Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.DEBIAN_DSA-609.NASLHistoryDec 14, 2004 - 12:00 a.m.
Debian DSA-609-1 : atari800 - buffer overflows
2004-12-1400:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
13
Adam Zabrocki discovered multiple buffer overflows in atari800, an Atari emulator. In order to directly access graphics hardware, one of the affected programs is installed setuid root. A local attacker could exploit this vulnerability to gain root privileges.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-609. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(15961);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2004-1076");
script_xref(name:"DSA", value:"609");
script_name(english:"Debian DSA-609-1 : atari800 - buffer overflows");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Adam Zabrocki discovered multiple buffer overflows in atari800, an
Atari emulator. In order to directly access graphics hardware, one of
the affected programs is installed setuid root. A local attacker could
exploit this vulnerability to gain root privileges."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2004/dsa-609"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the atari800 package immediately.
For the stable distribution (woody) these problems have been fixed in
version 1.2.2-1woody3."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:atari800");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");
script_set_attribute(attribute:"patch_publication_date", value:"2004/12/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/12/14");
script_set_attribute(attribute:"vuln_publication_date", value:"2004/11/27");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"3.0", prefix:"atari800", reference:"1.2.2-1woody3")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | atari800 | p-cpe:/a:debian:debian_linux:atari800 |
| debian | debian_linux | 3.0 | cpe:/o:debian:debian_linux:3.0 |
Related
openvas
openvas
Debian Security Advisory DSA 609-1 (atari800)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-609-1)
2008-01-17 00:00:00
osv
osv
atari800 - buffer overflows
2004-12-14 00:00:00
debian
debian
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit
2004-12-14 16:03:01
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit
2004-12-14 16:03:01
cve
cve
CVE-2004-1076
2005-01-10 05:00:00
debiancve
debiancve
CVE-2004-1076
2005-01-10 05:00:00
Related for DEBIAN_DSA-609.NASL