Lucene search
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2017-0837.NASLHistoryMar 30, 2017 - 12:00 a.m.
CentOS 7 : icoutils (CESA-2017:0837)
2017-03-3000:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
An update for icoutils is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries.
Security Fix(es) :
-
Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-5208, CVE-2017-5333, CVE-2017-6009)
-
A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash. (CVE-2017-5332)
-
Multiple vulnerabilities were found in icoutils, in the icotool program. An attacker could create a crafted ICO or CUR file that, when read by icotool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-6010, CVE-2017-6011)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2017:0837 and
# CentOS Errata and Security Advisory 2017:0837 respectively.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(99040);
script_version("3.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2017-5208", "CVE-2017-5332", "CVE-2017-5333", "CVE-2017-6009", "CVE-2017-6010", "CVE-2017-6011");
script_xref(name:"RHSA", value:"2017:0837");
script_name(english:"CentOS 7 : icoutils (CESA-2017:0837)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote CentOS host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"An update for icoutils is now available for Red Hat Enterprise Linux
7.
Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
The icoutils are a set of programs for extracting and converting
images in Microsoft Windows icon and cursor files. These files usually
have the extension .ico or .cur, but they can also be embedded in
executables or libraries.
Security Fix(es) :
* Multiple vulnerabilities were found in icoutils, in the wrestool
program. An attacker could create a crafted executable that, when read
by wrestool, could result in memory corruption leading to a crash or
potential code execution. (CVE-2017-5208, CVE-2017-5333,
CVE-2017-6009)
* A vulnerability was found in icoutils, in the wrestool program. An
attacker could create a crafted executable that, when read by
wrestool, could result in failure to allocate memory or an over-large
memcpy operation, leading to a crash. (CVE-2017-5332)
* Multiple vulnerabilities were found in icoutils, in the icotool
program. An attacker could create a crafted ICO or CUR file that, when
read by icotool, could result in memory corruption leading to a crash
or potential code execution. (CVE-2017-6010, CVE-2017-6011)"
);
# https://lists.centos.org/pipermail/centos-announce/2017-March/022347.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?3105877f"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected icoutils package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-5208");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:icoutils");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/02/16");
script_set_attribute(attribute:"patch_publication_date", value:"2017/03/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/30");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CentOS Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver);
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"icoutils-0.31.3-1.el7_3")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "icoutils");
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5208
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5332
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5333
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6010
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6011
www.nessus.org/u?3105877f
Related
nessus
nessus
Virtuozzo 7 : icoutils (VZLSA-2017-0837)
2017-07-13 00:00:00
EulerOS 2.0 SP1 : icoutils (EulerOS-SA-2017-1089)
2017-06-09 00:00:00
Oracle Linux 7 : icoutils (ELSA-2017-0837)
2017-03-23 00:00:00
openvas
openvas
CentOS Update for icoutils CESA-2017:0837 centos7
2017-03-30 00:00:00
RedHat Update for icoutils RHSA-2017:0837-01
2017-03-23 00:00:00
Huawei EulerOS: Security Advisory for icoutils (EulerOS-SA-2017-1089)
2020-01-23 00:00:00
redhat
redhat
(RHSA-2017:0837) Important: icoutils security update
2017-03-23 00:21:47
oraclelinux
oraclelinux
icoutils security update
2017-03-22 00:00:00
centos
centos
icoutils security update
2017-03-29 10:58:02
ibm
ibm
Security Bulletin: Vulnerabilities in icoutils affect PowerKVM
2018-06-18 01:36:16
osv
osv
icoutils vulnerabilities
2021-01-18 12:30:38
icoutils - security update
2017-03-13 00:00:00
icoutils - security update
2017-03-12 00:00:00
ubuntu
ubuntu
icoutils vulnerabilities
2021-01-18 00:00:00
icoutils vulnerabilities
2017-03-13 00:00:00
icoutils vulnerabilities
2017-01-24 00:00:00
gentoo
gentoo
icoutils: Multiple vulnerabilities
2018-01-11 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: icoutils-0.31.2-1.fc25
2017-03-16 22:22:56
[SECURITY] Fedora 24 Update: icoutils-0.31.2-1.fc24
2017-03-16 21:19:37
[SECURITY] Fedora 26 Update: icoutils-0.31.2-1.fc26
2017-04-01 17:41:14
debian
debian
[SECURITY] [DLA 854-1] icoutils security update
2017-03-13 20:06:38
[SECURITY] [DSA 3807-1] icoutils security update
2017-03-12 17:33:06
[SECURITY] [DLA 789-1] icoutils security update
2017-01-17 21:22:43
mageia
mageia
Updated icoutils packages fix security vulnerability
2017-03-23 10:19:23
Updated icoutils packages fix security vulnerability
2017-02-07 16:34:44
ubuntucve
ubuntucve
suse
suse
Security update for icoutils (important)
2017-01-17 00:08:56
Security update for icoutils (important)
2017-01-17 00:09:13
Security update for icoutils (important)
2017-01-17 00:08:40
freebsd
freebsd
icoutils -- check_offset overflow on 64-bit systems
2017-01-03 00:00:00
cve
cve
prion
prion
Buffer overflow
2017-02-16 11:59:00
Buffer overflow
2017-02-16 11:59:00
Buffer overflow
2017-02-16 11:59:00
redhatcve
redhatcve
debiancve
debiancve
archlinux
archlinux
[ASA-201701-13] icoutils: arbitrary code execution
2017-01-09 00:00:00
Related for CENTOS_RHSA-2017-0837.NASL