Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.UBUNTU_USN-1-1.NASL
HistoryJan 15, 2006 - 12:00 a.m.

Ubuntu 4.10 : PNG library vulnerabilities (USN-1-1)

2006-01-1500:00:00
Ubuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
www.tenable.com
17
JSON

Several integer overflow vulnerabilities were discovered in the PNG library. These vulnerabilities could be exploited by an attacker by providing a specially crafted PNG image which, when processed by the PNG library, could result in the execution of program code provided by the attacker.

The PNG library is used by a variety of software packages for different purposes, so the exact nature of the exposure will vary depending on the software involved.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(20484);
  script_version("1.33");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2004-0599");
  script_xref(name:"USN", value:"1-1");

  script_name(english:"Ubuntu 4.10 : PNG library vulnerabilities (USN-1-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several integer overflow vulnerabilities were discovered in the PNG
library. These vulnerabilities could be exploited by an attacker by
providing a specially crafted PNG image which, when processed by the
PNG library, could result in the execution of program code provided by
the attacker.

The PNG library is used by a variety of software packages for
different purposes, so the exact nature of the exposure will vary
depending on the software involved.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng10-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng10-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng12-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng12-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng2-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng3-dev");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/10/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(4\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"4.10", pkgname:"libpng10-0", pkgver:"1.0.15-6ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng10-dev", pkgver:"1.0.15-6ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng12-0", pkgver:"1.2.5.0-7ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng12-dev", pkgver:"1.2.5.0-7ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng2", pkgver:"1.0.15-6ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng2-dev", pkgver:"1.0.15-6ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng3", pkgver:"1.2.5.0-7ubuntu1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpng3-dev", pkgver:"1.2.5.0-7ubuntu1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng10-0 / libpng10-dev / libpng12-0 / libpng12-dev / libpng2 / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxlibpng10-0p-cpe:/a:canonical:ubuntu_linux:libpng10-0
canonicalubuntu_linuxlibpng10-devp-cpe:/a:canonical:ubuntu_linux:libpng10-dev
canonicalubuntu_linuxlibpng12-0p-cpe:/a:canonical:ubuntu_linux:libpng12-0
canonicalubuntu_linuxlibpng12-devp-cpe:/a:canonical:ubuntu_linux:libpng12-dev
canonicalubuntu_linuxlibpng2p-cpe:/a:canonical:ubuntu_linux:libpng2
canonicalubuntu_linuxlibpng2-devp-cpe:/a:canonical:ubuntu_linux:libpng2-dev
canonicalubuntu_linuxlibpng3p-cpe:/a:canonical:ubuntu_linux:libpng3
canonicalubuntu_linuxlibpng3-devp-cpe:/a:canonical:ubuntu_linux:libpng3-dev
canonicalubuntu_linux4.10cpe:/o:canonical:ubuntu_linux:4.10

Related

osv 3
nessus 23
cert 5
cve 2
openvas 20
ubuntucve 1
securityvulns 6
gentoo 2
f5 2
freebsd 1
slackware 3
redhat 2
suse 2
debian 1
osv
osv
libpng3 - buffer overflows, integer overflow
2004-10-20 00:00:00
libpng - integer overflow
2004-10-20 00:00:00
libpng - several vulnerabilities
2004-08-04 00:00:00
nessus
nessus
Debian DSA-571-1 : libpng3 - buffer overflows, integer overflow
2004-11-10 00:00:00
Debian DSA-570-1 : libpng - integer overflow
2004-11-10 00:00:00
FreeBSD : libpng stack-based buffer overflow and other code concerns (f9e3e60b-e650-11d8-9b0a-000347a4fa7d)
2009-04-23 00:00:00
cert
cert
libpng integer overflow in image height processing
2004-08-04 00:00:00
libpng contains integer overflows in progressive display image reading
2004-08-04 00:00:00
libpng png_handle_iCCP() NULL pointer dereference
2004-08-04 00:00:00
cve
cve
CVE-2004-0599
2004-11-23 05:00:00
CVE-2004-0955
2004-12-23 05:00:00
openvas
openvas
Debian Security Advisory DSA 570-1 (libpng)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-570-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 571-1 (libpng3)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-0599
2004-11-23 00:00:00
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA04-217A -- Multiple Vulnerabilities in libpng
2004-08-05 00:00:00
CESA-2004-001: libpng
2004-08-05 00:00:00
Microsoft Security Bulletin MS05-009 Vulnerability in PNG Processing Could Allow Remote Code Execution &#40;890261&#41;
2005-02-08 00:00:00
gentoo
gentoo
libpng: Numerous vulnerabilities
2004-08-05 00:00:00
Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities
2004-08-23 00:00:00
f5
f5
Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
2007-05-17 04:00:00
SOL4009 - Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
2007-05-16 00:00:00
freebsd
freebsd
libpng stack-based buffer overflow and other code concerns
2004-08-04 00:00:00
slackware
slackware
libpng
2004-08-09 20:40:50
[slackware-security] imagemagick
2004-08-10 21:26:39
[slackware-security] Mozilla
2004-08-10 21:17:12
redhat
redhat
(RHSA-2004:402) libpng security update
2004-08-04 00:00:00
(RHSA-2004:421) mozilla security update
2004-08-04 00:00:00
suse
suse
remote system compromise in libpng
2004-08-04 15:12:06
remote file disclosure in samba
2004-10-05 14:57:32
debian
debian
[SECURITY] [DSA 536-1] New libpng, libpng3 packages fix multiple vulnerabilities
2004-08-05 02:10:24
JSON
Related for UBUNTU_USN-1-1.NASL
osv3nessus23cert5cve2openvas20ubuntucve1securityvulns6gentoo2f52freebsd1slackware3redhat2suse2debian1