Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2004-466.NASL
HistorySep 15, 2004 - 12:00 a.m.

RHEL 3 : gtk2 (RHSA-2004:466)

2004-09-1500:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

Updated gtk2 packages that fix several security flaws and bugs are now available.

The gtk2 package contains the GIMP ToolKit (GTK+), a library for creating graphical user interfaces for the X Window System.

During testing of a previously fixed flaw in Qt (CVE-2004-0691), a flaw was discovered in the BMP image processor of gtk2. An attacker could create a carefully crafted BMP file which would cause an application to enter an infinite loop and not respond to user input when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0753 to this issue.

During a security audit Chris Evans discovered a stack and a heap overflow in the XPM image decoder. An attacker could create a carefully crafted XPM file which could cause an application linked with gtk2 to crash or possibly execute arbitrary code when the file was opened by a victim. (CVE-2004-0782, CVE-2004-0783)

Chris Evans also discovered an integer overflow in the ICO image decoder. An attacker could create a carefully crafted ICO file which could cause an application linked with gtk2 to crash when the file was opened by a victim. (CVE-2004-0788)

This updated gtk2 package also fixes a few key combination bugs on various X servers, such as Hummingbird, ReflectionX, and X-Win32. If a server was configured to use the Swiss German, Swiss French, or France French keyboard layouts, Mode_Switched characters were unable to be entered within GTK based applications.

Users of gtk2 are advised to upgrade to these packages which contain backported patches and are not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2004:466. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14734);
  script_version("1.27");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2004-0753", "CVE-2004-0782", "CVE-2004-0783", "CVE-2004-0788");
  script_xref(name:"RHSA", value:"2004:466");

  script_name(english:"RHEL 3 : gtk2 (RHSA-2004:466)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated gtk2 packages that fix several security flaws and bugs are now
available.

The gtk2 package contains the GIMP ToolKit (GTK+), a library for
creating graphical user interfaces for the X Window System.

During testing of a previously fixed flaw in Qt (CVE-2004-0691), a
flaw was discovered in the BMP image processor of gtk2. An attacker
could create a carefully crafted BMP file which would cause an
application to enter an infinite loop and not respond to user input
when the file was opened by a victim. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-0753
to this issue.

During a security audit Chris Evans discovered a stack and a heap
overflow in the XPM image decoder. An attacker could create a
carefully crafted XPM file which could cause an application linked
with gtk2 to crash or possibly execute arbitrary code when the file
was opened by a victim. (CVE-2004-0782, CVE-2004-0783)

Chris Evans also discovered an integer overflow in the ICO image
decoder. An attacker could create a carefully crafted ICO file which
could cause an application linked with gtk2 to crash when the file was
opened by a victim. (CVE-2004-0788)

This updated gtk2 package also fixes a few key combination bugs on
various X servers, such as Hummingbird, ReflectionX, and X-Win32. If a
server was configured to use the Swiss German, Swiss French, or France
French keyboard layouts, Mode_Switched characters were unable to be
entered within GTK based applications.

Users of gtk2 are advised to upgrade to these packages which contain
backported patches and are not vulnerable to these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-0753"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-0782"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-0783"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-0788"
  );
  # http://bugzilla.gnome.org/show_bug.cgi?id=150601
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.gnome.org/show_bug.cgi?id=150601"
  );
  # http://bugzilla.gnome.org/show_bug.cgi?id=144808
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.gnome.org/show_bug.cgi?id=144808"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2004:466"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected gtk2 and / or gtk2-devel packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gtk2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gtk2-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2004/10/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2004/09/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2004:466";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"gtk2-2.2.4-8.1")) flag++;
  if (rpm_check(release:"RHEL3", reference:"gtk2-devel-2.2.4-8.1")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gtk2 / gtk2-devel");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxgtk2p-cpe:/a:redhat:enterprise_linux:gtk2
redhatenterprise_linuxgtk2-develp-cpe:/a:redhat:enterprise_linux:gtk2-devel
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 24
redhat 3
gentoo 2
cert 4
openvas 22
freebsd 3
osv 3
debian 6
securityvulns 3
cve 5
ubuntucve 5
checkpoint_advisories 1
debiancve 4
slackware 1
suse 4
nessus
nessus
Fedora Core 2 : gdk-pixbuf-0.22.0-11.2.3 (2004-287)
2004-09-15 00:00:00
Fedora Core 1 : gtk2-2.2.4-10 (2004-288)
2004-09-15 00:00:00
Fedora Core 1 : gdk-pixbuf-0.22.0-11.2.2 (2004-286)
2004-09-15 00:00:00
redhat
redhat
(RHSA-2004:466) gtk2 security update
2004-09-15 00:00:00
(RHSA-2004:447) gdk-pixbuf security update
2004-09-15 00:00:00
(RHSA-2004:414) qt security update
2004-08-20 00:00:00
gentoo
gentoo
GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
2004-09-21 00:00:00
Qt: Image loader overflows
2004-08-22 00:00:00
cert
cert
GdkPixbuf XPM parser contains a heap overflow vulnerability
2004-10-01 00:00:00
GdkPixbuf BMP parser may enter an infinite loop
2004-10-01 00:00:00
GdkPixbuf ICO parser contains an integer overflow vulnerability
2004-10-01 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200409-28 (gtk+)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200409-28 (gtk+)
2008-09-24 00:00:00
SLES9: Security update for gdk-pixbuf
2009-10-10 00:00:00
freebsd
freebsd
gdk-pixbuf -- image decoding vulnerabilities
2004-09-15 00:00:00
qt -- image loader vulnerabilities
2004-08-11 00:00:00
imlib -- xpm heap buffer overflows and integer overflows
2004-12-06 00:00:00
osv
osv
gdk-pixbuf - several vulnerabilities
2004-09-16 00:00:00
gtk+2.0 - multiple holes
2004-09-17 00:00:00
qt - unsanitised input
2004-08-30 00:00:00
debian
debian
[SECURITY] [DSA 549-1] New gtk+2.0 packages fix several vulnerabilities
2004-09-17 09:25:18
[SECURITY] [DSA 546-1] New gdk-pixbuf packages fix several vulnerabilities
2004-09-16 09:02:33
[SECURITY] [DSA 549-1] New gtk+2.0 packages fix several vulnerabilities
2004-09-17 09:25:18
securityvulns
securityvulns
CESA-2004-005: gtk+ XPM decoder
2004-09-16 00:00:00
CESA-2004-004: libXpm
2004-09-16 00:00:00
CESA-2004-004: qt
2004-08-22 00:00:00
cve
cve
CVE-2004-0691
2004-09-28 04:00:00
CVE-2004-0788
2004-10-20 04:00:00
CVE-2004-0753
2004-10-20 04:00:00
ubuntucve
ubuntucve
CVE-2004-0691
2004-09-28 00:00:00
CVE-2004-0788
2004-10-20 00:00:00
CVE-2004-0753
2004-10-20 00:00:00
checkpoint_advisories
checkpoint_advisories
CVS File Existence Information Disclosure (CVE-2004-0788)
2009-10-14 00:00:00
debiancve
debiancve
CVE-2004-0788
2004-10-20 04:00:00
CVE-2004-0753
2004-10-20 04:00:00
CVE-2004-0782
2004-10-20 04:00:00
slackware
slackware
[slackware-security] Qt
2004-08-23 22:10:53
suse
suse
remote system compromise in qt3/qt3-non-mt/qt3-32bit/qt3-static
2004-08-19 14:27:45
remote code execution in gtk2, gdk-pixbuf
2004-09-17 10:02:50
remote denial-of-service in apache2
2004-09-15 15:46:39
JSON
Related for REDHAT-RHSA-2004-466.NASL
nessus24redhat3gentoo2cert4openvas22freebsd3osv3debian6securityvulns3cve5ubuntucve5checkpoint_advisories1debiancve4slackware1suse4