Search...

Photon OS 2.0: Libtiff PHSA-2018-2.0-0110

2019-02-07T00:00:00

ID PHOTONOS_PHSA-2018-2_0-0110_LIBTIFF.NASL
Type nessus
Reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2019-02-07T00:00:00

Description

An update of the libtiff package has been released.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#


# The descriptive text and package checks in this plugin were
# extracted from VMware Security Advisory PHSA-2018-2.0-0110. The text
# itself is copyright (C) VMware, Inc.


include('compat.inc');

if (description)
{
  script_id(122009);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2019/02/07");

  script_cve_id("CVE-2018-17100", "CVE-2018-17101");

  script_name(english:"Photon OS 2.0: Libtiff PHSA-2018-2.0-0110");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote PhotonOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"An update of the libtiff package has been released.");
  script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-2-110.md");
  script_set_attribute(attribute:"solution", value:
"Update the affected Linux packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-17100");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/11/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libtiff");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"PhotonOS Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/PhotonOS/release");
if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0");

if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);

flag = 0;

if (rpm_check(release:"PhotonOS-2.0", reference:"libtiff-4.0.9-7.ph2")) flag++;
if (rpm_check(release:"PhotonOS-2.0", reference:"libtiff-4.0.9-7.ph2")) flag++;
if (rpm_check(release:"PhotonOS-2.0", reference:"libtiff-debuginfo-4.0.9-7.ph2")) flag++;
if (rpm_check(release:"PhotonOS-2.0", reference:"libtiff-debuginfo-4.0.9-7.ph2")) flag++;
if (rpm_check(release:"PhotonOS-2.0", reference:"libtiff-devel-4.0.9-7.ph2")) flag++;
if (rpm_check(release:"PhotonOS-2.0", reference:"libtiff-devel-4.0.9-7.ph2")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtiff");
}

JSON Vulners Source

Initial Source

{"id": "PHOTONOS_PHSA-2018-2_0-0110_LIBTIFF.NASL", "bulletinFamily": "scanner", "title": "Photon OS 2.0: Libtiff PHSA-2018-2.0-0110", "description": "An update of the libtiff package has been released.", "published": "2019-02-07T00:00:00", "modified": "2019-02-07T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/122009", "reporter": "This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://github.com/vmware/photon/wiki/Security-Updates-2-110.md"], "cvelist": ["CVE-2018-17101", "CVE-2018-17100"], "type": "nessus", "lastseen": "2020-03-17T22:39:49", "edition": 8, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-17101", "CVE-2018-17100"]}, {"type": "nessus", "idList": ["FEDORA_2018-6C9873A3DF.NASL", "FEDORA_2018-48F74C8EB2.NASL", "OPENSUSE-2018-1249.NASL", "SUSE_SU-2018-3289-1.NASL", "OPENSUSE-2018-1242.NASL", "UBUNTU_USN-3864-1.NASL", "DEBIAN_DLA-1557.NASL", "SUSE_SU-2018-3327-1.NASL", "SUSE_SU-2018-3391-1.NASL", "OPENSUSE-2019-847.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852073", "OPENVAS:1361412562310875210", "OPENVAS:1361412562310876069", "OPENVAS:1361412562310876544", "OPENVAS:1361412562310891557", "OPENVAS:1361412562310843877", "OPENVAS:1361412562310851949", "OPENVAS:1361412562310876116", "OPENVAS:1361412562310875854", "OPENVAS:1361412562310875729"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4349-1:DA7EF", "DEBIAN:DLA-1557-1:89690", "DEBIAN:DSA-4670-1:61330"]}, {"type": "fedora", "idList": ["FEDORA:3007C601C842", "FEDORA:26D2F6082DAD", "FEDORA:1E6AC6079276", "FEDORA:06A6F66AC6B4", "FEDORA:B5E376050C46", "FEDORA:3617360769EA", "FEDORA:9A70A612DEE8", "FEDORA:2BC6B6076968"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3370-1", "OPENSUSE-SU-2018:3371-1"]}, {"type": "ubuntu", "idList": ["USN-3906-2", "USN-3864-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:B5D83AC354415BC5963DDEA25217434D"]}, {"type": "centos", "idList": ["CESA-2019:2053"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2053"]}, {"type": "redhat", "idList": ["RHSA-2019:2053"]}, {"type": "amazon", "idList": ["ALAS-2019-1306", "ALAS2-2019-1327"]}], "modified": "2020-03-17T22:39:49", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2020-03-17T22:39:49", "rev": 2}, "vulnersScore": 7.3}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-2.0-0110. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122009);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2019/02/07\");\n\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\");\n\n script_name(english:\"Photon OS 2.0: Libtiff PHSA-2018-2.0-0110\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libtiff package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-110.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17100\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libtiff-4.0.9-7.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libtiff-4.0.9-7.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libtiff-debuginfo-4.0.9-7.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libtiff-debuginfo-4.0.9-7.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libtiff-devel-4.0.9-7.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libtiff-devel-4.0.9-7.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "naslFamily": "PhotonOS Local Security Checks", "pluginID": "122009", "cpe": ["p-cpe:/a:vmware:photonos:libtiff", "cpe:/o:vmware:photonos:2.0"], "scheme": null, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}

{"cve": [{"lastseen": "2021-02-02T06:52:32", "description": "An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-16T21:29:00", "title": "CVE-2018-17100", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17100"], "modified": "2019-03-21T16:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:libtiff:libtiff:4.0.9", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2018-17100", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17100", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2021-02-02T06:52:32", "description": "An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-16T21:29:00", "title": "CVE-2018-17101", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17101"], "modified": "2019-03-21T16:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:libtiff:libtiff:4.0.9", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-17101", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17101", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "openvas": [{"lastseen": "2020-01-29T20:07:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18557", "CVE-2018-17101", "CVE-2018-17100"], "description": "CVE-2018-17100\nAn int32 overflow can cause a denial of service (application\ncrash) or possibly have unspecified other impact via a crafted\nimage file\n\nCVE-2018-17101\nOut-of-bounds writes can cause a denial of service (application\ncrash) or possibly have unspecified other impact via a crafted\nimage file\n\nCVE-2018-18557\nOut-of-bounds write due to ignoring buffer size can cause a denial\nof service (application crash) or possibly have unspecified other\nimpact via a crafted image file", "modified": "2020-01-29T00:00:00", "published": "2018-10-29T00:00:00", "id": "OPENVAS:1361412562310891557", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891557", "type": "openvas", "title": "Debian LTS: Security Advisory for tiff (DLA-1557-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891557\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-18557\");\n script_name(\"Debian LTS: Security Advisory for tiff (DLA-1557-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-29 00:00:00 +0100 (Mon, 29 Oct 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/10/msg00019.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"tiff on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.0.3-12.3+deb8u7.\n\nWe recommend that you upgrade your tiff packages.\");\n\n script_tag(name:\"summary\", value:\"CVE-2018-17100\nAn int32 overflow can cause a denial of service (application\ncrash) or possibly have unspecified other impact via a crafted\nimage file\n\nCVE-2018-17101\nOut-of-bounds writes can cause a denial of service (application\ncrash) or possibly have unspecified other impact via a crafted\nimage file\n\nCVE-2018-18557\nOut-of-bounds write due to ignoring buffer size can cause a denial\nof service (application crash) or possibly have unspecified other\nimpact via a crafted image file\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.3-12.3+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.3-12.3+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-12.3+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.3-12.3+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiff5-dev\", ver:\"4.0.3-12.3+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtiffxx5\", ver:\"4.0.3-12.3+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2019-6128", "CVE-2018-17101", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875729", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875729", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2019-d7b5e168d1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875729\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-6128\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:17:50 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libtiff FEDORA-2019-d7b5e168d1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-d7b5e168d1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXMZF6QHRSV4QSTQXM5RAXOWNJHAGFIW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2019-d7b5e168d1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The libtiff package contains a library of functions for manipulating\nTIFF (Tagged Image File Format) image format files. TIFF is a widely\nused file format for bitmapped images. TIFF files usually end in the\n.tif extension and they are often quite large.\n\nThe libtiff package should be installed if you need to manipulate TIFF\nformat image files.\");\n\n script_tag(name:\"affected\", value:\"'libtiff' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.10~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-10801", "CVE-2018-17101", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875854", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875854", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-6c9873a3df", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875854\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\", \"CVE-2018-10801\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:24:11 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-6c9873a3df\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-6c9873a3df\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUNXMOTNWADX7NFGOFUC6YXE3Z44Q2MY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2018-6c9873a3df advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The libtiff package contains a library of functions for manipulating\nTIFF (Tagged Image File Format) image format files. TIFF is a widely\nused file format for bitmapped images. TIFF files usually end in the\n.tif extension and they are often quite large.\n\nThe libtiff package should be installed if you need to manipulate TIFF\nformat image files.\");\n\n script_tag(name:\"affected\", value:\"'libtiff' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~13.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2019-6128", "CVE-2018-17101", "CVE-2019-7663", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876069", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2019-c83703be82", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876069\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-7663\", \"CVE-2019-6128\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:33:41 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libtiff FEDORA-2019-c83703be82\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-c83703be82\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLLVSXFUKP2QSOFI6RRTYD737HBS7UGT\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2019-c83703be82 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The libtiff package contains a library of functions for manipulating\nTIFF (Tagged Image File Format) image format files. TIFF is a widely\nused file format for bitmapped images. TIFF files usually end in the\n.tif extension and they are often quite large.\n\nThe libtiff package should be installed if you need to manipulate TIFF\nformat image files.\");\n\n script_tag(name:\"affected\", value:\"'libtiff' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.10~4.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-18557", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876116", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876116", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-bd18c784de", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876116\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\", \"CVE-2018-18661\", \"CVE-2018-18557\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:35:11 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-bd18c784de\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bd18c784de\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJE6G7D75V7XC6BH55LPFLE672LJ3FL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2018-bd18c784de advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The libtiff package contains a library of functions for manipulating\nTIFF (Tagged Image File Format) image format files. TIFF is a widely\nused file format for bitmapped images. TIFF files usually end in the\n.tif extension and they are often quite large.\n\nThe libtiff package should be installed if you need to manipulate TIFF\nformat image files.\");\n\n script_tag(name:\"affected\", value:\"'libtiff' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.10~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-05T18:45:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2019-6128", "CVE-2018-19210", "CVE-2018-17101", "CVE-2019-7663", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2019-07-04T00:00:00", "published": "2019-06-29T00:00:00", "id": "OPENVAS:1361412562310876544", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876544", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2019-70d89f8806", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876544\");\n script_version(\"2019-07-04T09:58:18+0000\");\n script_cve_id(\"CVE-2018-19210\", \"CVE-2019-7663\", \"CVE-2019-6128\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:58:18 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-29 02:21:09 +0000 (Sat, 29 Jun 2019)\");\n script_name(\"Fedora Update for libtiff FEDORA-2019-70d89f8806\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-70d89f8806\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C6IL2QFKE6MGVUTOPU2UUWITTE36KRDF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the FEDORA-2019-70d89f8806 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The libtiff package contains a library of functions for manipulating\nTIFF (Tagged Image File Format) image format files. TIFF is a widely\nused file format for bitmapped images. TIFF files usually end in the\n.tif extension and they are often quite large.\n\nThe libtiff package should be installed if you need to manipulate TIFF\nformat image files.\");\n\n script_tag(name:\"affected\", value:\"'libtiff' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.10~5.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-17795", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310852073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852073", "type": "openvas", "title": "openSUSE: Security Advisory for tiff (openSUSE-SU-2018:3370-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852073\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10779\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\", \"CVE-2017-9935\", \"CVE-2018-15209\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:41:45 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for tiff (openSUSE-SU-2018:3370-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3370-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00055.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the openSUSE-SU-2018:3370-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tiff fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based buffer\n over-read, as demonstrated by bmp2tiff.(bsc#1092480)\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms in\n tools/ppm2tiff.c, which can cause a denial of service (crash) or\n possibly have unspecified other impact via a crafted image file.\n (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in cpTags in\n tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service\n (application crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote\n attackers to cause a denial of service (heap-based buffer overflow and\n application crash) or possibly have unspecified other impact via a\n crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as demonstrated by\n tiff2pdf. This is a different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1242=1\");\n\n script_tag(name:\"affected\", value:\"tiff on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5\", rpm:\"libtiff5~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-debuginfo\", rpm:\"libtiff5-debuginfo~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debuginfo\", rpm:\"tiff-debuginfo~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debugsource\", rpm:\"tiff-debugsource~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel-32bit\", rpm:\"libtiff-devel-32bit~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-32bit\", rpm:\"libtiff5-32bit~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-32bit-debuginfo\", rpm:\"libtiff5-32bit-debuginfo~4.0.9~lp150.4.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-17100", "CVE-2018-7456"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2019-01-23T00:00:00", "id": "OPENVAS:1361412562310843877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843877", "type": "openvas", "title": "Ubuntu Update for tiff USN-3864-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3864_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for tiff USN-3864-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843877\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-10963\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-18557\",\n \"CVE-2018-18661\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-23 04:01:44 +0100 (Wed, 23 Jan 2019)\");\n script_name(\"Ubuntu Update for tiff USN-3864-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3864-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3864-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the USN-3864-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that LibTIFF incorrectly handled\ncertain malformed images. If a user or automated system were tricked into opening a specially\ncrafted image, a remote attacker could crash the application, leading to a\ndenial of service, or possibly execute arbitrary code with user privileges.\");\n\n script_tag(name:\"affected\", value:\"tiff on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-7ubuntu0.10\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.3-7ubuntu0.10\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.9-5ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.9-5ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.9-6ubuntu0.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.9-6ubuntu0.1\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.6-1ubuntu0.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.6-1ubuntu0.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-17795", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-10-25T00:00:00", "id": "OPENVAS:1361412562310851949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851949", "type": "openvas", "title": "openSUSE: Security Advisory for tiff (openSUSE-SU-2018:3371-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851949\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-25 06:01:19 +0200 (Thu, 25 Oct 2018)\");\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\", \"CVE-2018-15209\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for tiff (openSUSE-SU-2018:3371-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tiff fixes the following issues:\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms in\n tools/ppm2tiff.c, which can cause a denial of service (crash) or\n possibly have unspecified other impact via a crafted image file.\n (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in cpTags in\n tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service\n (application crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote\n attackers to cause a denial of service (heap-based buffer overflow and\n application crash) or possibly have unspecified other impact via a\n crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as demonstrated by\n tiff2pdf. This is a different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1249=1\");\n\n script_tag(name:\"affected\", value:\"tiff on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3371-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00056.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5\", rpm:\"libtiff5~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-debuginfo\", rpm:\"libtiff5-debuginfo~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debuginfo\", rpm:\"tiff-debuginfo~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tiff-debugsource\", rpm:\"tiff-debugsource~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff-devel-32bit\", rpm:\"libtiff-devel-32bit~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-32bit\", rpm:\"libtiff5-32bit~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtiff5-debuginfo-32bit\", rpm:\"libtiff5-debuginfo-32bit~4.0.9~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-8905", "CVE-2018-10801", "CVE-2017-11613", "CVE-2017-18013", "CVE-2018-17101", "CVE-2017-9935", "CVE-2018-17100", "CVE-2018-7456"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-10-21T00:00:00", "id": "OPENVAS:1361412562310875210", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875210", "type": "openvas", "title": "Fedora Update for libtiff FEDORA-2018-48f74c8eb2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_48f74c8eb2_libtiff_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libtiff FEDORA-2018-48f74c8eb2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875210\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-21 07:14:48 +0200 (Sun, 21 Oct 2018)\");\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-10779\", \"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2017-18013\", \"CVE-2018-8905\", \"CVE-2018-10963\", \"CVE-2018-7456\", \"CVE-2018-10801\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2018-48f74c8eb2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-48f74c8eb2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSN4NENO2DCHWI4RVVT62RFJIFGE7V2X\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.9~13.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T00:56:27", "bulletinFamily": "unix", "cvelist": ["CVE-2018-18557", "CVE-2018-17101", "CVE-2018-17100"], "description": "Package : tiff\nVersion : 4.0.3-12.3+deb8u7\nCVE ID : CVE-2018-17100 CVE-2018-17101 CVE-2018-18557\n\n\nCVE-2018-17100\n An int32 overflow can cause a denial of service (application\n crash) or possibly have unspecified other impact via a crafted\n image file\n\nCVE-2018-17101\n Out-of-bounds writes can cause a denial of service (application\n crash) or possibly have unspecified other impact via a crafted\n image file\n\nCVE-2018-18557\n Out-of-bounds write due to ignoring buffer size can cause a denial\n of service (application crash) or possibly have unspecified other\n impact via a crafted image file\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n4.0.3-12.3+deb8u7.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 9, "modified": "2018-10-28T13:20:28", "published": "2018-10-28T13:20:28", "id": "DEBIAN:DLA-1557-1:89690", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201810/msg00019.html", "title": "[SECURITY] [DLA 1557-1] tiff security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:59:53", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14973", "CVE-2018-17000", "CVE-2018-19210", "CVE-2019-7663", "CVE-2018-12900", "CVE-2018-17100", "CVE-2019-17546"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4670-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 29, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tiff\nCVE ID : CVE-2018-12900 CVE-2018-17000 CVE-2018-17100 CVE-2018-19210\n CVE-2019-7663 CVE-2019-14973 CVE-2019-17546\nDebian Bug : 902718 908778 909038 913675 934780\n\nSeveral vulnerabilities have been found in the TIFF library, which may\nresult in denial of service or the execution of arbitrary code if\nmalformed image files are processed.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 4.0.8-2+deb9u5.\n\nWe recommend that you upgrade your tiff packages.\n\nFor the detailed security status of tiff please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/tiff\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 6, "modified": "2020-04-29T21:12:56", "published": "2020-04-29T21:12:56", "id": "DEBIAN:DSA-4670-1:61330", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00073.html", "title": "[SECURITY] [DSA 4670-1] tiff security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:51:51", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2017-17095", "CVE-2018-8905", "CVE-2018-5784", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2018-7456"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4349-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 30, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tiff\nCVE ID : CVE-2017-11613 CVE-2017-17095 CVE-2018-5784\n CVE-2018-7456 CVE-2018-8905 CVE-2018-10963\n\t\t CVE-2018-17101 CVE-2018-18557 CVE-2018-15209\n\t\t CVE-2018-16335\n\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service or the\nexecution of arbitrary code if malformed image files are processed.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.0.8-2+deb9u4.\n\nWe recommend that you upgrade your tiff packages.\n\nFor the detailed security status of tiff please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/tiff\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2018-11-30T22:42:09", "published": "2018-11-30T22:42:09", "id": "DEBIAN:DSA-4349-1:DA7EF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00281.html", "title": "[SECURITY] [DSA 4349-1] tiff security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:18:44", "description": "Fix for **CVE-2018-17100** and **CVE-2018-17101**.\n\n----\n\nFix for **CVE-2018-10779**.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 29 : libtiff (2018-6c9873a3df)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-17101", "CVE-2018-17100"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libtiff", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-6C9873A3DF.NASL", "href": "https://www.tenable.com/plugins/nessus/120507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-6c9873a3df.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120507);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10779\", \"CVE-2018-17100\", \"CVE-2018-17101\");\n script_xref(name:\"FEDORA\", value:\"2018-6c9873a3df\");\n\n script_name(english:\"Fedora 29 : libtiff (2018-6c9873a3df)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for **CVE-2018-17100** and **CVE-2018-17101**.\n\n----\n\nFix for **CVE-2018-10779**.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-6c9873a3df\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"libtiff-4.0.9-13.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:39:58", "description": "CVE-2018-17100 An int32 overflow can cause a denial of service\n(application crash) or possibly have unspecified other impact via a\ncrafted image file\n\nCVE-2018-17101 Out-of-bounds writes can cause a denial of service\n(application crash) or possibly have unspecified other impact via a\ncrafted image file\n\nCVE-2018-18557 Out-of-bounds write due to ignoring buffer size can\ncause a denial of service (application crash) or possibly have\nunspecified other impact via a crafted image file\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.0.3-12.3+deb8u7.\n\nWe recommend that you upgrade your tiff packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 20, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-29T00:00:00", "title": "Debian DLA-1557-1 : tiff security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18557", "CVE-2018-17101", "CVE-2018-17100"], "modified": "2018-10-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libtiff5-dev", "p-cpe:/a:debian:debian_linux:libtiff5", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libtiffxx5", "p-cpe:/a:debian:debian_linux:libtiff-doc", "p-cpe:/a:debian:debian_linux:libtiff-tools", "p-cpe:/a:debian:debian_linux:libtiff-opengl"], "id": "DEBIAN_DLA-1557.NASL", "href": "https://www.tenable.com/plugins/nessus/118470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1557-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118470);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-18557\");\n\n script_name(english:\"Debian DLA-1557-1 : tiff security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2018-17100 An int32 overflow can cause a denial of service\n(application crash) or possibly have unspecified other impact via a\ncrafted image file\n\nCVE-2018-17101 Out-of-bounds writes can cause a denial of service\n(application crash) or possibly have unspecified other impact via a\ncrafted image file\n\nCVE-2018-18557 Out-of-bounds write due to ignoring buffer size can\ncause a denial of service (application crash) or possibly have\nunspecified other impact via a crafted image file\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.0.3-12.3+deb8u7.\n\nWe recommend that you upgrade your tiff packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/10/msg00019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tiff\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiffxx5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-doc\", reference:\"4.0.3-12.3+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-opengl\", reference:\"4.0.3-12.3+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-tools\", reference:\"4.0.3-12.3+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff5\", reference:\"4.0.3-12.3+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff5-dev\", reference:\"4.0.3-12.3+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiffxx5\", reference:\"4.0.3-12.3+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:17:24", "description": "Fix for **CVE-2018-17100** and **CVE-2018-17101**.\n\n----\n\nFix for **CVE-2018-10779**.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : libtiff (2018-48f74c8eb2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-17101", "CVE-2018-17100"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libtiff", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-48F74C8EB2.NASL", "href": "https://www.tenable.com/plugins/nessus/120389", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-48f74c8eb2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120389);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10779\", \"CVE-2018-17100\", \"CVE-2018-17101\");\n script_xref(name:\"FEDORA\", value:\"2018-48f74c8eb2\");\n\n script_name(english:\"Fedora 28 : libtiff (2018-48f74c8eb2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for **CVE-2018-17100** and **CVE-2018-17101**.\n\n----\n\nFix for **CVE-2018-10779**.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-48f74c8eb2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"libtiff-4.0.9-13.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:15:53", "description": "This update for tiff fixes the following issues :\n\nCVE-2018-17100: There is a int32 overflow in multiply_ms in\ntools/ppm2tiff.c, which can cause a denial of service (crash) or\npossibly have unspecified other impact via a crafted image file.\n(bsc#1108637)\n\nCVE-2018-17101: There are two out-of-bounds writes in cpTags in\ntools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia a crafted image file. (bsc#1108627)\n\nCVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed\nremote attackers to cause a denial of service (heap-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted TIFF file, a similar issue to CVE-2017-9935.\n(bsc#1110358)\n\nCVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip\nin tif_dirread.c allowed remote attackers to cause a denial of service\n(heap-based buffer overflow and application crash) or possibly have\nunspecified other impact via a crafted TIFF file, as demonstrated by\ntiff2pdf. This is a different vulnerability than CVE-2018-15209.\n(bsc#1106853)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-23T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2018:3289-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-17795", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "modified": "2018-10-23T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libtiff5", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:tiff-debugsource", "p-cpe:/a:novell:suse_linux:tiff", "p-cpe:/a:novell:suse_linux:libtiff5-debuginfo", "p-cpe:/a:novell:suse_linux:tiff-debuginfo"], "id": "SUSE_SU-2018-3289-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118321", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3289-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118321);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2018:3289-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for tiff fixes the following issues :\n\nCVE-2018-17100: There is a int32 overflow in multiply_ms in\ntools/ppm2tiff.c, which can cause a denial of service (crash) or\npossibly have unspecified other impact via a crafted image file.\n(bsc#1108637)\n\nCVE-2018-17101: There are two out-of-bounds writes in cpTags in\ntools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia a crafted image file. (bsc#1108627)\n\nCVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed\nremote attackers to cause a denial of service (heap-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted TIFF file, a similar issue to CVE-2017-9935.\n(bsc#1110358)\n\nCVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip\nin tif_dirread.c allowed remote attackers to cause a denial of service\n(heap-based buffer overflow and application crash) or possibly have\nunspecified other impact via a crafted TIFF file, as demonstrated by\ntiff2pdf. This is a different vulnerability than CVE-2018-15209.\n(bsc#1106853)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11613/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16335/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17100/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17795/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183289-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7a27ab1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2375=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2375=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2375=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtiff5-32bit-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtiff5-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtiff5-debuginfo-32bit-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libtiff5-debuginfo-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tiff-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tiff-debuginfo-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tiff-debugsource-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtiff5-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"tiff-debuginfo-4.0.9-44.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"tiff-debugsource-4.0.9-44.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:34:25", "description": "This update for tiff fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a\n heap-based buffer over-read, as demonstrated by\n bmp2tiff.(bsc#1092480)\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms\n in tools/ppm2tiff.c, which can cause a denial of service\n (crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in\n cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c\n allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, a similar issue to CVE-2017-9935.\n (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in\n ChopUpSingleUncompressedStrip in tif_dirread.c allowed\n remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, as demonstrated by tiff2pdf. This is a\n different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 14, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-25T00:00:00", "title": "openSUSE Security Update : tiff (openSUSE-2018-1242)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-17795", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "modified": "2018-10-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tiff", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:tiff-debugsource", "p-cpe:/a:novell:opensuse:libtiff5-32bit", "p-cpe:/a:novell:opensuse:tiff-debuginfo", "p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff5-debuginfo", "p-cpe:/a:novell:opensuse:libtiff5", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo"], "id": "OPENSUSE-2018-1242.NASL", "href": "https://www.tenable.com/plugins/nessus/118378", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1242.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118378);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-9935\", \"CVE-2018-10779\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\");\n\n script_name(english:\"openSUSE Security Update : tiff (openSUSE-2018-1242)\");\n script_summary(english:\"Check for the openSUSE-2018-1242 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a\n heap-based buffer over-read, as demonstrated by\n bmp2tiff.(bsc#1092480)\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms\n in tools/ppm2tiff.c, which can cause a denial of service\n (crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in\n cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c\n allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, a similar issue to CVE-2017-9935.\n (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in\n ChopUpSingleUncompressedStrip in tif_dirread.c allowed\n remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, as demonstrated by tiff2pdf. This is a\n different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1092480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110358\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff-devel-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-debuginfo-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debuginfo-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debugsource-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-lp150.4.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-devel / libtiff5 / libtiff5-debuginfo / tiff / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:54:13", "description": "This update for tiff fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a\n heap-based buffer over-read, as demonstrated by\n bmp2tiff.(bsc#1092480)\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms\n in tools/ppm2tiff.c, which can cause a denial of service\n (crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in\n cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c\n allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, a similar issue to CVE-2017-9935.\n (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in\n ChopUpSingleUncompressedStrip in tif_dirread.c allowed\n remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, as demonstrated by tiff2pdf. This is a\n different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-27T00:00:00", "title": "openSUSE Security Update : tiff (openSUSE-2019-847)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-17795", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "modified": "2019-03-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tiff", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:tiff-debugsource", "p-cpe:/a:novell:opensuse:libtiff5-32bit", "p-cpe:/a:novell:opensuse:tiff-debuginfo", "p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff5-debuginfo", "p-cpe:/a:novell:opensuse:libtiff5", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo"], "id": "OPENSUSE-2019-847.NASL", "href": "https://www.tenable.com/plugins/nessus/123354", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-847.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123354);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-9935\", \"CVE-2018-10779\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\");\n\n script_name(english:\"openSUSE Security Update : tiff (openSUSE-2019-847)\");\n script_summary(english:\"Check for the openSUSE-2019-847 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a\n heap-based buffer over-read, as demonstrated by\n bmp2tiff.(bsc#1092480)\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms\n in tools/ppm2tiff.c, which can cause a denial of service\n (crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in\n cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c\n allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, a similar issue to CVE-2017-9935.\n (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in\n ChopUpSingleUncompressedStrip in tif_dirread.c allowed\n remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, as demonstrated by tiff2pdf. This is a\n different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1092480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110358\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff-devel-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libtiff5-debuginfo-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debuginfo-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tiff-debugsource-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-lp150.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-lp150.4.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-devel-32bit / libtiff-devel / libtiff5-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:56:37", "description": "This update for tiff fixes the following issues :\n\nCVE-2018-17100: There is a int32 overflow in multiply_ms in\ntools/ppm2tiff.c, which can cause a denial of service (crash) or\npossibly have unspecified other impact via a crafted image file.\n(bsc#1108637)\n\nCVE-2018-17101: There are two out-of-bounds writes in cpTags in\ntools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia a crafted image file. (bsc#1108627)\n\nCVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed\nremote attackers to cause a denial of service (heap-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted TIFF file, a similar issue to CVE-2017-9935.\n(bsc#1110358)\n\nCVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip\nin tif_dirread.c allowed remote attackers to cause a denial of service\n(heap-based buffer overflow and application crash) or possibly have\nunspecified other impact via a crafted TIFF file, as demonstrated by\ntiff2pdf. This is a different vulnerability than CVE-2018-15209.\n(bsc#1106853)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-25T00:00:00", "title": "SUSE SLES11 Security Update : tiff (SUSE-SU-2018:3391-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-17795", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "modified": "2018-10-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libtiff3", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:tiff"], "id": "SUSE_SU-2018-3391-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118391", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3391-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118391);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\");\n\n script_name(english:\"SUSE SLES11 Security Update : tiff (SUSE-SU-2018:3391-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues :\n\nCVE-2018-17100: There is a int32 overflow in multiply_ms in\ntools/ppm2tiff.c, which can cause a denial of service (crash) or\npossibly have unspecified other impact via a crafted image file.\n(bsc#1108637)\n\nCVE-2018-17101: There are two out-of-bounds writes in cpTags in\ntools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia a crafted image file. (bsc#1108627)\n\nCVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed\nremote attackers to cause a denial of service (heap-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted TIFF file, a similar issue to CVE-2017-9935.\n(bsc#1110358)\n\nCVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip\nin tif_dirread.c allowed remote attackers to cause a denial of service\n(heap-based buffer overflow and application crash) or possibly have\nunspecified other impact via a crafted TIFF file, as demonstrated by\ntiff2pdf. This is a different vulnerability than CVE-2018-15209.\n(bsc#1106853)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11613/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16335/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17100/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17795/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183391-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?345338b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-tiff-13834=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-tiff-13834=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-tiff-13834=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libtiff3-32bit-3.8.2-141.169.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libtiff3-32bit-3.8.2-141.169.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libtiff3-3.8.2-141.169.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"tiff-3.8.2-141.169.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:15:54", "description": "This update for tiff fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based\nbuffer over-read, as demonstrated by bmp2tiff.(bsc#1092480)\n\nCVE-2018-17100: There is a int32 overflow in multiply_ms in\ntools/ppm2tiff.c, which can cause a denial of service (crash) or\npossibly have unspecified other impact via a crafted image file.\n(bsc#1108637)\n\nCVE-2018-17101: There are two out-of-bounds writes in cpTags in\ntools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia a crafted image file. (bsc#1108627)\n\nCVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed\nremote attackers to cause a denial of service (heap-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted TIFF file, a similar issue to CVE-2017-9935.\n(bsc#1110358)\n\nCVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip\nin tif_dirread.c allowed remote attackers to cause a denial of service\n(heap-based buffer overflow and application crash) or possibly have\nunspecified other impact via a crafted TIFF file, as demonstrated by\ntiff2pdf. This is a different vulnerability than CVE-2018-15209.\n(bsc#1106853)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2018:3327-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10779", "CVE-2018-17795", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libtiff5", "p-cpe:/a:novell:suse_linux:libtiff5-32bit-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:tiff-debugsource", "p-cpe:/a:novell:suse_linux:libtiff-devel", "p-cpe:/a:novell:suse_linux:libtiff5-debuginfo", "p-cpe:/a:novell:suse_linux:tiff-debuginfo"], "id": "SUSE_SU-2018-3327-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120140", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3327-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120140);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-9935\", \"CVE-2018-10779\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2018:3327-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for tiff fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based\nbuffer over-read, as demonstrated by bmp2tiff.(bsc#1092480)\n\nCVE-2018-17100: There is a int32 overflow in multiply_ms in\ntools/ppm2tiff.c, which can cause a denial of service (crash) or\npossibly have unspecified other impact via a crafted image file.\n(bsc#1108637)\n\nCVE-2018-17101: There are two out-of-bounds writes in cpTags in\ntools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia a crafted image file. (bsc#1108627)\n\nCVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed\nremote attackers to cause a denial of service (heap-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted TIFF file, a similar issue to CVE-2017-9935.\n(bsc#1110358)\n\nCVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip\nin tif_dirread.c allowed remote attackers to cause a denial of service\n(heap-based buffer overflow and application crash) or possibly have\nunspecified other impact via a crafted TIFF file, as demonstrated by\ntiff2pdf. This is a different vulnerability than CVE-2018-15209.\n(bsc#1106853)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10779/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16335/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17100/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17795/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183327-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?48b8457f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2018-2392=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2392=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtiff-devel-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtiff5-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libtiff5-debuginfo-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tiff-debuginfo-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tiff-debugsource-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libtiff5-32bit-debuginfo-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtiff-devel-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtiff5-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libtiff5-debuginfo-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tiff-debuginfo-4.0.9-5.14.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tiff-debugsource-4.0.9-5.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:34:27", "description": "This update for tiff fixes the following issues :\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms\n in tools/ppm2tiff.c, which can cause a denial of service\n (crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in\n cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c\n allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, a similar issue to CVE-2017-9935.\n (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in\n ChopUpSingleUncompressedStrip in tif_dirread.c allowed\n remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, as demonstrated by tiff2pdf. This is a\n different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "edition": 14, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-25T00:00:00", "title": "openSUSE Security Update : tiff (openSUSE-2018-1249)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-17795", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "modified": "2018-10-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtiff5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:tiff", "p-cpe:/a:novell:opensuse:tiff-debugsource", "p-cpe:/a:novell:opensuse:libtiff5-32bit", "p-cpe:/a:novell:opensuse:tiff-debuginfo", "p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff5-debuginfo", "p-cpe:/a:novell:opensuse:libtiff5", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit"], "id": "OPENSUSE-2018-1249.NASL", "href": "https://www.tenable.com/plugins/nessus/118384", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1249.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118384);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11613\", \"CVE-2017-9935\", \"CVE-2018-15209\", \"CVE-2018-16335\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-17795\");\n\n script_name(english:\"openSUSE Security Update : tiff (openSUSE-2018-1249)\");\n script_summary(english:\"Check for the openSUSE-2018-1249 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues :\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms\n in tools/ppm2tiff.c, which can cause a denial of service\n (crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108637)\n\n - CVE-2018-17101: There are two out-of-bounds writes in\n cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image file. (bsc#1108627)\n\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c\n allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, a similar issue to CVE-2017-9935.\n (bsc#1110358)\n\n - CVE-2018-16335: newoffsets handling in\n ChopUpSingleUncompressedStrip in tif_dirread.c allowed\n remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or\n possibly have unspecified other impact via a crafted\n TIFF file, as demonstrated by tiff2pdf. This is a\n different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110358\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libtiff-devel-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libtiff5-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libtiff5-debuginfo-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"tiff-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"tiff-debuginfo-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"tiff-debugsource-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.9-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.9-37.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-devel-32bit / libtiff-devel / libtiff5-32bit / libtiff5 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T10:57:59", "description": "It was discovered that LibTIFF incorrectly handled certain malformed\nimages. If a user or automated system were tricked into opening a\nspecially crafted image, a remote attacker could crash the\napplication, leading to a denial of service, or possibly execute\narbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-23T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : LibTIFF vulnerabilities (USN-3864-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-17100", "CVE-2018-7456"], "modified": "2019-01-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libtiff-tools", "p-cpe:/a:canonical:ubuntu_linux:libtiff5", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3864-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121329", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3864-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121329);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-10963\", \"CVE-2018-17100\", \"CVE-2018-17101\", \"CVE-2018-18557\", \"CVE-2018-18661\", \"CVE-2018-7456\", \"CVE-2018-8905\");\n script_xref(name:\"USN\", value:\"3864-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : LibTIFF vulnerabilities (USN-3864-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that LibTIFF incorrectly handled certain malformed\nimages. If a user or automated system were tricked into opening a\nspecially crafted image, a remote attacker could crash the\napplication, leading to a denial of service, or possibly execute\narbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3864-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libtiff-tools and / or libtiff5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libtiff-tools\", pkgver:\"4.0.3-7ubuntu0.10\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libtiff5\", pkgver:\"4.0.3-7ubuntu0.10\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libtiff-tools\", pkgver:\"4.0.6-1ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libtiff5\", pkgver:\"4.0.6-1ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libtiff-tools\", pkgver:\"4.0.9-5ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libtiff5\", pkgver:\"4.0.9-5ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libtiff-tools\", pkgver:\"4.0.9-6ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libtiff5\", pkgver:\"4.0.9-6ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-tools / libtiff5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-10801", "CVE-2018-17100", "CVE-2018-17101"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2018-10-30T17:45:26", "published": "2018-10-30T17:45:26", "id": "FEDORA:06A6F66AC6B4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libtiff-4.0.9-13.fc29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-17100", "CVE-2018-17101", "CVE-2019-6128"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2019-02-09T02:17:25", "published": "2019-02-09T02:17:25", "id": "FEDORA:B5E376050C46", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libtiff-4.0.10-2.fc29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-17100", "CVE-2018-17101", "CVE-2019-6128", "CVE-2019-7663"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2019-02-19T14:04:47", "published": "2019-02-19T14:04:47", "id": "FEDORA:3007C601C842", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libtiff-4.0.10-4.fc29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-17100", "CVE-2018-17101", "CVE-2018-18557", "CVE-2018-18661"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2018-11-24T02:29:50", "published": "2018-11-24T02:29:50", "id": "FEDORA:1E6AC6079276", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libtiff-4.0.10-1.fc29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-17100", "CVE-2018-17101", "CVE-2018-19210", "CVE-2019-6128", "CVE-2019-7663"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2019-06-28T22:09:22", "published": "2019-06-28T22:09:22", "id": "FEDORA:26D2F6082DAD", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libtiff-4.0.10-5.fc29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2017-11613", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-10779", "CVE-2018-10801", "CVE-2018-10963", "CVE-2018-17100", "CVE-2018-17101", "CVE-2018-7456", "CVE-2018-8905"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2018-10-19T16:09:18", "published": "2018-10-19T16:09:18", "id": "FEDORA:9A70A612DEE8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: libtiff-4.0.9-13.fc28", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2017-11613", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-10779", "CVE-2018-10963", "CVE-2018-17100", "CVE-2018-17101", "CVE-2018-18557", "CVE-2018-18661", "CVE-2018-7456", "CVE-2018-8905"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2018-11-24T01:56:56", "published": "2018-11-24T01:56:56", "id": "FEDORA:2BC6B6076968", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: libtiff-4.0.10-1.fc28", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2017-11613", "CVE-2017-18013", "CVE-2017-9935", "CVE-2018-10779", "CVE-2018-10963", "CVE-2018-17100", "CVE-2018-17101", "CVE-2018-18557", "CVE-2018-18661", "CVE-2018-5784", "CVE-2018-7456", "CVE-2018-8905"], "description": "The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. ", "modified": "2018-11-24T03:21:12", "published": "2018-11-24T03:21:12", "id": "FEDORA:3617360769EA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: libtiff-4.0.10-1.fc27", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2018-10-24T16:31:11", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-17795", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "description": "This update for tiff fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based buffer\n over-read, as demonstrated by bmp2tiff.(bsc#1092480)\n - CVE-2018-17100: There is a int32 overflow in multiply_ms in\n tools/ppm2tiff.c, which can cause a denial of service (crash) or\n possibly have unspecified other impact via a crafted image file.\n (bsc#1108637)\n - CVE-2018-17101: There are two out-of-bounds writes in cpTags in\n tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service\n (application crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108627)\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote\n attackers to cause a denial of service (heap-based buffer overflow and\n application crash) or possibly have unspecified other impact via a\n crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)\n - CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as demonstrated by\n tiff2pdf. This is a different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2018-10-24T15:09:18", "published": "2018-10-24T15:09:18", "id": "OPENSUSE-SU-2018:3370-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00055.html", "title": "Security update for tiff (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-24T16:31:11", "bulletinFamily": "unix", "cvelist": ["CVE-2018-17795", "CVE-2017-11613", "CVE-2018-17101", "CVE-2018-15209", "CVE-2018-16335", "CVE-2017-9935", "CVE-2018-17100"], "description": "This update for tiff fixes the following issues:\n\n - CVE-2018-17100: There is a int32 overflow in multiply_ms in\n tools/ppm2tiff.c, which can cause a denial of service (crash) or\n possibly have unspecified other impact via a crafted image file.\n (bsc#1108637)\n - CVE-2018-17101: There are two out-of-bounds writes in cpTags in\n tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service\n (application crash) or possibly have unspecified other impact via a\n crafted image file. (bsc#1108627)\n - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote\n attackers to cause a denial of service (heap-based buffer overflow and\n application crash) or possibly have unspecified other impact via a\n crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)\n - CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in\n tif_dirread.c allowed remote attackers to cause a denial of service\n (heap-based buffer overflow and application crash) or possibly have\n unspecified other impact via a crafted TIFF file, as demonstrated by\n tiff2pdf. This is a different vulnerability than CVE-2018-15209.\n (bsc#1106853)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "edition": 1, "modified": "2018-10-24T15:10:10", "published": "2018-10-24T15:10:10", "id": "OPENSUSE-SU-2018:3371-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00056.html", "title": "Security update for tiff (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:32", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-17100", "CVE-2018-7456"], "description": "It was discovered that LibTIFF incorrectly handled certain malformed \nimages. If a user or automated system were tricked into opening a specially \ncrafted image, a remote attacker could crash the application, leading to a \ndenial of service, or possibly execute arbitrary code with user privileges.", "edition": 3, "modified": "2019-01-22T00:00:00", "published": "2019-01-22T00:00:00", "id": "USN-3864-1", "href": "https://ubuntu.com/security/notices/USN-3864-1", "title": "LibTIFF vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-02T11:34:23", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-18557", "CVE-2019-6128", "CVE-2018-17101", "CVE-2019-7663", "CVE-2018-1710", "CVE-2018-12900", "CVE-2018-17100"], "description": "USN-3906-1 and USN-3864-1 fixed several vulnerabilities in LibTIFF. This update \nprovides the corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nIt was discovered that LibTIFF incorrectly handled certain malformed \nimages. If a user or automated system were tricked into opening a specially \ncrafted image, a remote attacker could crash the application, leading to a \ndenial of service, or possibly execute arbitrary code with user privileges.", "edition": 10, "modified": "2019-03-18T00:00:00", "published": "2019-03-18T00:00:00", "id": "USN-3906-2", "href": "https://ubuntu.com/security/notices/USN-3906-2", "title": "LibTIFF vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:59", "bulletinFamily": "software", "cvelist": ["CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-17100", "CVE-2018-7456"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 18.04\n\n# Description\n\nIt was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.\n\nCVEs contained in this USN include: CVE-2018-10963, CVE-2018-17100, CVE-2018-17101, CVE-2018-18557, CVE-2018-18661, CVE-2018-7456, CVE-2018-8905\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.260.0\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.51.0\n\n# Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.260.0 or later.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.51.0 or later.\n\n# References\n\n * [USN-3864-1](<https://usn.ubuntu.com/3864-1>)\n * [CVE-2018-10963](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10963>)\n * [CVE-2018-17100](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17100>)\n * [CVE-2018-17101](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17101>)\n * [CVE-2018-18557](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18557>)\n * [CVE-2018-18661](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18661>)\n * [CVE-2018-7456](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7456>)\n * [CVE-2018-8905](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8905>)\n", "edition": 2, "modified": "2019-01-24T00:00:00", "published": "2019-01-24T00:00:00", "id": "CFOUNDRY:B5D83AC354415BC5963DDEA25217434D", "href": "https://www.cloudfoundry.org/blog/usn-3864-1/", "title": "USN-3864-1: LibTIFF vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-08-14T08:35:30", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2016-3186", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-12900", "CVE-2018-17100", "CVE-2018-7456"], "description": "[4.0.3-32]\n- Fix one more Covscan defect\n- Related: #1647965\n[4.0.3-31]\n- Fix processing of RAS files without colormap\n- Related: #1647965\n[4.0.3-30]\n- Fix various Covscan defects\n- Related: #1647965\n[4.0.3-29]\n- Fix compiler warning introduced by patch for CVE-2018-18661\n- Related: #1647965\n[4.0.3-28]\n- Fix CVE-2016-3186\n- Resolves: #1319503\n- Fix CVE-2018-7456\n- Resolves: #1561318\n- Fix CVE-2018-8905\n- Resolves: #1574548\n- Fix CVE-2018-10779\n- Resolves: #1598503\n- Fix CVE-2018-10963\n- Resolves: #1598726\n- Fix CVE-2018-12900\n- Resolves: #1600430\n- Fix CVE-2018-17100\n- Resolves: #1632578\n- Fix CVE-2018-17101\n- Resolves: #1632579\n- Fix CVE-2018-18557\n- Resolves: #1647737\n- Fix CVE-2018-18661\n- Resolves: #1647965", "edition": 1, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "ELSA-2019-2053", "href": "http://linux.oracle.com/errata/ELSA-2019-2053.html", "title": "libtiff security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-15T00:45:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-3186", "CVE-2018-10779", "CVE-2018-10963", "CVE-2018-12900", "CVE-2018-17100", "CVE-2018-17101", "CVE-2018-18557", "CVE-2018-18661", "CVE-2018-7456", "CVE-2018-8905"], "description": "The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.\n\nSecurity Fix(es):\n\n* libtiff: buffer overflow in gif2tiff (CVE-2016-3186)\n\n* libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution (CVE-2018-12900)\n\n* libtiff: Out-of-bounds write in tif_jbig.c (CVE-2018-18557)\n\n* libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service (CVE-2018-7456)\n\n* libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service (CVE-2018-8905)\n\n* libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c (CVE-2018-10779)\n\n* libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c (CVE-2018-10963)\n\n* libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c (CVE-2018-17100)\n\n* libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c (CVE-2018-17101)\n\n* libtiff: tiff2bw tool failed memory allocation leads to crash (CVE-2018-18661)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "modified": "2019-08-06T13:43:00", "published": "2019-08-06T11:56:00", "id": "RHSA-2019:2053", "href": "https://access.redhat.com/errata/RHSA-2019:2053", "type": "redhat", "title": "(RHSA-2019:2053) Moderate: libtiff security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:26:29", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2016-3186", "CVE-2018-17101", "CVE-2018-18661", "CVE-2018-12900", "CVE-2018-17100", "CVE-2018-7456"], "description": "**CentOS Errata and Security Advisory** CESA-2019:2053\n\n\nThe libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.\n\nSecurity Fix(es):\n\n* libtiff: buffer overflow in gif2tiff (CVE-2016-3186)\n\n* libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution (CVE-2018-12900)\n\n* libtiff: Out-of-bounds write in tif_jbig.c (CVE-2018-18557)\n\n* libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service (CVE-2018-7456)\n\n* libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service (CVE-2018-8905)\n\n* libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c (CVE-2018-10779)\n\n* libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c (CVE-2018-10963)\n\n* libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c (CVE-2018-17100)\n\n* libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c (CVE-2018-17101)\n\n* libtiff: tiff2bw tool failed memory allocation leads to crash (CVE-2018-18661)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2019-August/005970.html\n\n**Affected packages:**\nlibtiff\nlibtiff-devel\nlibtiff-static\nlibtiff-tools\n\n**Upstream details at:**\n", "edition": 2, "modified": "2019-08-30T03:31:24", "published": "2019-08-30T03:31:24", "id": "CESA-2019:2053", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2019-August/005970.html", "title": "libtiff security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2017-18013", "CVE-2016-3186", "CVE-2018-17101", "CVE-2018-18661", "CVE-2017-13726", "CVE-2018-12900", "CVE-2018-17100", "CVE-2018-7456"], "description": "**Issue Overview:**\n\nBuffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.([CVE-2016-3186 __](<https://access.redhat.com/security/cve/CVE-2016-3186>))\n\nAn integer overflow has been discovered in libtiff in TIFFSetupStrips:tif_write.c, which could lead to a heap-based buffer overflow in TIFFWriteScanline:tif_write.c. An attacker may use this vulnerability to corrupt memory or cause Denial of Service.([CVE-2018-10779 __](<https://access.redhat.com/security/cve/CVE-2018-10779>))\n\nThe TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than [CVE-2017-13726 __](<https://access.redhat.com/security/cve/CVE-2017-13726>).([CVE-2018-10963 __](<https://access.redhat.com/security/cve/CVE-2018-10963>))\n\nHeap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.([CVE-2018-12900 __](<https://access.redhat.com/security/cve/CVE-2018-12900>))\n\nAn issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.([CVE-2018-17100 __](<https://access.redhat.com/security/cve/CVE-2018-17100>))\n\nAn issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.([CVE-2018-17101 __](<https://access.redhat.com/security/cve/CVE-2018-17101>))\n\nLibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.([CVE-2018-18557 __](<https://access.redhat.com/security/cve/CVE-2018-18557>))\n\nAn issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.([CVE-2018-18661 __](<https://access.redhat.com/security/cve/CVE-2018-18661>))\n\nA NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than [CVE-2017-18013 __](<https://access.redhat.com/security/cve/CVE-2017-18013>). (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the [CVE-2017-18013 __](<https://access.redhat.com/security/cve/CVE-2017-18013>) patch.)([CVE-2018-7456 __](<https://access.redhat.com/security/cve/CVE-2018-7456>))\n\nIn LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.([CVE-2018-8905 __](<https://access.redhat.com/security/cve/CVE-2018-8905>))\n\n \n**Affected Packages:** \n\n\nlibtiff\n\n \n**Issue Correction:** \nRun _yum update libtiff_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n libtiff-4.0.3-32.34.amzn1.i686 \n libtiff-devel-4.0.3-32.34.amzn1.i686 \n libtiff-debuginfo-4.0.3-32.34.amzn1.i686 \n libtiff-static-4.0.3-32.34.amzn1.i686 \n \n src: \n libtiff-4.0.3-32.34.amzn1.src \n \n x86_64: \n libtiff-static-4.0.3-32.34.amzn1.x86_64 \n libtiff-debuginfo-4.0.3-32.34.amzn1.x86_64 \n libtiff-4.0.3-32.34.amzn1.x86_64 \n libtiff-devel-4.0.3-32.34.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2019-10-08T21:06:00", "published": "2019-10-08T21:06:00", "id": "ALAS-2019-1306", "href": "https://alas.aws.amazon.com/ALAS-2019-1306.html", "title": "Medium: libtiff", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-10T12:37:17", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10779", "CVE-2018-10963", "CVE-2018-18557", "CVE-2018-8905", "CVE-2017-18013", "CVE-2016-3186", "CVE-2018-17101", "CVE-2018-18661", "CVE-2017-13726", "CVE-2018-12900", "CVE-2018-17100", "CVE-2018-7456"], "description": "**Issue Overview:**\n\nBuffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.([CVE-2016-3186 __](<https://access.redhat.com/security/cve/CVE-2016-3186>))\n\nAn integer overflow has been discovered in libtiff in TIFFSetupStrips:tif_write.c, which could lead to a heap-based buffer overflow in TIFFWriteScanline:tif_write.c. An attacker may use this vulnerability to corrupt memory or cause Denial of Service.([CVE-2018-10779 __](<https://access.redhat.com/security/cve/CVE-2018-10779>))\n\nThe TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than [CVE-2017-13726 __](<https://access.redhat.com/security/cve/CVE-2017-13726>). ([CVE-2018-10963 __](<https://access.redhat.com/security/cve/CVE-2018-10963>))\n\nHeap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.([CVE-2018-12900 __](<https://access.redhat.com/security/cve/CVE-2018-12900>))\n\nAn issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.([CVE-2018-17100 __](<https://access.redhat.com/security/cve/CVE-2018-17100>))\n\nAn issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.([CVE-2018-17101 __](<https://access.redhat.com/security/cve/CVE-2018-17101>))\n\nLibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.([CVE-2018-18557 __](<https://access.redhat.com/security/cve/CVE-2018-18557>))\n\nAn issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.([CVE-2018-18661 __](<https://access.redhat.com/security/cve/CVE-2018-18661>))\n\nA NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than [CVE-2017-18013 __](<https://access.redhat.com/security/cve/CVE-2017-18013>). (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the [CVE-2017-18013 __](<https://access.redhat.com/security/cve/CVE-2017-18013>) patch.)([CVE-2018-7456 __](<https://access.redhat.com/security/cve/CVE-2018-7456>))\n\nIn LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.([CVE-2018-8905 __](<https://access.redhat.com/security/cve/CVE-2018-8905>))\n\n \n**Affected Packages:** \n\n\nlibtiff\n\n \n**Issue Correction:** \nRun _yum update libtiff_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n libtiff-4.0.3-32.amzn2.aarch64 \n libtiff-devel-4.0.3-32.amzn2.aarch64 \n libtiff-static-4.0.3-32.amzn2.aarch64 \n libtiff-tools-4.0.3-32.amzn2.aarch64 \n libtiff-debuginfo-4.0.3-32.amzn2.aarch64 \n \n i686: \n libtiff-4.0.3-32.amzn2.i686 \n libtiff-devel-4.0.3-32.amzn2.i686 \n libtiff-static-4.0.3-32.amzn2.i686 \n libtiff-tools-4.0.3-32.amzn2.i686 \n libtiff-debuginfo-4.0.3-32.amzn2.i686 \n \n src: \n libtiff-4.0.3-32.amzn2.src \n \n x86_64: \n libtiff-4.0.3-32.amzn2.x86_64 \n libtiff-devel-4.0.3-32.amzn2.x86_64 \n libtiff-static-4.0.3-32.amzn2.x86_64 \n libtiff-tools-4.0.3-32.amzn2.x86_64 \n libtiff-debuginfo-4.0.3-32.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2019-10-21T18:01:00", "published": "2019-10-21T18:01:00", "id": "ALAS2-2019-1327", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1327.html", "title": "Medium: libtiff", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}