Fedora Core 6 : tetex-3.0-35.fc6 (2007-669)

🗓️ 21 Aug 2007 00:00:00Reported by TenableType

Update for tetex package addressing integer overflow and file context issues (2007-669) by Fedora Core

Reporter	Title	Published	Views	Family All 253
FreeBSD	xpdf -- stack based buffer overflow	30 Jul 200700:00	–	freebsd
ALT Linux	Security fix for the ALT Linux 5 package kdegraphics version 3.5.7-alt2	8 Aug 200700:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 5 package xpdf version 3.02-alt2	8 Aug 200700:00	–	altlinux
ATTACKERKB	CVE-2007-5049	24 Sep 200700:17	–	attackerkb
Tenable Nessus	CentOS 3 / 4 / 5 : cups (CESA-2007:0720)	31 Jul 200700:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : kdegraphics (CESA-2007:0729)	23 Apr 200900:00	–	nessus
Tenable Nessus	CentOS 4 : gpdf (CESA-2007:0730)	23 Apr 200900:00	–	nessus
Tenable Nessus	CentOS 3 / 4 / 5 : tetex (CESA-2007:0731)	2 Aug 200700:00	–	nessus
Tenable Nessus	CentOS 5 : poppler (CESA-2007:0732)	6 Jan 201000:00	–	nessus
Tenable Nessus	CentOS 3 / 4 : xpdf (CESA-2007:0735)	31 Jul 200700:00	–	nessus

Source	Link
nessus	www.nessus.org/u

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2007-669.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25913);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_xref(name:"FEDORA", value:"2007-669");

  script_name(english:"Fedora Core 6 : tetex-3.0-35.fc6 (2007-669)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora Core host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - Fri Aug 10 2007 Jindrich Novy <jnovy at redhat.com>
    3.0-35

    - backport upstream fix for xpdf integer overflow
      CVE-2007-3387 (#251515)

    - don't mess up file contexts while running texhash
      (#235032)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2007-August/003329.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?38330143"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-afm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-dvips");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-fonts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-latex");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:tetex-xdvi");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:6");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/08/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/08/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 6.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC6", reference:"tetex-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-afm-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-debuginfo-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-doc-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-dvips-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-fonts-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-latex-3.0-35.fc6")) flag++;
if (rpm_check(release:"FC6", reference:"tetex-xdvi-3.0-35.fc6")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tetex / tetex-afm / tetex-debuginfo / tetex-doc / tetex-dvips / etc");
}

11 Jan 2021 00:00Current

5.6Medium risk

Vulners AI Score5.6

CVSS 26.8

EPSS0.10704