ID GENTOO_GLSA-200504-21.NASL Type nessus Reporter This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2005-04-22T00:00:00
Description
The remote host is affected by the vulnerability described in GLSA-200504-21
(RealPlayer, Helix Player: Buffer overflow vulnerability)
Piotr Bania has discovered a buffer overflow vulnerability in
RealPlayer and Helix Player when processing malicious RAM files.
Impact :
By enticing a user to play a specially crafted RAM file an
attacker could execute arbitrary code with the permissions of the user
running the application.
Workaround :
There is no known workaround at this time.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200504-21.
#
# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(18121);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2005-0755");
script_xref(name:"GLSA", value:"200504-21");
script_name(english:"GLSA-200504-21 : RealPlayer, Helix Player: Buffer overflow vulnerability");
script_summary(english:"Checks for updated package(s) in /var/db/pkg");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Gentoo host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is affected by the vulnerability described in GLSA-200504-21
(RealPlayer, Helix Player: Buffer overflow vulnerability)
Piotr Bania has discovered a buffer overflow vulnerability in
RealPlayer and Helix Player when processing malicious RAM files.
Impact :
By enticing a user to play a specially crafted RAM file an
attacker could execute arbitrary code with the permissions of the user
running the application.
Workaround :
There is no known workaround at this time."
);
# http://service.real.com/help/faq/security/050419_player/EN/
script_set_attribute(
attribute:"see_also",
value:"https://www.real.com/"
);
script_set_attribute(
attribute:"see_also",
value:"https://security.gentoo.org/glsa/200504-21"
);
script_set_attribute(
attribute:"solution",
value:
"All RealPlayer users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-video/realplayer-10.0.4'
All Helix Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-video/helixplayer-1.0.4'"
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:helixplayer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:realplayer");
script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2005/04/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/22");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Gentoo Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (qpkg_check(package:"media-video/helixplayer", unaffected:make_list("ge 1.0.4"), vulnerable:make_list("lt 1.0.4"))) flag++;
if (qpkg_check(package:"media-video/realplayer", unaffected:make_list("ge 10.0.4"), vulnerable:make_list("lt 10.0.4"))) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = qpkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "RealPlayer / Helix Player");
}
{"id": "GENTOO_GLSA-200504-21.NASL", "bulletinFamily": "scanner", "title": "GLSA-200504-21 : RealPlayer, Helix Player: Buffer overflow vulnerability", "description": "The remote host is affected by the vulnerability described in GLSA-200504-21\n(RealPlayer, Helix Player: Buffer overflow vulnerability)\n\n Piotr Bania has discovered a buffer overflow vulnerability in\n RealPlayer and Helix Player when processing malicious RAM files.\n \nImpact :\n\n By enticing a user to play a specially crafted RAM file an\n attacker could execute arbitrary code with the permissions of the user\n running the application.\n \nWorkaround :\n\n There is no known workaround at this time.", "published": "2005-04-22T00:00:00", "modified": "2005-04-22T00:00:00", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/18121", "reporter": "This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.real.com/", "https://security.gentoo.org/glsa/200504-21"], "cvelist": ["CVE-2005-0755"], "type": "nessus", "lastseen": "2021-01-07T10:51:56", "edition": 26, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-0755"]}, {"type": "osvdb", "idList": ["OSVDB:15710", "OSVDB:15742"]}, {"type": "redhat", "idList": ["RHSA-2005:392", "RHSA-2005:394", "RHSA-2005:363"]}, {"type": "openvas", "idList": ["OPENVAS:54923"]}, {"type": "centos", "idList": ["CESA-2005:392"]}, {"type": "gentoo", "idList": ["GLSA-200504-21"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2005-394.NASL", "REDHAT-RHSA-2005-363.NASL", "FEDORA_2005-329.NASL", "CENTOS_RHSA-2005-392.NASL", "REDHAT-RHSA-2005-392.NASL"]}], "modified": "2021-01-07T10:51:56", "rev": 2}, "score": {"value": 7.2, "vector": "NONE", "modified": "2021-01-07T10:51:56", "rev": 2}, "vulnersScore": 7.2}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200504-21.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18121);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0755\");\n script_xref(name:\"GLSA\", value:\"200504-21\");\n\n script_name(english:\"GLSA-200504-21 : RealPlayer, Helix Player: Buffer overflow vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200504-21\n(RealPlayer, Helix Player: Buffer overflow vulnerability)\n\n Piotr Bania has discovered a buffer overflow vulnerability in\n RealPlayer and Helix Player when processing malicious RAM files.\n \nImpact :\n\n By enticing a user to play a specially crafted RAM file an\n attacker could execute arbitrary code with the permissions of the user\n running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://service.real.com/help/faq/security/050419_player/EN/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.real.com/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200504-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All RealPlayer users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/realplayer-10.0.4'\n All Helix Player users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/helixplayer-1.0.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:helixplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:realplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-video/helixplayer\", unaffected:make_list(\"ge 1.0.4\"), vulnerable:make_list(\"lt 1.0.4\"))) flag++;\nif (qpkg_check(package:\"media-video/realplayer\", unaffected:make_list(\"ge 10.0.4\"), vulnerable:make_list(\"lt 10.0.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"RealPlayer / Helix Player\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "18121", "cpe": ["p-cpe:/a:gentoo:linux:realplayer", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:helixplayer"], "scheme": null}
{"cve": [{"lastseen": "2020-12-09T19:22:19", "description": "Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.", "edition": 5, "cvss3": {}, "published": "2005-04-19T04:00:00", "title": "CVE-2005-0755", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-0755"], "modified": "2017-11-21T14:13:00", "cpe": ["cpe:/a:realnetworks:realplayer:8.0", "cpe:/a:realnetworks:realplayer:10.0", "cpe:/a:realnetworks:helix_player:10.0.3", "cpe:/a:realnetworks:realone_player:2.0", "cpe:/a:realnetworks:realplayer:10.0_6.0.12.690", "cpe:/a:realnetworks:realone_player:1.0"], "id": "CVE-2005-0755", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0755", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:realnetworks:realplayer:10.0_6.0.12.690:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:ja:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:beta:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:de:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:unix:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:en:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:mac_os_x:*:*", "cpe:2.3:a:realnetworks:helix_player:10.0.3:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:11", "bulletinFamily": "software", "cvelist": ["CVE-2005-0755"], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in RealPlayer. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted RAM file containing an overly long hostname, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, RealNetworks has released a patch to address this vulnerability.\n## Short Description\nA remote overflow exists in RealPlayer. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted RAM file containing an overly long hostname, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\nVendor URL: http://www.real.com/\n[Vendor Specific Advisory URL](http://service.real.com/help/faq/security/050419_player/EN/)\n[Vendor Specific Advisory URL](http://www.service.real.com/help/faq/security/security041905.html)\nSecurity Tracker: 1013768\n[Secunia Advisory ID:15023](https://secuniaresearch.flexerasoftware.com/advisories/15023/)\n[Secunia Advisory ID:15033](https://secuniaresearch.flexerasoftware.com/advisories/15033/)\n[Secunia Advisory ID:15043](https://secuniaresearch.flexerasoftware.com/advisories/15043/)\n[Secunia Advisory ID:15028](https://secuniaresearch.flexerasoftware.com/advisories/15028/)\n[Secunia Advisory ID:15095](https://secuniaresearch.flexerasoftware.com/advisories/15095/)\nRedHat RHSA: RHSA-2005:394\nOther Advisory URL: http://pb.specialised.info/all/adv/real-ram-adv.txt\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Apr/0008.html\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-21.xml\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0435.html\n[CVE-2005-0755](https://vulners.com/cve/CVE-2005-0755)\n", "modified": "2005-04-20T05:11:50", "published": "2005-04-20T05:11:50", "href": "https://vulners.com/osvdb/OSVDB:15710", "id": "OSVDB:15710", "title": "RealPlayer RAM File Processing Overflow", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:11", "bulletinFamily": "software", "cvelist": ["CVE-2005-0755"], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in Helix Player. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted RAM file containing an overly long hostname, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 1.0.4 Gold or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in Helix Player. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted RAM file containing an overly long hostname, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\nVendor URL: https://player.helixcommunity.org/\nVendor Specific Solution URL: http://player.helixcommunity.org/downloads/\n[Vendor Specific Advisory URL](https://helixcommunity.org/forum/forum.php?forum_id=410)\n[Vendor Specific Advisory URL](http://rhn.redhat.com/errata/RHSA-2005-392.html)\n[Secunia Advisory ID:15033](https://secuniaresearch.flexerasoftware.com/advisories/15033/)\n[Secunia Advisory ID:15023](https://secuniaresearch.flexerasoftware.com/advisories/15023/)\n[Secunia Advisory ID:15043](https://secuniaresearch.flexerasoftware.com/advisories/15043/)\n[Secunia Advisory ID:15095](https://secuniaresearch.flexerasoftware.com/advisories/15095/)\nOther Advisory URL: http://pb.specialised.info/all/adv/real-ram-adv.txt\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-21.xml\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0435.html\n[CVE-2005-0755](https://vulners.com/cve/CVE-2005-0755)\n", "modified": "2005-04-20T05:11:50", "published": "2005-04-20T05:11:50", "href": "https://vulners.com/osvdb/OSVDB:15742", "id": "OSVDB:15742", "title": "Helix Player RAM File Processing Overflow", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-05-29T14:35:07", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0755"], "description": "RealPlayer is a media player that provides solid media playback locally \nand via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, \nFlash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and \nmore.\n\nA buffer overflow bug was found in the way RealPlayer processes RAM files.\nAn attacker could create a specially crafted RAM file which could execute\narbitrary code when opened by a user. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0755 to\nthis issue.\n\nAll users of RealPlayer are advised to upgrade to this updated package,\nwhich contains RealPlayer version 10.0.4 and is not vulnerable to this\nissue.", "modified": "2017-07-22T04:37:07", "published": "2005-04-20T04:00:00", "id": "RHSA-2005:363", "href": "https://access.redhat.com/errata/RHSA-2005:363", "type": "redhat", "title": "(RHSA-2005:363) RealPlayer security update", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:35:16", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0755"], "description": "RealPlayer is a media player providing solid media playback locally \nand via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, \nFlash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and \nmore.\n\nA buffer overflow bug was found in the way RealPlayer processes RAM files.\nAn attacker could create a specially crafted RAM file which could execute\narbitrary code when opened by a user. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0755 to\nthis issue.\n\nAll users of RealPlayer are advised to upgrade to this updated package,\nwhich contains RealPlayer version 10.0.4 and is not vulnerable to this\nissue.", "modified": "2018-05-26T04:26:19", "published": "2005-04-20T04:00:00", "id": "RHSA-2005:394", "href": "https://access.redhat.com/errata/RHSA-2005:394", "type": "redhat", "title": "(RHSA-2005:394) RealPlayer security update", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:15", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0755"], "description": "HelixPlayer is a media player.\n\nA buffer overflow bug was found in the way HelixPlayer processes RAM files.\nAn attacker could create a specially crafted RAM file which could execute\narbitrary code when opened by a user. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0755 to\nthis issue.\n\nAll users of HelixPlayer are advised to upgrade to this updated package,\nwhich contains HelixPlayer version 10.0.4 and is not vulnerable to this\nissue.", "modified": "2017-09-08T12:12:43", "published": "2005-04-20T04:00:00", "id": "RHSA-2005:392", "href": "https://access.redhat.com/errata/RHSA-2005:392", "type": "redhat", "title": "(RHSA-2005:392) HelixPlayer security update", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:50:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0755"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200504-21.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54923", "href": "http://plugins.openvas.org/nasl.php?oid=54923", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200504-21 (RealPlayer)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"RealPlayer and Helix Player are vulnerable to a buffer overflow that could\nlead to remote execution of arbitrary code.\";\ntag_solution = \"All RealPlayer users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/realplayer-10.0.4'\n\nAll Helix Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/helixplayer-1.0.4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200504-21\nhttp://bugs.gentoo.org/show_bug.cgi?id=89862\nhttp://service.real.com/help/faq/security/050419_player/EN/\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200504-21.\";\n\n \n\nif(description)\n{\n script_id(54923);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-0755\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200504-21 (RealPlayer)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-video/realplayer\", unaffected: make_list(\"ge 10.0.4\"), vulnerable: make_list(\"lt 10.0.4\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"media-video/helixplayer\", unaffected: make_list(\"ge 1.0.4\"), vulnerable: make_list(\"lt 1.0.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:26:27", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0755"], "description": "**CentOS Errata and Security Advisory** CESA-2005:392\n\n\nHelixPlayer is a media player.\n\nA buffer overflow bug was found in the way HelixPlayer processes RAM files.\nAn attacker could create a specially crafted RAM file which could execute\narbitrary code when opened by a user. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0755 to\nthis issue.\n\nAll users of HelixPlayer are advised to upgrade to this updated package,\nwhich contains HelixPlayer version 10.0.4 and is not vulnerable to this\nissue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023622.html\n\n**Affected packages:**\nHelixPlayer\n\n**Upstream details at:**\n", "edition": 4, "modified": "2005-04-20T20:07:21", "published": "2005-04-20T20:07:21", "href": "http://lists.centos.org/pipermail/centos-announce/2005-April/023622.html", "id": "CESA-2005:392", "title": "HelixPlayer security update", "type": "centos", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0755"], "description": "### Background\n\nRealPlayer is a multimedia player capable of handling multiple multimedia file formats. Helix Player is the Open Source version of RealPlayer. \n\n### Description\n\nPiotr Bania has discovered a buffer overflow vulnerability in RealPlayer and Helix Player when processing malicious RAM files. \n\n### Impact\n\nBy enticing a user to play a specially crafted RAM file an attacker could execute arbitrary code with the permissions of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll RealPlayer users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/realplayer-10.0.4\"\n\nAll Helix Player users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/helixplayer-1.0.4\"", "edition": 1, "modified": "2005-04-22T00:00:00", "published": "2005-04-22T00:00:00", "id": "GLSA-200504-21", "href": "https://security.gentoo.org/glsa/200504-21", "type": "gentoo", "title": "RealPlayer, Helix Player: Buffer overflow vulnerability", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-06T09:24:49", "description": "An updated HelixPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nHelixPlayer is a media player.\n\nA buffer overflow bug was found in the way HelixPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of HelixPlayer are advised to upgrade to this updated\npackage, which contains HelixPlayer version 10.0.4 and is not\nvulnerable to this issue.", "edition": 26, "published": "2006-07-05T00:00:00", "title": "CentOS 4 : HelixPlayer (CESA-2005:392)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0755"], "modified": "2006-07-05T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:HelixPlayer"], "id": "CENTOS_RHSA-2005-392.NASL", "href": "https://www.tenable.com/plugins/nessus/21932", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:392 and \n# CentOS Errata and Security Advisory 2005:392 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21932);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0755\");\n script_xref(name:\"RHSA\", value:\"2005:392\");\n\n script_name(english:\"CentOS 4 : HelixPlayer (CESA-2005:392)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated HelixPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nHelixPlayer is a media player.\n\nA buffer overflow bug was found in the way HelixPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of HelixPlayer are advised to upgrade to this updated\npackage, which contains HelixPlayer version 10.0.4 and is not\nvulnerable to this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-April/011584.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e8a6ca3b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected helixplayer package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:HelixPlayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"HelixPlayer-1.0.4-1.1.EL4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"HelixPlayer-1.0.4-1.1.EL4.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"HelixPlayer\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:50", "description": "---------------------------------------------------------------------\n\n - Sat Mar 19 2005 John (J5) Palmieri <johnp at redhat.com>\n 1:1.0.4-1.0.fc3.1\n\n - Update to upstream version 1.0.4 to fix 155386\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2005-09-12T00:00:00", "title": "Fedora Core 3 : HelixPlayer-1.0.4-1.0.fc3.1 (2005-329)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0755"], "modified": "2005-09-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:3", "p-cpe:/a:fedoraproject:fedora:HelixPlayer-debuginfo", "p-cpe:/a:fedoraproject:fedora:HelixPlayer"], "id": "FEDORA_2005-329.NASL", "href": "https://www.tenable.com/plugins/nessus/19653", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-329.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19653);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0755\");\n script_xref(name:\"FEDORA\", value:\"2005-329\");\n\n script_name(english:\"Fedora Core 3 : HelixPlayer-1.0.4-1.0.fc3.1 (2005-329)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"---------------------------------------------------------------------\n\n - Sat Mar 19 2005 John (J5) Palmieri <johnp at redhat.com>\n 1:1.0.4-1.0.fc3.1\n\n - Update to upstream version 1.0.4 to fix 155386\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-April/000872.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7763962d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected HelixPlayer and / or HelixPlayer-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:HelixPlayer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:HelixPlayer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"HelixPlayer-1.0.4-1.0.fc3.1\")) flag++;\nif (rpm_check(release:\"FC3\", cpu:\"i386\", reference:\"HelixPlayer-debuginfo-1.0.4-1.0.fc3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"HelixPlayer / HelixPlayer-debuginfo\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:28", "description": "An updated HelixPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nHelixPlayer is a media player.\n\nA buffer overflow bug was found in the way HelixPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of HelixPlayer are advised to upgrade to this updated\npackage, which contains HelixPlayer version 10.0.4 and is not\nvulnerable to this issue.", "edition": 28, "published": "2005-04-21T00:00:00", "title": "RHEL 4 : HelixPlayer (RHSA-2005:392)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0755"], "modified": "2005-04-21T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:HelixPlayer", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2005-392.NASL", "href": "https://www.tenable.com/plugins/nessus/18110", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:392. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18110);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0755\");\n script_xref(name:\"RHSA\", value:\"2005:392\");\n\n script_name(english:\"RHEL 4 : HelixPlayer (RHSA-2005:392)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated HelixPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nHelixPlayer is a media player.\n\nA buffer overflow bug was found in the way HelixPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of HelixPlayer are advised to upgrade to this updated\npackage, which contains HelixPlayer version 10.0.4 and is not\nvulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0755\"\n );\n # http://service.real.com/help/faq/security/050419_player/EN/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.real.com/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:392\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected HelixPlayer package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:HelixPlayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:392\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"HelixPlayer-1.0.4-1.1.EL4.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"HelixPlayer\");\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:28", "description": "An updated RealPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nRealPlayer is a media player providing solid media playback locally\nand via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video,\nFlash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and more.\n\nA buffer overflow bug was found in the way RealPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of RealPlayer are advised to upgrade to this updated\npackage, which contains RealPlayer version 10.0.4 and is not\nvulnerable to this issue.", "edition": 25, "published": "2005-04-21T00:00:00", "title": "RHEL 3 : RealPlayer (RHSA-2005:394)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0755"], "modified": "2005-04-21T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "p-cpe:/a:redhat:enterprise_linux:realplayer"], "id": "REDHAT-RHSA-2005-394.NASL", "href": "https://www.tenable.com/plugins/nessus/18111", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:394. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18111);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0755\");\n script_xref(name:\"RHSA\", value:\"2005:394\");\n\n script_name(english:\"RHEL 3 : RealPlayer (RHSA-2005:394)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated RealPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nRealPlayer is a media player providing solid media playback locally\nand via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video,\nFlash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and more.\n\nA buffer overflow bug was found in the way RealPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of RealPlayer are advised to upgrade to this updated\npackage, which contains RealPlayer version 10.0.4 and is not\nvulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2005-0755.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2005-394.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected realplayer package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:realplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/21\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"realplayer-10.0.4-1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:27", "description": "An updated RealPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nRealPlayer is a media player that provides solid media playback\nlocally and via streaming. It plays RealAudio, RealVideo, MP3, 3GPP\nVideo, Flash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and more.\n\nA buffer overflow bug was found in the way RealPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of RealPlayer are advised to upgrade to this updated\npackage, which contains RealPlayer version 10.0.4 and is not\nvulnerable to this issue.", "edition": 23, "published": "2005-04-21T00:00:00", "title": "RHEL 4 : RealPlayer (RHSA-2005:363)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0755"], "modified": "2005-04-21T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:RealPlayer"], "id": "REDHAT-RHSA-2005-363.NASL", "href": "https://www.tenable.com/plugins/nessus/18108", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:363. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18108);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0755\");\n script_xref(name:\"RHSA\", value:\"2005:363\");\n\n script_name(english:\"RHEL 4 : RealPlayer (RHSA-2005:363)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated RealPlayer package that fixes a buffer overflow issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nRealPlayer is a media player that provides solid media playback\nlocally and via streaming. It plays RealAudio, RealVideo, MP3, 3GPP\nVideo, Flash, SMIL 2.0, JPEG, GIF, PNG, RealPix and RealText and more.\n\nA buffer overflow bug was found in the way RealPlayer processes RAM\nfiles. An attacker could create a specially crafted RAM file which\ncould execute arbitrary code when opened by a user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0755 to this issue.\n\nAll users of RealPlayer are advised to upgrade to this updated\npackage, which contains RealPlayer version 10.0.4 and is not\nvulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2005-0755.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://service.real.com/help/faq/security/050419_player/EN/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2005-363.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected RealPlayer package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:RealPlayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"RealPlayer-10.0.4-0.rc1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}]}
