Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2018-455.NASL
HistoryMay 14, 2018 - 12:00 a.m.

openSUSE Security Update : opencv (openSUSE-2018-455)

2018-05-1400:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
JSON

This update for opencv fixes the following issues :

  • CVE-2016-1517: Fixed a denial of service (segfault) via vectors involving corrupt chunks (boo#1033150)

  • CVE-2016-1516: Fixed a double free issue that allows attackers to execute arbitrary code (boo#1033152).

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2018-455.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(109752);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2016-1516", "CVE-2016-1517");

  script_name(english:"openSUSE Security Update : opencv (openSUSE-2018-455)");
  script_summary(english:"Check for the openSUSE-2018-455 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for opencv fixes the following issues :

  - CVE-2016-1517: Fixed a denial of service (segfault) via
    vectors involving corrupt chunks (boo#1033150)

  - CVE-2016-1516: Fixed a double free issue that allows
    attackers to execute arbitrary code (boo#1033152)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1033150"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1033152"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected opencv packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopencv-qt56_3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopencv-qt56_3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopencv3_1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopencv3_1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-qt5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-qt5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-qt5-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opencv-qt5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-opencv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-opencv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-opencv-qt5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-opencv-qt5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-opencv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-opencv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-opencv-qt5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-opencv-qt5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/04/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/14");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.3", reference:"libopencv-qt56_3-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libopencv-qt56_3-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libopencv3_1-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libopencv3_1-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-debugsource-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-devel-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-qt5-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-qt5-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-qt5-debugsource-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"opencv-qt5-devel-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python-opencv-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python-opencv-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python-opencv-qt5-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python-opencv-qt5-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python3-opencv-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python3-opencv-debuginfo-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python3-opencv-qt5-3.1.0-4.3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"python3-opencv-qt5-debuginfo-3.1.0-4.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libopencv-qt56_3 / libopencv-qt56_3-debuginfo / opencv-qt5 / etc");
}
VendorProductVersionCPE
novellopensuselibopencv-qt56_3p-cpe:/a:novell:opensuse:libopencv-qt56_3
novellopensuselibopencv-qt56_3-debuginfop-cpe:/a:novell:opensuse:libopencv-qt56_3-debuginfo
novellopensuselibopencv3_1p-cpe:/a:novell:opensuse:libopencv3_1
novellopensuselibopencv3_1-debuginfop-cpe:/a:novell:opensuse:libopencv3_1-debuginfo
novellopensuseopencvp-cpe:/a:novell:opensuse:opencv
novellopensuseopencv-debuginfop-cpe:/a:novell:opensuse:opencv-debuginfo
novellopensuseopencv-debugsourcep-cpe:/a:novell:opensuse:opencv-debugsource
novellopensuseopencv-develp-cpe:/a:novell:opensuse:opencv-devel
novellopensuseopencv-qt5p-cpe:/a:novell:opensuse:opencv-qt5
novellopensuseopencv-qt5-debuginfop-cpe:/a:novell:opensuse:opencv-qt5-debuginfo
Rows per page:
1-10 of 211

Related

openvas 5
osv 4
cvelist 2
cve 2
veracode 2
prion 2
debiancve 2
ubuntucve 2
github 2
nessus 6
openvas
openvas
openSUSE: Security Advisory for opencv (openSUSE-SU-2018:1265-1)
2018-05-12 00:00:00
Debian: Security Advisory (DLA-1117-1)
2018-02-06 00:00:00
openSUSE: Security Advisory for opencv (openSUSE-SU-2018:1385-1)
2018-05-24 00:00:00
osv
osv
Improper Input Validation in OpenCV
2021-10-12 22:00:31
CVE-2016-1517
2017-04-10 03:59:01
Double Free in OpenCV
2021-10-12 22:00:08
cvelist
cvelist
CVE-2016-1517
2017-04-10 03:00:00
CVE-2016-1516
2017-04-10 03:00:00
cve
cve
CVE-2016-1517
2017-04-10 03:59:01
CVE-2016-1516
2017-04-10 03:59:01
veracode
veracode
Denial Of Service (DoS) Via Image Feature Extraction
2017-04-11 01:59:44
Arbitrary Code Execution Via Double Free Buffer Overflow
2017-04-11 02:44:02
prion
prion
Design/Logic Flaw
2017-04-10 03:59:00
Double free
2017-04-10 03:59:00
debiancve
debiancve
CVE-2016-1517
2017-04-10 03:59:01
CVE-2016-1516
2017-04-10 03:59:01
ubuntucve
ubuntucve
CVE-2016-1517
2017-04-10 00:00:00
CVE-2016-1516
2017-04-10 00:00:00
github
github
Improper Input Validation in OpenCV
2021-10-12 22:00:31
Double Free in OpenCV
2021-10-12 22:00:08
nessus
nessus
RHEL 7 : opencv (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : opencv (Unpatched Vulnerability)
2024-05-11 00:00:00
Debian DLA-1117-1 : opencv security update
2017-10-02 00:00:00
JSON
Related for OPENSUSE-2018-455.NASL
openvas5osv4cvelist2cve2veracode2prion2debiancve2ubuntucve2github2nessus6