Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2021 Tenable Network Security, Inc.SUSE_SA_2007_013.NASL
HistoryFeb 18, 2007 - 12:00 a.m.

SUSE-SA:2007:013: xine-ui,xine-lib,xine-extra,xine-devel

2007-02-1800:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
16
JSON

The remote host is missing the patch for the advisory SUSE-SA:2007:013 (xine-ui,xine-lib,xine-extra,xine-devel).

This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code.
Since SUSE Linux version 10.1 format string bugs are not exploitable anymore. (CVE-2007-0017)

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:013
#


if ( ! defined_func("bn_random") ) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if(description)
{
 script_id(24466);
 script_version("1.10");
 
 name["english"] = "SUSE-SA:2007:013: xine-ui,xine-lib,xine-extra,xine-devel";
 
 script_name(english:name["english"]);
 
 script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
 script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2007:013 (xine-ui,xine-lib,xine-extra,xine-devel).


This update fixes several format string bugs that can be exploited remotely
with user-assistance to execute arbitrary code.
Since SUSE Linux version 10.1 format string bugs are not exploitable
anymore. (CVE-2007-0017)" );
 script_set_attribute(attribute:"solution", value:
"http://www.novell.com/linux/security/advisories/2007_13_xine.html" );
 script_set_attribute(attribute:"risk_factor", value:"Medium" );



 script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
 script_end_attributes();

 
 summary["english"] = "Check for the version of the xine-ui,xine-lib,xine-extra,xine-devel package";
 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
 family["english"] = "SuSE Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/SuSE/rpm-list");
 exit(0);
}

include("rpm.inc");
if ( rpm_check( reference:"xine-extra-1.1.0-0.1", release:"SUSE10.0") )
{
 security_warning(0);
 exit(0);
}
if ( rpm_check( reference:"xine-lib-1.1.0-0.1", release:"SUSE10.0") )
{
 security_warning(0);
 exit(0);
}
if ( rpm_check( reference:"xine-ui-0.99.4-84.1", release:"SUSE10.0") )
{
 security_warning(0);
 exit(0);
}
if ( rpm_check( reference:"xine-lib-1.0-10.14", release:"SUSE9.3") )
{
 security_warning(0);
 exit(0);
}
if ( rpm_check( reference:"xine-ui-1.0-10.14", release:"SUSE9.3") )
{
 security_warning(0);
 exit(0);
}

Related

suse 1
nessus 7
openvas 7
osv 1
prion 2
cve 2
checkpoint_advisories 1
debian 1
cvelist 2
packetstorm 2
ubuntucve 2
debiancve 1
gentoo 1
securityvulns 1
suse
suse
remote code execution in xine-ui,xine-lib,xine-extra,xine-devel
2007-01-23 12:13:50
nessus
nessus
openSUSE 10 Security Update : xine-lib (xine-lib-2488)
2007-10-17 00:00:00
Debian DSA-1252-1 : vlc - format string
2007-02-09 00:00:00
SuSE 10 Security Update : xine (ZYPP Patch Number 2505)
2007-12-13 00:00:00
openvas
openvas
SuSE Update for xine-ui,xine-lib,xine-extra,xine-devel SUSE-SA:2007:013
2009-01-28 00:00:00
Gentoo Security Advisory GLSA 200701-24 (vlc)
2008-09-24 00:00:00
Debian Security Advisory DSA 1252-1 (vlc)
2008-01-17 00:00:00
osv
osv
vlc
2007-01-27 00:00:00
prion
prion
Format string
2007-01-03 02:28:00
Format string
2007-01-16 23:28:00
cve
cve
CVE-2007-0017
2007-01-03 02:28:00
CVE-2007-0255
2007-01-16 23:28:00
checkpoint_advisories
checkpoint_advisories
VLC udp Handler Format String Code Execution - Ver2 (CVE-2007-0017)
2014-12-28 00:00:00
debian
debian
[SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution
2007-01-27 00:00:00
cvelist
cvelist
CVE-2007-0017
2007-01-03 02:00:00
CVE-2007-0255
2007-01-16 23:00:00
packetstorm
packetstorm
VLCMediaSlayer-x86.pl.txt
2007-01-04 00:00:00
VLCMediaSlayer-ppc.pl.txt
2007-01-04 00:00:00
ubuntucve
ubuntucve
CVE-2007-0017
2007-01-03 00:00:00
CVE-2007-0255
2007-01-16 00:00:00
debiancve
debiancve
CVE-2007-0017
2007-01-03 02:28:00
gentoo
gentoo
VLC media player: Format string vulnerability
2007-01-26 00:00:00
securityvulns
securityvulns
VLC Media Player buffer overflow
2007-01-21 00:00:00
JSON
Related for SUSE_SA_2007_013.NASL
suse1nessus7openvas7osv1prion2cve2checkpoint_advisories1debian1cvelist2packetstorm2ubuntucve2debiancve1gentoo1securityvulns1