views	Family All 64
Tenable Nessus	CentOS 4 : gpdf (CESA-2009:1681)	21 Dec 200900:00	–	nessus
Tenable Nessus	CentOS 4 : kdegraphics (CESA-2009:1682)	21 Dec 200900:00	–	nessus
Tenable Nessus	GLSA-201402-17 : Xpdf: User-assisted execution of arbitrary code	18 Feb 201400:00	–	nessus
Tenable Nessus	Oracle Linux 4 : xpdf (ELSA-2009-1680)	12 Jul 201300:00	–	nessus
Tenable Nessus	Oracle Linux 4 : gpdf (ELSA-2009-1681)	12 Jul 201300:00	–	nessus
Tenable Nessus	Oracle Linux 4 : kdegraphics (ELSA-2009-1682)	12 Jul 201300:00	–	nessus
Tenable Nessus	RHEL 4 : xpdf (RHSA-2009:1680)	17 Dec 200900:00	–	nessus
Tenable Nessus	RHEL 4 : gpdf (RHSA-2009:1681)	17 Dec 200900:00	–	nessus
Tenable Nessus	RHEL 4 : kdegraphics (RHSA-2009:1682)	17 Dec 200900:00	–	nessus
Tenable Nessus	Scientific Linux Security Update : gpdf on SL4.x i386/x86_64	1 Aug 201200:00	–	nessus

Source	Link
nessus	www.nessus.org/u
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2009:1680 and 
# CentOS Errata and Security Advisory 2009:1680 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(43357);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2009-4035");
  script_xref(name:"RHSA", value:"2009:1680");

  script_name(english:"CentOS 4 : xpdf (CESA-2009:1680)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An updated xpdf package that fixes a security issue is now available
for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files.

Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow
flaw in Xpdf's Type 1 font parser. A specially crafted PDF file with
an embedded Type 1 font could cause Xpdf to crash or, possibly,
execute arbitrary code when opened. (CVE-2009-4035)

Users are advised to upgrade to this updated package, which contains a
backported patch to correct this issue."
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-December/016399.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?0a160f91"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-December/016400.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e35270c8"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected xpdf package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(94);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xpdf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/12/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/12/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"xpdf-3.00-23.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"xpdf-3.00-23.el4_8.1")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xpdf");
}

04 Jan 2021 00:00Current

6Medium risk

Vulners AI Score6

CVSS 29.3

EPSS0.0245