Lucene search
This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2006-0194.NASLHistoryFeb 05, 2006 - 12:00 a.m.
RHEL 4 : gd (RHSA-2006:0194)
2006-02-0500:00:00
This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
Updated gd packages that fix several buffer overflow flaws are now available.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
The gd package contains a graphics library used for the dynamic creation of images such as PNG and JPEG.
Several buffer overflow flaws were found in the way gd allocates memory. An attacker could create a carefully crafted image that could execute arbitrary code if opened by a victim using a program linked against the gd library. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2004-0941 to these issues.
Users of gd should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2006:0194. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(20856);
script_version("1.23");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2004-0941");
script_xref(name:"RHSA", value:"2006:0194");
script_name(english:"RHEL 4 : gd (RHSA-2006:0194)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated gd packages that fix several buffer overflow flaws are now
available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The gd package contains a graphics library used for the dynamic
creation of images such as PNG and JPEG.
Several buffer overflow flaws were found in the way gd allocates
memory. An attacker could create a carefully crafted image that could
execute arbitrary code if opened by a victim using a program linked
against the gd library. The Common Vulnerabilities and Exposures
project (cve.mitre.org) assigned the name CVE-2004-0941 to these
issues.
Users of gd should upgrade to these updated packages, which contain a
backported patch and is not vulnerable to these issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2004-0941"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2006:0194"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected gd, gd-devel and / or gd-progs packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gd-progs");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/02/09");
script_set_attribute(attribute:"patch_publication_date", value:"2006/02/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/02/05");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2006:0194";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL4", reference:"gd-2.0.28-4.4E.1")) flag++;
if (rpm_check(release:"RHEL4", reference:"gd-devel-2.0.28-4.4E.1")) flag++;
if (rpm_check(release:"RHEL4", reference:"gd-progs-2.0.28-4.4E.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gd / gd-devel / gd-progs");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | gd | p-cpe:/a:redhat:enterprise_linux:gd |
| redhat | enterprise_linux | gd-devel | p-cpe:/a:redhat:enterprise_linux:gd-devel |
| redhat | enterprise_linux | gd-progs | p-cpe:/a:redhat:enterprise_linux:gd-progs |
| redhat | enterprise_linux | 4 | cpe:/o:redhat:enterprise_linux:4 |
Related
checkpoint_advisories
checkpoint_advisories
GD Graphics Library PNG Buffer Overflow (CVE-2004-0941)
2015-01-08 00:00:00
redhat
redhat
(RHSA-2006:0194) gd security update
2006-02-01 00:00:00
(RHSA-2004:638) gd security update
2004-12-16 00:00:00
nessus
nessus
CentOS 4 : gd (CESA-2006:0194)
2006-07-05 00:00:00
RHEL 2.1 / 3 : gd (RHSA-2004:638)
2004-12-17 00:00:00
Fedora Core 2 : gd-2.0.21-5.20.1 (2004-411)
2004-11-17 00:00:00
centos
centos
gd security update
2006-02-01 19:06:04
gd security update
2005-05-27 13:29:15
securityvulns
securityvulns
openvas
openvas
FreeBSD Ports: gd, uk-gd, ja-gd
2008-09-04 00:00:00
Debian Security Advisory DSA 601-1 (libgd1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-601-1)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2004-0941
2005-02-09 05:00:00
CVE-2004-0990
2005-03-01 05:00:00
ubuntu
ubuntu
libgd vulnerabilities
2004-11-30 00:00:00
libgd2 vulnerability
2004-11-16 00:00:00
debian
debian
[SECURITY] [DSA 602-1] New libgd2 packages fix arbitrary code execution
2004-11-29 15:57:41
[SECURITY] [DSA 601-1] New libgd1 packages fix arbitrary code execution
2004-11-29 14:32:29
[SECURITY] [DSA 602-1] New libgd2 packages fix arbitrary code execution
2004-11-29 15:57:41
osv
osv
libgd1 - integer overflow
2004-11-29 00:00:00
libgd2 - integer overlow
2004-11-29 00:00:00
ubuntucve
ubuntucve
cve
cve
CVE-2004-0990
2005-03-01 05:00:00
CVE-2004-0941
2005-02-09 05:00:00
freebsd
freebsd
libwmf -- multiple vulnerabilities
2004-10-12 00:00:00
slackware
slackware
[slackware-security] libwmf
2018-05-01 01:19:49
Related for REDHAT-RHSA-2006-0194.NASL