Update xemacs-21.5.29-2.fc11 for buffer overflow and font issue
Reporter | Title | Published | Views | Family All 27 |
---|---|---|---|---|
Tenable Nessus | SuSE 11 Security Update : XEmacs (SAT Patch Number 1183) | 24 Sep 200900:00 | – | nessus |
Tenable Nessus | GLSA-201006-15 : XEmacs: User-assisted execution of arbitrary code | 4 Jun 201000:00 | – | nessus |
Tenable Nessus | SuSE 10 Security Update : XEmacs (ZYPP Patch Number 6413) | 27 Jan 201100:00 | – | nessus |
Tenable Nessus | Fedora 10 : xemacs-21.5.28-10.fc10 (2009-8997) | 4 Sep 200900:00 | – | nessus |
Tenable Nessus | RHEL 4 : xemacs (Unpatched Vulnerability) | 3 Jun 202400:00 | – | nessus |
Tenable Nessus | openSUSE Security Update : xemacs (xemacs-1182) | 27 Aug 200900:00 | – | nessus |
Tenable Nessus | openSUSE 10 Security Update : xemacs (xemacs-6412) | 6 Oct 200900:00 | – | nessus |
Tenable Nessus | openSUSE Security Update : xemacs (xemacs-1182) | 27 Aug 200900:00 | – | nessus |
UbuntuCve | CVE-2009-2688 | 5 Aug 200900:00 | – | ubuntucve |
Debian CVE | CVE-2009-2688 | 5 Aug 200919:30 | – | debiancve |
Source | Link |
---|---|
nessus | www.nessus.org/u |
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2009-8993.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(40865);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2009-2688");
script_xref(name:"FEDORA", value:"2009-8993");
script_name(english:"Fedora 11 : xemacs-21.5.29-2.fc11 (2009-8993)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update fixes multiple buffer overflows when reading large image
files, or maliciously created image files whose headers misrepresent
the actual image size. The update also addresses multiple font issues,
some of which cause warnings on startup. Some warnings remain,
however, unless an ISO8859-13 fonts (e.g., terminus) is installed.
Also note that some warnings remain on Rawhide pending a resolution
for bz 507637.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=511994"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2009-September/028795.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?1d1f9c89"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected xemacs package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(189);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xemacs");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:11");
script_set_attribute(attribute:"patch_publication_date", value:"2009/08/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^11([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 11.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC11", reference:"xemacs-21.5.29-2.fc11")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xemacs");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo