Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.SLACKWARE_SSA_2013-290-01.NASL
HistoryOct 20, 2013 - 12:00 a.m.

Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : libtiff (SSA:2013-290-01)

2013-10-2000:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
13
JSON

New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2013-290-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70499);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2012-2088", "CVE-2012-2113", "CVE-2012-4447", "CVE-2012-4564", "CVE-2013-1960", "CVE-2013-1961", "CVE-2013-4231", "CVE-2013-4232", "CVE-2013-4244");
  script_bugtraq_id(54076, 54270, 55673, 56372, 59607, 59609, 61695, 61849, 62019);
  script_xref(name:"SSA", value:"2013-290-01");

  script_name(english:"Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : libtiff (SSA:2013-290-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"New libtiff packages are available for Slackware 12.1, 12.2, 13.0,
13.1, 13.37, 14.0, and -current to fix security issues."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.543193
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?957d5ecf"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libtiff package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:libtiff");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.37");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/10/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/10/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"12.1", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1_slack12.1")) flag++;

if (slackware_check(osver:"12.2", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1_slack12.2")) flag++;

if (slackware_check(osver:"13.0", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1_slack13.0")) flag++;
if (slackware_check(osver:"13.0", arch:"x86_64", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"x86_64", pkgnum:"1_slack13.0")) flag++;

if (slackware_check(osver:"13.1", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1_slack13.1")) flag++;
if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"x86_64", pkgnum:"1_slack13.1")) flag++;

if (slackware_check(osver:"13.37", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1_slack13.37")) flag++;
if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"x86_64", pkgnum:"1_slack13.37")) flag++;

if (slackware_check(osver:"14.0", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1_slack14.0")) flag++;
if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"x86_64", pkgnum:"1_slack14.0")) flag++;

if (slackware_check(osver:"current", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"i486", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"libtiff", pkgver:"3.9.7", pkgarch:"x86_64", pkgnum:"1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
slackwareslackware_linuxlibtiffp-cpe:/a:slackware:slackware_linux:libtiff
slackwareslackware_linuxcpe:/o:slackware:slackware_linux
slackwareslackware_linux12.1cpe:/o:slackware:slackware_linux:12.1
slackwareslackware_linux12.2cpe:/o:slackware:slackware_linux:12.2
slackwareslackware_linux13.0cpe:/o:slackware:slackware_linux:13.0
slackwareslackware_linux13.1cpe:/o:slackware:slackware_linux:13.1
slackwareslackware_linux13.37cpe:/o:slackware:slackware_linux:13.37
slackwareslackware_linux14.0cpe:/o:slackware:slackware_linux:14.0

Related

slackware 1
openvas 76
gentoo 1
nessus 61
fedora 17
oraclelinux 3
centos 3
f5 2
redhat 5
veracode 7
securityvulns 8
osv 2
debian 2
amazon 4
ubuntu 4
suse 1
mageia 1
altlinux 1
slackware
slackware
[slackware-security] libtiff
2013-10-18 19:38:32
openvas
openvas
Slackware: Security Advisory (SSA:2013-290-01)
2022-04-21 00:00:00
Gentoo Security Advisory GLSA 201402-21
2015-09-29 00:00:00
Fedora Update for libtiff FEDORA-2013-15673
2013-09-24 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2014-02-21 00:00:00
nessus
nessus
GLSA-201402-21 : libTIFF: Multiple vulnerabilities
2014-02-23 00:00:00
Oracle Linux 5 : libtiff (ELSA-2014-0223)
2014-02-28 00:00:00
Scientific Linux Security Update : libtiff on SL5.x i386/x86_64 (20140227)
2014-02-28 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: mingw-libtiff-4.0.3-4.fc20
2014-06-10 02:56:35
[SECURITY] Fedora 19 Update: mingw-libtiff-4.0.3-4.fc19
2014-06-10 03:14:08
[SECURITY] Fedora 18 Update: libtiff-4.0.3-9.fc18
2013-09-18 12:58:47
oraclelinux
oraclelinux
libtiff security update
2014-02-27 00:00:00
libtiff security update
2014-02-27 00:00:00
libtiff security update
2012-07-03 00:00:00
centos
centos
libtiff security update
2014-02-28 00:37:27
libtiff security update
2014-02-28 00:43:50
libtiff security update
2012-07-03 13:30:55
f5
f5
SOL16715 - Multiple LibTIFF vulnerabilities
2015-06-05 00:00:00
K16715 : Multiple LibTIFF vulnerabilities
2015-06-05 00:00:00
redhat
redhat
(RHSA-2014:0223) Moderate: libtiff security update
2014-02-27 00:00:00
(RHSA-2014:0222) Moderate: libtiff security update
2014-02-27 00:00:00
(RHSA-2012:1054) Important: libtiff security update
2012-07-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:01:26
Denial Of Service (DoS)
2019-05-02 05:01:26
Denial Of Service (DoS)
2019-05-02 05:01:26
securityvulns
securityvulns
libtiff multiple security vulnerabilities
2013-08-28 00:00:00
[SECURITY] [DSA 2744-1] tiff security update
2013-08-28 00:00:00
libtiff buffer overflow
2012-11-18 00:00:00
osv
osv
tiff - several
2013-08-27 00:00:00
tiff - buffer overflow
2013-06-18 00:00:00
debian
debian
[SECURITY] [DSA 2744-1] tiff security update
2013-08-27 15:27:12
[SECURITY] [DSA 2698-1] tiff security update
2013-06-18 19:39:25
amazon
amazon
Medium: libtiff
2014-03-13 18:13:00
Medium: libtiff
2014-06-26 10:31:00
Important: libtiff
2012-07-06 16:18:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2014-05-06 00:00:00
LibTIFF vulnerabilities
2012-11-15 00:00:00
tiff vulnerabilities
2012-07-05 00:00:00
suse
suse
Security update for libtiff (important)
2012-07-19 22:08:33
mageia
mageia
Updated libtiff packagess fix multiple security vulnerabilities
2013-08-22 22:20:56
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 3.9.6-alt3
2012-08-27 00:00:00
JSON
Related for SLACKWARE_SSA_2013-290-01.NASL
slackware1openvas76gentoo1nessus61fedora17oraclelinux3centos3f52redhat5veracode7securityvulns8osv2debian2amazon4ubuntu4suse1mageia1altlinux1