Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 Tenable Network Security, Inc.SUSE_SA_2005_059.NASL
HistoryOct 11, 2005 - 12:00 a.m.

SUSE-SA:2005:059: RealPlayer

2005-10-1100:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
7
JSON

The remote host is missing the patch for the advisory SUSE-SA:2005:059 (RealPlayer).

The following security issue in RealPlayer was fixed:

  • A format string bug in the RealPix (.rp) file format parser (CVE-2005-2710).

This bug allowed remote attackers to execute arbitrary code by supplying a specially crafted file, e.g via Web page or E-Mail.

Note that we no longer support RealPlayer on the following distributions for some time now:

  • SUSE Linux 9.1
  • SUSE Linux 9.0
  • SUSE Linux Desktop 1.0

On these distributions, please deinstall RealPlayer by running as root:
rpm -e RealPlayer

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:059
#


if ( ! defined_func("bn_random") ) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if(description)
{
 script_id(19996);
 script_version("1.10");
 
 name["english"] = "SUSE-SA:2005:059: RealPlayer";
 
 script_name(english:name["english"]);
 
 script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
 script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2005:059 (RealPlayer).


The following security issue in RealPlayer was fixed:

- A format string bug in the RealPix (.rp) file format parser
(CVE-2005-2710).

This bug allowed remote attackers to execute arbitrary code by
supplying a specially crafted file, e.g via Web page or E-Mail.

Note that we no longer support RealPlayer on the following distributions
for some time now:
- SUSE Linux 9.1
- SUSE Linux 9.0
- SUSE Linux Desktop 1.0

On these distributions, please deinstall RealPlayer by running as root:
	rpm -e RealPlayer" );
 script_set_attribute(attribute:"solution", value:
"http://www.suse.de/security/advisories/2005_59_RealPlayer.html" );
 script_set_attribute(attribute:"risk_factor", value:"High" );



 script_set_attribute(attribute:"plugin_publication_date", value: "2005/10/11");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
 script_end_attributes();

 
 summary["english"] = "Check for the version of the RealPlayer package";
 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
 family["english"] = "SuSE Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/SuSE/rpm-list");
 exit(0);
}

include("rpm.inc");
if ( rpm_check( reference:"RealPlayer-10.0.6-3.2", release:"SUSE10.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"RealPlayer-10.0.6-1.4", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"RealPlayer-10.0.6-1.4", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}

Related

nessus 7
cert 1
openvas 4
cve 1
cvelist 1
securityvulns 1
gentoo 1
checkpoint_advisories 1
suse 1
osv 1
debian 2
redhat 2
centos 1
nessus
nessus
GLSA-200510-07 : RealPlayer, Helix Player: Format string vulnerability
2005-10-11 00:00:00
Fedora Core 4 : HelixPlayer-1.0.6-1.fc4.2 (2005-940)
2005-10-05 00:00:00
Fedora Core 3 : HelixPlayer-1.0.6-0.fc3.1 (2005-941)
2005-10-05 00:00:00
cert
cert
Helix Player format string vulnerability
2005-09-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200510-07 (realplayer helixplayer)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200510-07 (realplayer helixplayer)
2008-09-24 00:00:00
Debian Security Advisory DSA 826-1 (helix-player)
2008-01-17 00:00:00
cve
cve
CVE-2005-2710
2005-09-27 20:03:00
cvelist
cvelist
CVE-2005-2710
2005-09-27 04:00:00
securityvulns
securityvulns
[Full-disclosure] iDEFENSE Security Advisory 09.30.05: RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability
2005-09-30 00:00:00
gentoo
gentoo
RealPlayer, Helix Player: Format string vulnerability
2005-10-07 00:00:00
checkpoint_advisories
checkpoint_advisories
RealNetworks RealPlayer Error Message Format String (CVE-2005-2710)
2009-10-11 00:00:00
suse
suse
remote code execution in RealPlayer
2005-10-10 13:36:54
osv
osv
helix-player - multiple
2005-09-29 00:00:00
debian
debian
[SECURITY] [DSA 826-1] New helix-player packages fix multiple vulnerabilities
2005-09-29 23:56:37
[SECURITY] [DSA 826-1] New helix-player packages fix multiple vulnerabilities
2005-09-29 00:00:00
redhat
redhat
(RHSA-2005:762) RealPlayer security update
2005-09-27 00:00:00
(RHSA-2005:788) HelixPlayer security update
2005-09-27 00:00:00
centos
centos
HelixPlayer security update
2005-09-27 22:04:42
JSON
Related for SUSE_SA_2005_059.NASL
nessus7cert1openvas4cve1cvelist1securityvulns1gentoo1checkpoint_advisories1suse1osv1debian2redhat2centos1