Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-755.NASL
HistoryDec 21, 2016 - 12:00 a.m.

Debian DLA-755-1 : dcmtk security update

2016-12-2100:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

At several places in the code a wrong length of ACSE data structures received over the network can cause overflows or underflows when processing those data structures. Related checks have been added at various places in order to prevent such (possible) attacks. Thanks to Kevin Basista for the report.

The bug will indeed affect all DCMTK-based server applications that accept incoming DICOM network connections that are using the dcmtk-3.6.0 and earlier versions.

(From: http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php)

For Debian 7 ‘Wheezy’, these problems have been fixed in version 3.6.0-12+deb7u1.

We recommend that you upgrade your dcmtk packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-755-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(95955);
  script_version("3.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2015-8979");

  script_name(english:"Debian DLA-755-1 : dcmtk security update");
  script_summary(english:"Checks dpkg output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"At several places in the code a wrong length of ACSE data structures
received over the network can cause overflows or underflows when
processing those data structures. Related checks have been added at
various places in order to prevent such (possible) attacks. Thanks to
Kevin Basista for the report.

The bug will indeed affect all DCMTK-based server applications that
accept incoming DICOM network connections that are using the
dcmtk-3.6.0 and earlier versions.

(From: http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php)

For Debian 7 'Wheezy', these problems have been fixed in version
3.6.0-12+deb7u1.

We recommend that you upgrade your dcmtk packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  # http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2016/12/msg00031.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/dcmtk"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:dcmtk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:dcmtk-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:dcmtk-www");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libdcmtk2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libdcmtk2-dev");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/12/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"dcmtk", reference:"3.6.0-12+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"dcmtk-doc", reference:"3.6.0-12+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"dcmtk-www", reference:"3.6.0-12+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"libdcmtk2", reference:"3.6.0-12+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"libdcmtk2-dev", reference:"3.6.0-12+deb7u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxdcmtkp-cpe:/a:debian:debian_linux:dcmtk
debiandebian_linuxdcmtk-docp-cpe:/a:debian:debian_linux:dcmtk-doc
debiandebian_linuxdcmtk-wwwp-cpe:/a:debian:debian_linux:dcmtk-www
debiandebian_linuxlibdcmtk2p-cpe:/a:debian:debian_linux:libdcmtk2
debiandebian_linuxlibdcmtk2-devp-cpe:/a:debian:debian_linux:libdcmtk2-dev
debiandebian_linux7.0cpe:/o:debian:debian_linux:7.0

Related

openvas 5
debian 3
ubuntucve 1
cve 1
osv 3
nessus 2
zeroscience 1
debiancve 1
prion 1
mageia 1
ubuntu 1
openvas
openvas
Debian Security Advisory DSA 3749-1 (dcmtk - security update)
2016-12-29 00:00:00
Debian: Security Advisory (DSA-3749-1)
2016-12-28 00:00:00
Debian: Security Advisory (DLA-755-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DSA 3749-1] dcmtk security update
2016-12-29 09:57:29
[SECURITY] [DSA 3749-1] dcmtk security update
2016-12-29 09:57:29
[SECURITY] [DLA 755-1] dcmtk security update
2016-12-20 23:25:53
ubuntucve
ubuntucve
CVE-2015-8979
2017-02-15 00:00:00
cve
cve
CVE-2015-8979
2017-02-15 15:59:00
osv
osv
dcmtk - security update
2016-12-29 00:00:00
dcmtk - security update
2016-12-20 00:00:00
dcmtk vulnerabilities
2023-02-22 18:23:35
nessus
nessus
Debian DSA-3749-1 : dcmtk - security update
2017-01-03 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : DCMTK vulnerabilities (USN-5882-1)
2023-02-22 00:00:00
zeroscience
zeroscience
DCMTK storescp DICOM storage (C-STORE) SCP Remote Stack Buffer Overflow
2016-12-16 00:00:00
debiancve
debiancve
CVE-2015-8979
2017-02-15 15:59:00
prion
prion
Stack overflow
2017-02-15 15:59:00
mageia
mageia
Updated dcmtk packages fix security vulnerability
2023-03-11 22:00:39
ubuntu
ubuntu
DCMTK vulnerabilities
2023-02-22 00:00:00
JSON
Related for DEBIAN_DLA-755.NASL
openvas5debian3ubuntucve1cve1osv3nessus2zeroscience1debiancve1prion1mageia1ubuntu1