Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2009-051.NASL
HistoryApr 23, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : libpng (MDVSA-2009:051)

2009-04-2300:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
18
JSON

A number of vulnerabilities have been found and corrected in libpng :

Fixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was allready fixed in Mandriva Linux 2009.0.

Fix the function png_check_keyword() that allowed setting arbitrary bytes in the process memory to 0 (CVE-2008-5907).

Fix a potential DoS (Denial of Service) or to potentially compromise an application using the library (CVE-2009-0040).

The updated packages have been patched to prevent this.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:051. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(36671);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2008-3964", "CVE-2008-5907", "CVE-2009-0040");
  script_bugtraq_id(33827);
  script_xref(name:"MDVSA", value:"2009:051");

  script_name(english:"Mandriva Linux Security Advisory : libpng (MDVSA-2009:051)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A number of vulnerabilities have been found and corrected in libpng :

Fixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was
allready fixed in Mandriva Linux 2009.0.

Fix the function png_check_keyword() that allowed setting arbitrary
bytes in the process memory to 0 (CVE-2008-5907).

Fix a potential DoS (Denial of Service) or to potentially compromise
an application using the library (CVE-2009-0040).

The updated packages have been patched to prevent this."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(94, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/02/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64png-devel-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64png-static-devel-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64png3-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libpng-devel-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"libpng-source-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libpng-static-devel-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libpng3-1.2.22-0.3mdv2008.0", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64png-devel-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64png-static-devel-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64png3-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libpng-devel-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"libpng-source-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libpng-static-devel-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libpng3-1.2.25-2.2mdv2008.1", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64png-devel-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64png-static-devel-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64png3-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libpng-devel-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"libpng-source-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libpng-static-devel-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libpng3-1.2.31-2.1mdv2009.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxlib64png-develp-cpe:/a:mandriva:linux:lib64png-devel
mandrivalinuxlib64png-static-develp-cpe:/a:mandriva:linux:lib64png-static-devel
mandrivalinuxlib64png3p-cpe:/a:mandriva:linux:lib64png3
mandrivalinuxlibpng-develp-cpe:/a:mandriva:linux:libpng-devel
mandrivalinuxlibpng-sourcep-cpe:/a:mandriva:linux:libpng-source
mandrivalinuxlibpng-static-develp-cpe:/a:mandriva:linux:libpng-static-devel
mandrivalinuxlibpng3p-cpe:/a:mandriva:linux:libpng3
mandrivalinux2008.0cpe:/o:mandriva:linux:2008.0
mandrivalinux2008.1cpe:/o:mandriva:linux:2008.1
mandrivalinux2009.0cpe:/o:mandriva:linux:2009.0

Related

openvas 88
securityvulns 6
nessus 57
ubuntu 2
gentoo 2
prion 3
cve 3
veracode 2
cert 2
ubuntucve 3
f5 2
fedora 8
slackware 1
redhat 3
freebsd 1
centos 5
seebug 1
mozilla 1
debian 1
osv 1
oraclelinux 3
vmware 2
suse 2
openvas
openvas
Mandrake Security Advisory MDVSA-2009:051 (libpng)
2009-03-02 00:00:00
Mandrake Security Advisory MDVSA-2009:051 (libpng)
2009-03-02 00:00:00
Gentoo Security Advisory GLSA 200903-28 (libpng)
2009-03-20 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:051 ] libpng
2009-02-25 00:00:00
libpng multiple security vulnerabilities
2009-02-25 00:00:00
Mozilla Foundation Security Advisory 2009-10
2009-03-06 00:00:00
nessus
nessus
GLSA-200903-28 : libpng: Multiple vulnerabilities
2009-03-16 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)
2009-04-23 00:00:00
openSUSE 10 Security Update : libpng (libpng-5944)
2009-01-29 00:00:00
ubuntu
ubuntu
libpng vulnerabilities
2009-03-06 00:00:00
Firefox and Xulrunner vulnerabilities
2009-03-05 00:00:00
gentoo
gentoo
libpng: Multiple vulnerabilities
2009-03-15 00:00:00
POV-Ray: User-assisted execution of arbitrary code
2008-12-14 00:00:00
prion
prion
Double free
2009-01-15 17:30:00
Code injection
2008-09-11 01:13:00
Design/Logic Flaw
2009-02-22 22:30:00
cve
cve
CVE-2008-5907
2009-01-15 17:30:00
CVE-2008-3964
2008-09-11 01:13:00
CVE-2009-0040
2009-02-22 22:30:00
veracode
veracode
Denial Of Service (DoS)
2022-02-03 06:00:58
Arbitrary Code Execution
2020-04-10 00:30:13
cert
cert
libpng off-by-one vulnerability
2008-10-02 00:00:00
libpng fails to properly initialize element pointers
2009-03-02 00:00:00
ubuntucve
ubuntucve
CVE-2008-3964
2008-09-11 00:00:00
CVE-2008-5907
2009-01-15 00:00:00
CVE-2009-0040
2009-02-22 00:00:00
f5
f5
K9988 : libpng vulnerability CVE-2009-0040
2013-03-27 00:00:00
SOL9988 - libpng vulnerability CVE-2009-0040
2009-04-21 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: libpng-1.2.35-1.fc10
2009-02-26 15:33:35
[SECURITY] Fedora 10 Update: mingw32-libpng-1.2.35-1.fc10
2009-02-26 15:35:43
[SECURITY] Fedora 10 Update: libpng10-1.0.43-1.fc10
2009-03-09 23:12:14
slackware
slackware
libpng
2009-02-20 17:06:41
redhat
redhat
(RHSA-2009:0340) Moderate: libpng security update
2009-03-04 00:00:00
(RHSA-2009:0333) Moderate: libpng security update
2009-03-04 00:00:00
(RHSA-2009:0325) Critical: seamonkey security update
2009-03-04 00:00:00
freebsd
freebsd
pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability
2009-02-19 00:00:00
centos
centos
libpng, libpng10 security update
2009-03-04 23:31:04
libpng security update
2009-03-11 03:53:56
libpng, libpng10 security update
2009-03-05 18:16:07
seebug
seebug
VMware Server libpng Uninitialised Pointer Arrays Vulnerability
2009-08-24 00:00:00
mozilla
mozilla
Upgrade PNG library to fix memory safety hazards — Mozilla
2009-03-04 00:00:00
debian
debian
[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities
2009-03-22 17:16:04
osv
osv
libpng - several vulnerabilities
2009-03-22 00:00:00
oraclelinux
oraclelinux
libpng security update
2009-03-04 00:00:00
libpng security update
2009-03-04 00:00:00
seamonkey security update
2009-03-05 00:00:00
vmware
vmware
VMware Hosted products and ESX and ESXi patches resolve security issues
2009-05-28 00:00:00
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-04-20 12:01:40
remote code execution in MozillaFirefox
2009-03-16 14:15:07
JSON
Related for MANDRIVA_MDVSA-2009-051.NASL
openvas88securityvulns6nessus57ubuntu2gentoo2prion3cve3veracode2cert2ubuntucve3f52fedora8slackware1redhat3freebsd1centos5seebug1mozilla1debian1osv1oraclelinux3vmware2suse2