Lucene search
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2004-409.NASLHistoryJul 30, 2004 - 12:00 a.m.
RHEL 3 : sox (RHSA-2004:409)
2004-07-3000:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
Updated sox packages that fix buffer overflows in the WAV file handling code are now available.
SoX (Sound eXchange) is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects.
Buffer overflows existed in the parsing of WAV file header fields. It was possible that a malicious WAV file could have caused arbitrary code to be executed when the file was played or converted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0557 to these issues.
All users of sox should upgrade to these updated packages, which resolve these issues as well as fix a number of minor bugs.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2004:409. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(13853);
script_version("1.27");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2004-0557");
script_xref(name:"RHSA", value:"2004:409");
script_name(english:"RHEL 3 : sox (RHSA-2004:409)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated sox packages that fix buffer overflows in the WAV file
handling code are now available.
SoX (Sound eXchange) is a sound file format converter. SoX can convert
between many different digitized sound formats and perform simple
sound manipulation functions, including sound effects.
Buffer overflows existed in the parsing of WAV file header fields. It
was possible that a malicious WAV file could have caused arbitrary
code to be executed when the file was played or converted. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0557 to these issues.
All users of sox should upgrade to these updated packages, which
resolve these issues as well as fix a number of minor bugs."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2004-0557"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2004:409"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected sox and / or sox-devel packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sox-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
script_set_attribute(attribute:"vuln_publication_date", value:"2004/08/06");
script_set_attribute(attribute:"patch_publication_date", value:"2004/07/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/30");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2004:409";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL3", reference:"sox-12.17.4-4.3")) flag++;
if (rpm_check(release:"RHEL3", reference:"sox-devel-12.17.4-4.3")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "sox / sox-devel");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | sox | p-cpe:/a:redhat:enterprise_linux:sox |
| redhat | enterprise_linux | sox-devel | p-cpe:/a:redhat:enterprise_linux:sox-devel |
| redhat | enterprise_linux | 3 | cpe:/o:redhat:enterprise_linux:3 |
Related
debian
debian
[SECURITY] [DSA 565-1] New sox packages fix buffer overflow
2004-10-13 00:00:00
[SECURITY] [DSA 565-1] New sox packages fix buffer overflow
2004-10-13 13:34:36
nessus
nessus
Fedora Core 1 : sox-12.17.4-4.fc1 (2004-235)
2004-07-28 00:00:00
Mandrake Linux Security Advisory : sox (MDKSA-2004:076)
2004-07-31 00:00:00
Fedora Core 2 : sox-12.17.4-4.fc2 (2004-244)
2004-07-28 00:00:00
securityvulns
securityvulns
[Full-Disclosure] SoX buffer overflows when handling .WAV files
2004-07-29 00:00:00
openvas
openvas
FreeBSD Ports: sox
2008-09-04 00:00:00
FreeBSD Ports: sox
2008-09-04 00:00:00
Debian Security Advisory DSA 565-1 (sox)
2008-01-17 00:00:00
cve
cve
CVE-2004-0557
2004-08-06 04:00:00
seebug
seebug
SoX - (.wav) Local Buffer Overflow Exploiter
2014-07-01 00:00:00
SoX Local Buffer Overflow Exploiter (Via Crafted WAV File)
2006-10-27 00:00:00
exploitpack
exploitpack
SoX - .wav Local Buffer Overflow
2004-08-04 00:00:00
cvelist
cvelist
CVE-2004-0557
2004-08-02 04:00:00
packetstorm
packetstorm
evil_song.py
2004-08-05 00:00:00
debiancve
debiancve
CVE-2004-0557
2004-08-06 04:00:00
ubuntucve
ubuntucve
CVE-2004-0557
2004-08-06 00:00:00
redhat
redhat
(RHSA-2004:409) sox security update
2004-07-29 00:00:00
osv
osv
sox - buffer overflows
2004-10-13 00:00:00
freebsd
freebsd
SoX buffer overflows when handling .WAV files
2004-07-28 00:00:00
gentoo
gentoo
SoX: Multiple buffer overflows
2004-07-30 00:00:00
exploitdb
exploitdb
SoX - '.wav' Local Buffer Overflow
2004-08-04 00:00:00
suse
suse
remote system compromise in libpng
2004-08-04 15:12:06
Related for REDHAT-RHSA-2004-409.NASL