openSUSE 10 Security Update for libexif5-372
Reporter | Title | Published | Views | Family All 49 |
---|---|---|---|---|
CVE | CVE-2007-2645 | 14 May 200721:19 | – | cve |
OpenVAS | Ubuntu Update for libexif vulnerability USN-471-1 | 23 Mar 200900:00 | – | openvas |
OpenVAS | Fedora Update for libexif FEDORA-2007-0001 | 27 Feb 200900:00 | – | openvas |
OpenVAS | Gentoo Security Advisory GLSA 200706-01 (libexif) | 24 Sep 200800:00 | – | openvas |
OpenVAS | Gentoo Security Advisory GLSA 200706-01 (libexif) | 24 Sep 200800:00 | – | openvas |
OpenVAS | Ubuntu: Security Advisory (USN-471-1) | 23 Mar 200900:00 | – | openvas |
OpenVAS | Fedora Update for libexif FEDORA-2007-548 | 27 Feb 200900:00 | – | openvas |
OpenVAS | SLES9: Security update for libexif | 10 Oct 200900:00 | – | openvas |
OpenVAS | SLES9: Security update for libexif | 10 Oct 200900:00 | – | openvas |
OpenVAS | Fedora Update for libexif FEDORA-2007-0001 | 27 Feb 200900:00 | – | openvas |
Source | Link |
---|---|
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update libexif5-3724.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(27320);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2007-2645");
script_name(english:"openSUSE 10 Security Update : libexif5 (libexif5-3724)");
script_summary(english:"Check for the libexif5-3724 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"A denial of service problem (crash) was fixed in the EXIF Loader of
libexif, which could be used to crash the browser or image viewer when
it interprets the EXIF tags in prepared JPEG files. (CVE-2007-2645)"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected libexif5 package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libexif5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1");
script_set_attribute(attribute:"patch_publication_date", value:"2007/06/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE10.1", reference:"libexif5-0.5.12-17.7") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libexif5");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo