The remote host is missing the SSA-2007-325-01a security update. New libpng packages are available for Slackware 10.1 and 10.2 that fix security problems
Reporter | Title | Published | Views | Family All 123 |
---|---|---|---|---|
![]() | [slackware-security] libpng | 21 Nov 200708:14 | – | slackware |
![]() | [slackware-security] libpng for Slackware 10.1 and 10.2 | 21 Nov 200721:16 | – | slackware |
![]() | FreeBSD : png -- multiple vulnerabilities (172acf78-780c-11dc-b3f4-0016179b2dd5) | 12 Oct 200700:00 | – | nessus |
![]() | Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libpng vulnerabilities (USN-538-1) | 10 Nov 200700:00 | – | nessus |
![]() | Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2007-325-01) | 26 Nov 200700:00 | – | nessus |
![]() | GLSA-200711-08 : libpng: Multiple Denials of Service | 8 Nov 200700:00 | – | nessus |
![]() | Mandrake Linux Security Advisory : libpng (MDKSA-2007:217) | 14 Nov 200700:00 | – | nessus |
![]() | Solaris 10 (x86) : 137081-07 | 12 Mar 201800:00 | – | nessus |
![]() | Solaris 10 (x86) : 137081-09 | 12 Mar 201800:00 | – | nessus |
![]() | Solaris 10 (sparc) : 137080-11 (deprecated) | 4 Mar 200800:00 | – | nessus |
#%NASL_MIN_LEVEL 70300
# Disabled on 2011/05/27.
#
# This script was automatically generated from the SSA-2007-325-01a
# Slackware Security Advisory
# It is released under the Nessus Script Licence.
# Slackware Security Advisories are copyright 1999-2009 Slackware Linux, Inc.
# SSA2nasl Convertor is copyright 2004-2009 Tenable Network Security, Inc.
# See http://www.slackware.com/about/ or http://www.slackware.com/security/
# Slackware(R) is a registered trademark of Slackware Linux, Inc.
if (! defined_func("bn_random")) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description) {
script_id(28296);
script_version("1.11");
script_category(ACT_GATHER_INFO);
script_family(english: "Slackware Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_copyright("This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
script_require_keys("Host/Slackware/release", "Host/Slackware/packages");
script_set_attribute(attribute:'synopsis', value:
'The remote host is missing the SSA-2007-325-01a security update');
script_set_attribute(attribute:'description', value: '
New libpng packages are available for Slackware 10.1 and 10.2 that
were left out of the last batch of updates. These fix the same
security problems as the other 1.2.23 upgrades.
More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
');
script_set_attribute(attribute:'solution', value:
'Update the packages that are referenced in the security advisory.');
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_cwe_id(20, 189);
script_summary(english: "SSA-2007-325-01a libpng for Slackware 10.1 and 10.2 ");
script_xref(name:"SSA", value:"2007-325-01a");
script_name(english: "SSA-2007-325-01a libpng for Slackware 10.1 and 10.2 ");
script_cve_id("CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269");
script_set_attribute(attribute:'plugin_type', value: 'local');
script_set_attribute(attribute:"plugin_publication_date", value: "2007/11/26");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_end_attributes();
exit(0);
}
exit(0);
include('slackware.inc');
include('global_settings.inc');
if ( ! get_kb_item('Host/Slackware/packages') ) exit(1, 'Could not obtain the list of packages');
extrarep = NULL;
if (slackware_check(osver: "10.1", pkgname: "libpng", pkgver: "1.2.23", pkgnum: "1", pkgarch: "i486")) {
w++;
if (report_verbosity > 0) extrarep = strcat(extrarep, '
The package libpng is vulnerable in Slackware 10.1
Upgrade to libpng-1.2.23-i486-1_slack10.1 or newer.
');
}
if (slackware_check(osver: "10.2", pkgname: "libpng", pkgver: "1.2.23", pkgnum: "1", pkgarch: "i486")) {
w++;
if (report_verbosity > 0) extrarep = strcat(extrarep, '
The package libpng is vulnerable in Slackware 10.2
Upgrade to libpng-1.2.23-i486-1_slack10.2 or newer.
');
}
if (w) { security_warning(port: 0, extra: extrarep); }
else exit(0, "Host is not affected");
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo