Lucene search

K

openSUSE 10 Security Update : libexif5 (libexif5-3724)

🗓️ 17 Oct 2007 00:00:00Reported by This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.Type 
nessus
 nessus
🔗 www.tenable.com👁 13 Views

openSUSE 10 Security Update for libexif5-372

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
CVE
CVE-2007-2645
14 May 200721:19
cve
OpenVAS
Ubuntu Update for libexif vulnerability USN-471-1
23 Mar 200900:00
openvas
OpenVAS
Fedora Update for libexif FEDORA-2007-0001
27 Feb 200900:00
openvas
OpenVAS
Gentoo Security Advisory GLSA 200706-01 (libexif)
24 Sep 200800:00
openvas
OpenVAS
Gentoo Security Advisory GLSA 200706-01 (libexif)
24 Sep 200800:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-471-1)
23 Mar 200900:00
openvas
OpenVAS
Fedora Update for libexif FEDORA-2007-548
27 Feb 200900:00
openvas
OpenVAS
SLES9: Security update for libexif
10 Oct 200900:00
openvas
OpenVAS
SLES9: Security update for libexif
10 Oct 200900:00
openvas
OpenVAS
Fedora Update for libexif FEDORA-2007-0001
27 Feb 200900:00
openvas
Rows per page
#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update libexif5-3724.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(27320);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-2645");

  script_name(english:"openSUSE 10 Security Update : libexif5 (libexif5-3724)");
  script_summary(english:"Check for the libexif5-3724 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A denial of service problem (crash) was fixed in the EXIF Loader of
libexif, which could be used to crash the browser or image viewer when
it interprets the EXIF tags in prepared JPEG files. (CVE-2007-2645)"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libexif5 package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libexif5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE10.1", reference:"libexif5-0.5.12-17.7") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libexif5");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Oct 2007 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS29.3
EPSS0.476
13
.json
Report