Lucene search
This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2005-843.NASLHistoryDec 30, 2005 - 12:00 a.m.
RHEL 2.1 / 3 : netpbm (RHSA-2005:843)
2005-12-3000:00:00
This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
45.7%
Updated netpbm packages that fix two security issues are now available.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
The netpbm package contains a library of functions that support programs for handling various graphics file formats.
A stack based buffer overflow bug was found in the way netpbm converts Portable Anymap (PNM) files into Portable Network Graphics (PNG). A specially crafted PNM file could allow an attacker to execute arbitrary code by attempting to convert a PNM file to a PNG file when using pnmtopng with the ‘-text’ option. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3632 to this issue.
An ‘off by one’ bug was found in the way netpbm converts Portable Anymap (PNM) files into Portable Network Graphics (PNG). If a victim attempts to convert a specially crafted 256 color PNM file to a PNG file, then it can cause the pnmtopng utility to crash. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3662 to this issue.
All users of netpbm should upgrade to these updated packages, which contain backported patches that resolve these issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2005:843. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(20360);
script_version("1.24");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2005-3632", "CVE-2005-3662");
script_bugtraq_id(15427, 15514);
script_xref(name:"RHSA", value:"2005:843");
script_name(english:"RHEL 2.1 / 3 : netpbm (RHSA-2005:843)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated netpbm packages that fix two security issues are now
available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The netpbm package contains a library of functions that support
programs for handling various graphics file formats.
A stack based buffer overflow bug was found in the way netpbm converts
Portable Anymap (PNM) files into Portable Network Graphics (PNG). A
specially crafted PNM file could allow an attacker to execute
arbitrary code by attempting to convert a PNM file to a PNG file when
using pnmtopng with the '-text' option. The Common Vulnerabilities and
Exposures project has assigned the name CVE-2005-3632 to this issue.
An 'off by one' bug was found in the way netpbm converts Portable
Anymap (PNM) files into Portable Network Graphics (PNG). If a victim
attempts to convert a specially crafted 256 color PNM file to a PNG
file, then it can cause the pnmtopng utility to crash. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-3662 to this issue.
All users of netpbm should upgrade to these updated packages, which
contain backported patches that resolve these issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2005-3632"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2005-3662"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2005:843"
);
script_set_attribute(
attribute:"solution",
value:
"Update the affected netpbm, netpbm-devel and / or netpbm-progs
packages."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netpbm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netpbm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netpbm-progs");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/17");
script_set_attribute(attribute:"patch_publication_date", value:"2005/12/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/12/30");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2005:843";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"netpbm-9.24-9.AS21.6")) flag++;
if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"netpbm-devel-9.24-9.AS21.6")) flag++;
if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"netpbm-progs-9.24-9.AS21.6")) flag++;
if (rpm_check(release:"RHEL3", reference:"netpbm-9.24-11.30.4")) flag++;
if (rpm_check(release:"RHEL3", reference:"netpbm-devel-9.24-11.30.4")) flag++;
if (rpm_check(release:"RHEL3", reference:"netpbm-progs-9.24-11.30.4")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "netpbm / netpbm-devel / netpbm-progs");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | netpbm | p-cpe:/a:redhat:enterprise_linux:netpbm |
| redhat | enterprise_linux | netpbm-devel | p-cpe:/a:redhat:enterprise_linux:netpbm-devel |
| redhat | enterprise_linux | netpbm-progs | p-cpe:/a:redhat:enterprise_linux:netpbm-progs |
| redhat | enterprise_linux | 2.1 | cpe:/o:redhat:enterprise_linux:2.1 |
| redhat | enterprise_linux | 3 | cpe:/o:redhat:enterprise_linux:3 |
Related
centos
centos
netpbm security update
2005-12-20 23:27:22
netpbm security update
2005-12-22 00:11:59
ubuntu
ubuntu
netpbm vulnerabilities
2005-11-22 00:00:00
nessus
nessus
CentOS 3 : netpbm (CESA-2005:843)
2006-07-03 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : netpbm-free vulnerabilities (USN-218-1)
2006-01-15 00:00:00
Mandrake Linux Security Advisory : netpbm (MDKSA-2005:217)
2006-01-15 00:00:00
osv
osv
netpbm-free - buffer overflows
2005-11-21 00:00:00
redhat
redhat
(RHSA-2005:843) netpbm security update
2005-12-20 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-904-1)
2008-01-17 00:00:00
SLES9: Security update for netpbm
2009-10-10 00:00:00
Debian Security Advisory DSA 904-1 (netpbm-free)
2008-01-17 00:00:00
cve
cve
CVE-2005-3662
2005-11-18 02:02:00
CVE-2005-3632
2005-11-21 22:03:00
cvelist
cvelist
CVE-2005-3662
2005-11-18 02:00:00
CVE-2005-3632
2005-11-21 22:00:00
ubuntucve
ubuntucve
CVE-2005-3662
2005-11-18 00:00:00
CVE-2005-3632
2005-11-21 00:00:00
debiancve
debiancve
CVE-2005-3662
2005-11-18 02:02:00
CVE-2005-3632
2005-11-21 22:03:00
nvd
nvd
CVE-2005-3662
2005-11-18 02:02:00
CVE-2005-3632
2005-11-21 22:03:00
debian
debian
[SECURITY] [DSA 904-1] New netpbm packages fix arbitrary code execution
2005-11-21 17:05:18
[SECURITY] [DSA 904-1] New netpbm packages fix arbitrary code execution
2005-11-21 17:05:18
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
45.7%
Related for REDHAT-RHSA-2005-843.NASL