Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.GENTOO_GLSA-200408-14.NASL
HistoryAug 30, 2004 - 12:00 a.m.

GLSA-200408-14 : acroread: UUDecode filename buffer overflow

2004-08-3000:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
19

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.137 Low

EPSS

Percentile

95.7%

JSON

The remote host is affected by the vulnerability described in GLSA-200408-14 (acroread: UUDecode filename buffer overflow)

acroread contains two errors in the handling of UUEncoded filenames.
First, it fails to check the length of a filename before copying it     into a fixed size buffer and, secondly, it fails to check for the     backtick shell metacharacter in the filename before executing a command     with a shell.

Impact :

By enticing a user to open a PDF with a specially crafted filename, an     attacker could execute arbitrary code or programs with the permissions     of the user running acroread.

Workaround :

There is no known workaround at this time. All users are encouraged to     upgrade to the latest available version of acroread.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200408-14.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14570);
  script_version("1.22");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-0630", "CVE-2004-0631");
  script_xref(name:"GLSA", value:"200408-14");

  script_name(english:"GLSA-200408-14 : acroread: UUDecode filename buffer overflow");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200408-14
(acroread: UUDecode filename buffer overflow)

    acroread contains two errors in the handling of UUEncoded filenames.
    First, it fails to check the length of a filename before copying it
    into a fixed size buffer and, secondly, it fails to check for the
    backtick shell metacharacter in the filename before executing a command
    with a shell.
  
Impact :

    By enticing a user to open a PDF with a specially crafted filename, an
    attacker could execute arbitrary code or programs with the permissions
    of the user running acroread.
  
Workaround :

    There is no known workaround at this time. All users are encouraged to
    upgrade to the latest available version of acroread."
  );
  # http://idefense.com/application/poi/display?id=124&type=vulnerabilities
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?09112fc9"
  );
  # http://idefense.com/application/poi/display?id=125&type=vulnerabilities
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?7aa457ea"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200408-14"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All acroread users should upgrade to the latest version:
    # emerge sync
    # emerge -pv '>=app-text/acroread-5.09'
    # emerge '>=app-text/acroread-5.09'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acroread");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/08/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
  script_set_attribute(attribute:"vuln_publication_date", value:"2004/08/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"app-text/acroread", unaffected:make_list("ge 5.09"), vulnerable:make_list("le 5.08"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
}
VendorProductVersionCPE
gentoolinuxacroreadp-cpe:/a:gentoo:linux:acroread
gentoolinuxcpe:/o:gentoo:linux

Related

gentoo 1
nessus 2
redhat 1
openvas 4
cve 2
freebsd 1
checkpoint_advisories 1
securityvulns 1
cvelist 2
nvd 2
gentoo
gentoo
acroread: UUDecode filename buffer overflow
2004-08-15 00:00:00
nessus
nessus
RHEL 3 : acroread (RHSA-2004:432)
2004-08-26 00:00:00
FreeBSD : acroread uudecoder input validation error (78348ea2-ec91-11d8-b913-000c41e2cdad)
2004-08-12 00:00:00
redhat
redhat
(RHSA-2004:432) acroread security update
2004-08-26 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200408-14 (acroread)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200408-14 (acroread)
2008-09-24 00:00:00
FreeBSD Ports: acroread, acroread4, acroread5
2008-09-04 00:00:00
cve
cve
CVE-2004-0631
2004-08-18 04:00:00
CVE-2004-0630
2004-08-18 04:00:00
freebsd
freebsd
acroread uudecoder input validation error
2004-08-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader (Unix) Shell Metacharacter Code Execution (CVE-2004-0630)
2009-11-03 00:00:00
securityvulns
securityvulns
[Full-Disclosure] iDEFENSE Security Advisory 08.12.04a: Adobe Acrobat Reader (Unix) Shell Metacharacter Code Execution Vulnerability
2004-08-17 00:00:00
cvelist
cvelist
CVE-2004-0630
2004-08-14 04:00:00
CVE-2004-0631
2004-08-14 04:00:00
nvd
nvd
CVE-2004-0630
2004-08-18 04:00:00
CVE-2004-0631
2004-08-18 04:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.137 Low

EPSS

Percentile

95.7%

JSON
Related for GENTOO_GLSA-200408-14.NASL
gentoo1nessus2redhat1openvas4cve2freebsd1checkpoint_advisories1securityvulns1cvelist2nvd2