Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 Tenable Network Security, Inc.OPENSUSE-2016-76.NASL
HistoryJan 26, 2016 - 12:00 a.m.

openSUSE Security Update : giflib (openSUSE-2016-76)

2016-01-2600:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
8
JSON

The following patch fixes

  • a heap overflow in giffix

  • a memory leak in libgif6

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-76.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(88159);
  script_version("2.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2015-7555");

  script_name(english:"openSUSE Security Update : giflib (openSUSE-2016-76)");
  script_summary(english:"Check for the openSUSE-2016-76 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The following patch fixes 

  - a heap overflow in giffix

  - a memory leak in libgif6"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=949160"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=960319"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected giflib packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:giflib-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:giflib-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:giflib-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:giflib-progs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:giflib-progs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgif6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgif6-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgif6-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgif6-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/01/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/26");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE13.1", reference:"giflib-debugsource-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"giflib-devel-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"giflib-progs-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"giflib-progs-debuginfo-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgif6-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgif6-debuginfo-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"giflib-devel-32bit-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libgif6-32bit-5.0.5-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libgif6-debuginfo-32bit-5.0.5-2.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "giflib-debugsource / giflib-devel-32bit / giflib-devel / etc");
}
VendorProductVersionCPE
novellopensusegiflib-debugsourcep-cpe:/a:novell:opensuse:giflib-debugsource
novellopensusegiflib-develp-cpe:/a:novell:opensuse:giflib-devel
novellopensusegiflib-devel-32bitp-cpe:/a:novell:opensuse:giflib-devel-32bit
novellopensusegiflib-progsp-cpe:/a:novell:opensuse:giflib-progs
novellopensusegiflib-progs-debuginfop-cpe:/a:novell:opensuse:giflib-progs-debuginfo
novellopensuselibgif6p-cpe:/a:novell:opensuse:libgif6
novellopensuselibgif6-32bitp-cpe:/a:novell:opensuse:libgif6-32bit
novellopensuselibgif6-debuginfop-cpe:/a:novell:opensuse:libgif6-debuginfo
novellopensuselibgif6-debuginfo-32bitp-cpe:/a:novell:opensuse:libgif6-debuginfo-32bit
novellopensuse13.1cpe:/o:novell:opensuse:13.1

Related

nessus 11
android 1
prion 1
openvas 5
fedora 2
ibm 1
suse 1
debiancve 1
mageia 1
freebsd 1
cve 1
ubuntucve 1
debian 1
rosalinux 1
androidsecurity 1
nessus
nessus
Fedora 23 : mingw-giflib-5.0.5-4.fc23 (2015-44fb3501cc)
2016-03-04 00:00:00
Debian DLA-389-1 : giflib security update
2016-01-18 00:00:00
openSUSE Security Update : giflib (openSUSE-2016-118)
2016-02-03 00:00:00
android
android
CVE-2015-7555
2017-05-01 00:00:00
prion
prion
Heap overflow
2016-04-13 15:59:00
openvas
openvas
Mageia Linux Local Check: mgasa-2016-0020
2016-01-15 00:00:00
openSUSE: Security Advisory for giflib (openSUSE-SU-2016:0207-1)
2016-01-23 00:00:00
Huawei EulerOS: Security Advisory for giflib (EulerOS-SA-2019-2152)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-giflib-5.0.5-4.fc22
2016-01-03 21:21:19
[SECURITY] Fedora 23 Update: mingw-giflib-5.0.5-4.fc23
2016-01-03 20:27:37
ibm
ibm
Security Bulletin: A vulnerability in giflib affects IBM Flex System Manager (FSM) (CVE-2015-7555)
2018-06-18 01:30:49
suse
suse
Security update for giflib (important)
2016-01-22 19:11:33
debiancve
debiancve
CVE-2015-7555
2016-04-13 15:59:00
mageia
mageia
Updated giflib packages fix security vulnerability
2016-01-15 04:52:38
freebsd
freebsd
giflib -- heap overflow
2015-12-21 00:00:00
cve
cve
CVE-2015-7555
2016-04-13 15:59:00
ubuntucve
ubuntucve
CVE-2015-7555
2016-04-13 00:00:00
debian
debian
[SECURITY] [DLA 389-1] giflib security update
2016-01-15 13:07:29
rosalinux
rosalinux
Advisory ROSA-SA-2021-1842
2021-07-02 16:45:05
androidsecurity
androidsecurity
Android Security Bulletinโ€”May 2017
2017-05-01 00:00:00
JSON
Related for OPENSUSE-2016-76.NASL
nessus11android1prion1openvas5fedora2ibm1suse1debiancve1mageia1freebsd1cve1ubuntucve1debian1rosalinux1androidsecurity1