Lucene search
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-330-1.NASLHistoryNov 10, 2007 - 12:00 a.m.
Ubuntu 5.04 / 5.10 / 6.06 LTS : tiff vulnerabilities (USN-330-1)
2007-11-1000:00:00
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application’s privileges.
This library is used in many client and server applications, thus you should reboot your computer after the upgrade to ensure that all running programs use the new version of the library.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-330-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(27909);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2006-3459", "CVE-2006-3460", "CVE-2006-3461", "CVE-2006-3462", "CVE-2006-3463", "CVE-2006-3464", "CVE-2006-3465");
script_xref(name:"USN", value:"330-1");
script_name(english:"Ubuntu 5.04 / 5.10 / 6.06 LTS : tiff vulnerabilities (USN-330-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Tavis Ormandy discovered that the TIFF library did not sufficiently
check handled images for validity. By tricking an user or an automated
system into processing a specially crafted TIFF image, an attacker
could exploit these weaknesses to execute arbitrary code with the
target application's privileges.
This library is used in many client and server applications, thus you
should reboot your computer after the upgrade to ensure that all
running programs use the new version of the library.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/330-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Apple iOS MobileMail LibTIFF Buffer Overflow');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_cwe_id(189);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtiff-opengl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtiff-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtiff4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtiff4-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtiffxx0c2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
script_set_attribute(attribute:"patch_publication_date", value:"2006/08/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(5\.04|5\.10|6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.04 / 5.10 / 6.06", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"5.04", pkgname:"libtiff-tools", pkgver:"3.6.1-5ubuntu0.6")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libtiff4", pkgver:"3.6.1-5ubuntu0.6")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libtiff4-dev", pkgver:"3.6.1-5ubuntu0.6")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libtiff-opengl", pkgver:"3.7.3-1ubuntu1.5")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libtiff-tools", pkgver:"3.7.3-1ubuntu1.5")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libtiff4", pkgver:"3.7.3-1ubuntu1.5")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libtiff4-dev", pkgver:"3.7.3-1ubuntu1.5")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libtiffxx0c2", pkgver:"3.7.3-1ubuntu1.5")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libtiff-opengl", pkgver:"3.7.4-1ubuntu3.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libtiff-tools", pkgver:"3.7.4-1ubuntu3.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libtiff4", pkgver:"3.7.4-1ubuntu3.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libtiff4-dev", pkgver:"3.7.4-1ubuntu3.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libtiffxx0c2", pkgver:"3.7.4-1ubuntu3.2")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtiff-opengl / libtiff-tools / libtiff4 / libtiff4-dev / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | libtiff-opengl | p-cpe:/a:canonical:ubuntu_linux:libtiff-opengl |
| canonical | ubuntu_linux | libtiff-tools | p-cpe:/a:canonical:ubuntu_linux:libtiff-tools |
| canonical | ubuntu_linux | libtiff4 | p-cpe:/a:canonical:ubuntu_linux:libtiff4 |
| canonical | ubuntu_linux | libtiff4-dev | p-cpe:/a:canonical:ubuntu_linux:libtiff4-dev |
| canonical | ubuntu_linux | libtiffxx0c2 | p-cpe:/a:canonical:ubuntu_linux:libtiffxx0c2 |
| canonical | ubuntu_linux | 5.04 | cpe:/o:canonical:ubuntu_linux:5.04 |
| canonical | ubuntu_linux | 5.10 | cpe:/o:canonical:ubuntu_linux:5.10 |
| canonical | ubuntu_linux | 6.06 | cpe:/o:canonical:ubuntu_linux:6.06:-:lts |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465
usn.ubuntu.com/330-1/
Related
suse
suse
possible remote code execution in libtiff
2006-08-01 16:39:12
openvas
openvas
Debian Security Advisory DSA 1137-1 (tiff)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1137-1)
2008-01-17 00:00:00
SLES9: Security update for libtiff
2009-10-10 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : libtiff (MDKSA-2006:137)
2006-12-16 00:00:00
GLSA-200608-07 : libTIFF: Multiple vulnerabilities
2006-08-07 00:00:00
debian
debian
[SECURITY] [DSA 1137-1] New tiff packages fix several vulnerabilities
2006-08-02 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2006-08-04 00:00:00
osv
osv
tiff - several vulnerabilities
2006-08-02 00:00:00
slackware
slackware
[slackware-security] libtiff
2006-08-18 08:00:57
ubuntu
ubuntu
tiff vulnerabilities
2006-08-03 00:00:00
seebug
seebug
Libtiff图形库多个安全漏洞
2006-11-04 00:00:00
Adobe Reader和Acrobat TIFF图像处理缓冲区溢出漏洞
2010-02-20 00:00:00
securityvulns
securityvulns
oraclelinux
oraclelinux
kdegraphics security update
2007-03-22 00:00:00
libtiff security update
2007-03-22 00:00:00
centos
centos
libtiff security update
2006-08-04 19:40:44
libtiff security update
2006-08-03 03:41:45
kdegraphics security update
2006-08-28 13:40:53
redhat
redhat
(RHSA-2006:0603) libtiff security update
2006-08-02 00:00:00
(RHSA-2006:0648) kdegraphics security update
2006-08-28 00:00:00
cve
cve
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:11:52
Arbitrary Code Execution
2020-04-10 00:11:53
Arbitrary Code Execution
2020-04-10 00:11:52
ubuntucve
ubuntucve
debiancve
debiancve
zdi
zdi
Related for UBUNTU_USN-330-1.NASL