This script is for a security update in Fedora 20 for mingw-openjpeg package to fix CVE-2013-6045, CVE-2013-6052, and CVE-2013-6053
Reporter | Title | Published | Views | Family All 119 |
---|---|---|---|---|
Fedora | [SECURITY] Fedora 20 Update: mingw-openjpeg-1.5.1-5.fc20 | 15 Dec 201303:27 | – | fedora |
Fedora | [SECURITY] Fedora 19 Update: mingw-openjpeg-1.5.1-5.fc19 | 15 Dec 201303:33 | – | fedora |
Fedora | [SECURITY] Fedora 20 Update: mingw-openjpeg-1.5.1-7.fc20 | 5 Jan 201412:33 | – | fedora |
Fedora | [SECURITY] Fedora 19 Update: openjpeg-1.5.1-8.fc19 | 31 Jan 201404:30 | – | fedora |
Fedora | [SECURITY] Fedora 20 Update: openjpeg-1.5.1-13.fc20 | 14 Oct 201404:29 | – | fedora |
Fedora | [SECURITY] Fedora 19 Update: openjpeg-1.5.1-13.fc19 | 3 Jan 201518:58 | – | fedora |
Fedora | [SECURITY] Fedora 20 Update: openjpeg-1.5.1-8.fc20 | 14 Jan 201408:43 | – | fedora |
Fedora | [SECURITY] Fedora 19 Update: mingw-openjpeg-1.5.1-7.fc19 | 5 Jan 201412:34 | – | fedora |
Fedora | [SECURITY] Fedora 19 Update: mingw-openjpeg-1.5.1-8.fc19 | 15 Apr 201415:44 | – | fedora |
Fedora | [SECURITY] Fedora 20 Update: mingw-openjpeg-1.5.1-8.fc20 | 15 Apr 201415:37 | – | fedora |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2013-22827.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(71444);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2013-6045", "CVE-2013-6052", "CVE-2013-6053");
script_bugtraq_id(64109, 64118, 64121);
script_xref(name:"FEDORA", value:"2013-22827");
script_name(english:"Fedora 20 : mingw-openjpeg-1.5.1-5.fc20 (2013-22827)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Fix CVE-2013-6045 CVE-2013-6052 CVE-2013-6053
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1036491"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1036493"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1036495"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124049.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?25566f3b"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected mingw-openjpeg package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mingw-openjpeg");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
script_set_attribute(attribute:"patch_publication_date", value:"2013/12/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/16");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC20", reference:"mingw-openjpeg-1.5.1-5.fc20")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mingw-openjpeg");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo