SuSE 10 Security Update : kdegraphics3 (ZYPP Patch Number 2301)

2007-12-13T00:00:00
ID SUSE_KDEGRAPHICS3-2301.NASL
Type nessus
Reporter Tenable
Modified 2012-05-17T00:00:00

Description

The KFILE JPEG plugin that is responsible for displaying meta-data of JPEG files was affected by some old common vulnerabilities in EXIF handling.

A JPEG file could be prepapred with an EXIF section with endless recursion that would overflow the stack and cause the plugin and so the image browser (konqueror, digikam or other kfile users) to crash.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include("compat.inc");

if (description)
{
  script_id(29478);
  script_version ("$Revision: 1.10 $");
  script_cvs_date("$Date: 2012/05/17 11:12:38 $");

  script_name(english:"SuSE 10 Security Update : kdegraphics3 (ZYPP Patch Number 2301)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The KFILE JPEG plugin that is responsible for displaying meta-data of
JPEG files was affected by some old common vulnerabilities in EXIF
handling.

A JPEG file could be prepapred with an EXIF section with endless
recursion that would overflow the stack and cause the plugin and so
the image browser (konqueror, digikam or other kfile users) to crash."
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 2301.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/11/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:0, reference:"kdegraphics3-3.5.1-23.9")) flag++;
if (rpm_check(release:"SLES10", sp:0, reference:"kdegraphics3-3.5.1-23.9")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");