ID UBUNTU_USN-655-1.NASL Type nessus Reporter Tenable Modified 2018-11-28T00:00:00
Description
Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.
(CVE-2007-6353)
Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-655-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(37662);
script_version("1.11");
script_cvs_date("Date: 2018/11/28 11:42:05");
script_cve_id("CVE-2007-6353", "CVE-2008-2696");
script_bugtraq_id(26918);
script_xref(name:"USN", value:"655-1");
script_name(english:"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Meder Kydyraliev discovered that exiv2 did not correctly handle
certain EXIF headers. If a user or automated system were tricked into
processing a specially crafted image, a remote attacker could cause
the application linked against libexiv2 to crash, leading to a denial
of service, or possibly executing arbitrary code with user privileges.
(CVE-2007-6353)
Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon
lens EXIF information. If a user or automated system were tricked into
processing a specially crafted image, a remote attacker could cause
the application linked against libexiv2 to crash, leading to a denial
of service. (CVE-2008-2696).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/655-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(189);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:exiv2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
script_set_attribute(attribute:"patch_publication_date", value:"2008/10/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(7\.04|7\.10|8\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 7.04 / 7.10 / 8.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"7.04", pkgname:"exiv2", pkgver:"0.12-0ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libexiv2-0.12", pkgver:"0.12-0ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libexiv2-dev", pkgver:"0.12-0ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libexiv2-doc", pkgver:"0.12-0ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"exiv2", pkgver:"0.15-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libexiv2-0", pkgver:"0.15-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libexiv2-dev", pkgver:"0.15-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libexiv2-doc", pkgver:"0.15-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"exiv2", pkgver:"0.16-3ubuntu1.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libexiv2-2", pkgver:"0.16-3ubuntu1.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libexiv2-dev", pkgver:"0.16-3ubuntu1.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libexiv2-doc", pkgver:"0.16-3ubuntu1.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc");
}
{"id": "UBUNTU_USN-655-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2018-11-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "reporter": "Tenable", "references": ["https://usn.ubuntu.com/655-1/"], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "type": "nessus", "lastseen": "2019-02-21T01:11:47", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-2", "cpe:/o:canonical:ubuntu_linux:7.04"], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6191263196a6502628e0fd3815829c90b5b266a5c464f35125d4ca4bd4e58a8a", "hashmap": [{"hash": "3ab5399acb49634fa9e34acb9c5b4b0f", "key": "pluginID"}, {"hash": "4ecd55678f1d9e26bc4e3babc13a7665", "key": "sourceData"}, {"hash": "b08ab6369608ce80748917543bfb3ff2", "key": "cvelist"}, {"hash": "b41f4048356b1a4e5ed7e33980f77040", "key": "description"}, {"hash": "74ccaef6d3afdbd02a93128dcb1b16c4", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "88873566a6d6bfcc17a4689f15970a74", "key": "cpe"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "91c42085de956d1cd795a1fece982b1e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "id": "UBUNTU_USN-655-1.NASL", "lastseen": "2018-09-02T00:02:33", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "37662", "published": "2009-04-23T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:37:17 $\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:02:33"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "321e46b8cbcf866685541791d9e57953c9a3281def160eb86a06092526d40840", "hashmap": [{"hash": "3ab5399acb49634fa9e34acb9c5b4b0f", "key": "pluginID"}, {"hash": "4ecd55678f1d9e26bc4e3babc13a7665", "key": "sourceData"}, {"hash": "b08ab6369608ce80748917543bfb3ff2", "key": "cvelist"}, {"hash": "b41f4048356b1a4e5ed7e33980f77040", "key": "description"}, {"hash": "74ccaef6d3afdbd02a93128dcb1b16c4", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "91c42085de956d1cd795a1fece982b1e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "id": "UBUNTU_USN-655-1.NASL", "lastseen": "2016-09-26T17:26:00", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "37662", "published": "2009-04-23T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:37:17 $\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:00"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-2", "cpe:/o:canonical:ubuntu_linux:7.04"], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6191263196a6502628e0fd3815829c90b5b266a5c464f35125d4ca4bd4e58a8a", "hashmap": [{"hash": "3ab5399acb49634fa9e34acb9c5b4b0f", "key": "pluginID"}, {"hash": "4ecd55678f1d9e26bc4e3babc13a7665", "key": "sourceData"}, {"hash": "b08ab6369608ce80748917543bfb3ff2", "key": "cvelist"}, {"hash": "b41f4048356b1a4e5ed7e33980f77040", "key": "description"}, {"hash": "74ccaef6d3afdbd02a93128dcb1b16c4", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "88873566a6d6bfcc17a4689f15970a74", "key": "cpe"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "91c42085de956d1cd795a1fece982b1e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "id": "UBUNTU_USN-655-1.NASL", "lastseen": "2017-10-29T13:43:13", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "37662", "published": "2009-04-23T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:37:17 $\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:43:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-2", "cpe:/o:canonical:ubuntu_linux:7.04"], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:09:11", "references": [{"idList": ["FEDORA_2007-4591.NASL", "SUSE_LIBEXIV2-5707.NASL", "MANDRIVA_MDVSA-2008-119.NASL", "DEBIAN_DSA-1474.NASL", "SUSE_LIBEXIV2-4850.NASL", "SUSE_11_0_EXIV2-081022.NASL", "FEDORA_2007-4551.NASL", "GENTOO_GLSA-200712-16.NASL", "MANDRIVA_MDVSA-2008-006.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:DOC:20069", "SECURITYVULNS:VULN:9102", "SECURITYVULNS:VULN:8510"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310830398", "OPENVAS:60078", "OPENVAS:861157", "OPENVAS:840274", "OPENVAS:830398", "OPENVAS:1361412562310830528", "OPENVAS:861473", "OPENVAS:830528"], "type": "openvas"}, {"idList": ["USN-655-1"], "type": "ubuntu"}, {"idList": ["CVE-2008-2696", "CVE-2007-6353"], "type": "cve"}, {"idList": ["GLSA-200712-16"], "type": "gentoo"}, {"idList": ["DEBIAN:DSA-1474-1:1FCA7"], "type": "debian"}, {"idList": ["OSVDB:40249"], "type": "osvdb"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "d42353121251890ac18bfb1d4082d3e72cc307995dbbb7683a8e6fd9c436a3e0", "hashmap": [{"hash": "3ab5399acb49634fa9e34acb9c5b4b0f", "key": "pluginID"}, {"hash": "b08ab6369608ce80748917543bfb3ff2", "key": "cvelist"}, {"hash": "74ccaef6d3afdbd02a93128dcb1b16c4", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f414be69a4e29c7d095f82a3858357f0", "key": "references"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "88873566a6d6bfcc17a4689f15970a74", "key": "cpe"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "460b12446c99e9f96de9e7fe92f5d167", "key": "modified"}, {"hash": "91c42085de956d1cd795a1fece982b1e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "1e4862438dabe8b5b87989cea03a4d3d", "key": "description"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "2cc2e6cf6cf89cdadc94d4b9f20c80f4", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "id": "UBUNTU_USN-655-1.NASL", "lastseen": "2019-01-16T20:09:11", "modified": "2018-11-28T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "37662", "published": "2009-04-23T00:00:00", "references": ["https://usn.ubuntu.com/655-1/"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/28 11:42:05\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/655-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:09:11"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-2", "cpe:/o:canonical:ubuntu_linux:7.04"], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "34c3b5ab339dd4e5c352b2ffe0373398eb411d0fe971380ebe1540acb7aed085", "hashmap": [{"hash": "3ab5399acb49634fa9e34acb9c5b4b0f", "key": "pluginID"}, {"hash": "b08ab6369608ce80748917543bfb3ff2", "key": "cvelist"}, {"hash": "b41f4048356b1a4e5ed7e33980f77040", "key": "description"}, {"hash": "74ccaef6d3afdbd02a93128dcb1b16c4", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f414be69a4e29c7d095f82a3858357f0", "key": "references"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "88873566a6d6bfcc17a4689f15970a74", "key": "cpe"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "460b12446c99e9f96de9e7fe92f5d167", "key": "modified"}, {"hash": "91c42085de956d1cd795a1fece982b1e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "2cc2e6cf6cf89cdadc94d4b9f20c80f4", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "id": "UBUNTU_USN-655-1.NASL", "lastseen": "2018-11-29T19:39:37", "modified": "2018-11-28T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "37662", "published": "2009-04-23T00:00:00", "references": ["https://usn.ubuntu.com/655-1/"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/28 11:42:05\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/655-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-11-29T19:39:37"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-2", "cpe:/o:canonical:ubuntu_linux:7.04"], "cvelist": ["CVE-2008-2696", "CVE-2007-6353"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "3dfda0ec08a0caf175fb0382a7b7067af5d4d583bfcb0af949ffca8dd7415d9f", "hashmap": [{"hash": "3ab5399acb49634fa9e34acb9c5b4b0f", "key": "pluginID"}, {"hash": "4ecd55678f1d9e26bc4e3babc13a7665", "key": "sourceData"}, {"hash": "b08ab6369608ce80748917543bfb3ff2", "key": "cvelist"}, {"hash": "b41f4048356b1a4e5ed7e33980f77040", "key": "description"}, {"hash": "74ccaef6d3afdbd02a93128dcb1b16c4", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "88873566a6d6bfcc17a4689f15970a74", "key": "cpe"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "91c42085de956d1cd795a1fece982b1e", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37662", "id": "UBUNTU_USN-655-1.NASL", "lastseen": "2018-08-30T19:53:00", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "37662", "published": "2009-04-23T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:37:17 $\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "title": "Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:53:00"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "88873566a6d6bfcc17a4689f15970a74"}, {"key": "cvelist", "hash": "b08ab6369608ce80748917543bfb3ff2"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "b41f4048356b1a4e5ed7e33980f77040"}, {"key": "href", "hash": "91c42085de956d1cd795a1fece982b1e"}, {"key": "modified", "hash": "460b12446c99e9f96de9e7fe92f5d167"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "3ab5399acb49634fa9e34acb9c5b4b0f"}, {"key": "published", "hash": "197a63ce57b10c1f43b5342b9dd90820"}, {"key": "references", "hash": "f414be69a4e29c7d095f82a3858357f0"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "2cc2e6cf6cf89cdadc94d4b9f20c80f4"}, {"key": "title", "hash": "74ccaef6d3afdbd02a93128dcb1b16c4"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "34c3b5ab339dd4e5c352b2ffe0373398eb411d0fe971380ebe1540acb7aed085", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-6353", "CVE-2008-2696"]}, {"type": "ubuntu", "idList": ["USN-655-1"]}, {"type": "openvas", "idList": ["OPENVAS:840274", "OPENVAS:861157", "OPENVAS:861473", "OPENVAS:60078", "OPENVAS:830528", "OPENVAS:1361412562310830528", "OPENVAS:1361412562310830398", "OPENVAS:830398"]}, {"type": "nessus", "idList": ["SUSE_LIBEXIV2-4850.NASL", "FEDORA_2007-4551.NASL", "MANDRIVA_MDVSA-2008-006.NASL", "GENTOO_GLSA-200712-16.NASL", "DEBIAN_DSA-1474.NASL", "FEDORA_2007-4591.NASL", "SUSE_LIBEXIV2-5707.NASL", "SUSE_11_0_EXIV2-081022.NASL", "MANDRIVA_MDVSA-2008-119.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200712-16"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9102", "SECURITYVULNS:DOC:20069", "SECURITYVULNS:VULN:8510"]}, {"type": "osvdb", "idList": ["OSVDB:40249"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1474-1:1FCA7"]}], "modified": "2019-02-21T01:11:47"}, "score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-655-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37662);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/28 11:42:05\");\n\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_bugtraq_id(26918);\n script_xref(name:\"USN\", value:\"655-1\");\n\n script_name(english:\"Ubuntu 7.04 / 7.10 / 8.04 LTS : exiv2 vulnerabilities (USN-655-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered that exiv2 did not correctly handle\ncertain EXIF headers. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service, or possibly executing arbitrary code with user privileges.\n(CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon\nlens EXIF information. If a user or automated system were tricked into\nprocessing a specially crafted image, a remote attacker could cause\nthe application linked against libexiv2 to crash, leading to a denial\nof service. (CVE-2008-2696).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/655-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.04\", pkgname:\"exiv2\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-0.12\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.12-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"exiv2\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-0\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-dev\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libexiv2-doc\", pkgver:\"0.15-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"exiv2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-2\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-dev\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexiv2-doc\", pkgver:\"0.16-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-0 / libexiv2-0.12 / libexiv2-2 / libexiv2-dev / etc\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "37662", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-doc", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-dev", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0.12", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-0", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-2", "cpe:/o:canonical:ubuntu_linux:7.04"], "scheme": null}
{"cve": [{"lastseen": "2017-08-08T11:24:23", "bulletinFamily": "NVD", "description": "Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.", "modified": "2017-08-07T21:29:06", "published": "2007-12-19T20:46:00", "id": "CVE-2007-6353", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6353", "title": "CVE-2007-6353", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-08T11:24:43", "bulletinFamily": "NVD", "description": "Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to \"pretty printing\" and the RationalValue::toLong function.", "modified": "2017-08-07T21:31:14", "published": "2008-06-13T15:41:00", "id": "CVE-2008-2696", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2696", "title": "CVE-2008-2696", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:57", "bulletinFamily": "unix", "description": "Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges. (CVE-2007-6353)\n\nJoakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696)", "modified": "2008-10-15T00:00:00", "published": "2008-10-15T00:00:00", "id": "USN-655-1", "href": "https://usn.ubuntu.com/655-1/", "title": "exiv2 vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-12-04T11:29:12", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-655-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840274", "id": "OPENVAS:840274", "title": "Ubuntu Update for exiv2 vulnerabilities USN-655-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_655_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for exiv2 vulnerabilities USN-655-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Meder Kydyraliev discovered that exiv2 did not correctly handle certain\n EXIF headers. If a user or automated system were tricked into processing\n a specially crafted image, a remote attacker could cause the application\n linked against libexiv2 to crash, leading to a denial of service, or\n possibly executing arbitrary code with user privileges. (CVE-2007-6353)\n\n Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon\n lens EXIF information. If a user or automated system were tricked into\n processing a specially crafted image, a remote attacker could cause the\n application linked against libexiv2 to crash, leading to a denial of\n service. (CVE-2008-2696)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-655-1\";\ntag_affected = \"exiv2 vulnerabilities on Ubuntu 7.04 ,\n Ubuntu 7.10 ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-655-1/\");\n script_id(840274);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"655-1\");\n script_cve_id(\"CVE-2007-6353\", \"CVE-2008-2696\");\n script_name( \"Ubuntu Update for exiv2 vulnerabilities USN-655-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libexiv2\", ver:\"0.12_0.12-0ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-dev\", ver:\"0.12-0ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.12-0ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-doc\", ver:\"0.12-0ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-2\", ver:\"0.16-3ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-dev\", ver:\"0.16-3ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.16-3ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-doc\", ver:\"0.16-3ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-0\", ver:\"0.15-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-dev\", ver:\"0.15-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.15-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-doc\", ver:\"0.15-1ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:01", "bulletinFamily": "scanner", "description": "Check for the Version of exiv2", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861473", "id": "OPENVAS:861473", "title": "Fedora Update for exiv2 FEDORA-2007-4551", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for exiv2 FEDORA-2007-4551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"exiv2 on Fedora 8\";\ntag_insight = \"A command line utility to access image metadata, allowing one to:\n * print the Exif metadata of Jpeg images as summary info, interpreted values,\n or the plain data for each tag\n * print the Iptc metadata of Jpeg images\n * print the Jpeg comment of Jpeg images\n * set, add and delete Exif and Iptc metadata of Jpeg images\n * adjust the Exif timestamp (that's how it all started...)\n * rename Exif image files according to the Exif timestamp\n * extract, insert and delete Exif metadata (including thumbnails),\n Iptc metadata and Jpeg comments\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00674.html\");\n script_id(861473);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-4551\");\n script_cve_id(\"CVE-2007-6353\");\n script_name( \"Fedora Update for exiv2 FEDORA-2007-4551\");\n\n script_summary(\"Check for the Version of exiv2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-libs\", rpm:\"exiv2-libs~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-debuginfo\", rpm:\"exiv2-debuginfo~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-devel\", rpm:\"exiv2-devel~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-libs\", rpm:\"exiv2-libs~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-debuginfo\", rpm:\"exiv2-debuginfo~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-devel\", rpm:\"exiv2-devel~0.15~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:09", "bulletinFamily": "scanner", "description": "Check for the Version of exiv2", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861157", "id": "OPENVAS:861157", "title": "Fedora Update for exiv2 FEDORA-2007-4591", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for exiv2 FEDORA-2007-4591\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"exiv2 on Fedora 7\";\ntag_insight = \"A command line utility to access image metadata, allowing one to:\n * print the Exif metadata of Jpeg images as summary info, interpreted values,\n or the plain data for each tag\n * print the Iptc metadata of Jpeg images\n * print the Jpeg comment of Jpeg images\n * set, add and delete Exif and Iptc metadata of Jpeg images\n * adjust the Exif timestamp (that's how it all started...)\n * rename Exif image files according to the Exif timestamp\n * extract, insert and delete Exif metadata (including thumbnails),\n Iptc metadata and Jpeg comments\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00652.html\");\n script_id(861157);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-4591\");\n script_cve_id(\"CVE-2007-6353\");\n script_name( \"Fedora Update for exiv2 FEDORA-2007-4591\");\n\n script_summary(\"Check for the Version of exiv2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-devel\", rpm:\"exiv2-devel~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-debuginfo\", rpm:\"exiv2-debuginfo~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-devel\", rpm:\"exiv2-devel~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"exiv2-debuginfo\", rpm:\"exiv2-debuginfo~0.15~5.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:48", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200712-16.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60078", "id": "OPENVAS:60078", "title": "Gentoo Security Advisory GLSA 200712-16 (exiv2)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An integer overflow vulnerability in Exiv2 possibly allows for the\nexecution of arbitrary code.\";\ntag_solution = \"All Exiv2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/exiv2-0.13-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200712-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=202351\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200712-16.\";\n\n \n\nif(description)\n{\n script_id(60078);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-6353\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200712-16 (exiv2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-gfx/exiv2\", unaffected: make_list(\"ge 0.13-r1\"), vulnerable: make_list(\"lt 0.13-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:23", "bulletinFamily": "scanner", "description": "Check for the Version of exiv2", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830528", "id": "OPENVAS:830528", "title": "Mandriva Update for exiv2 MDVSA-2008:006 (exiv2)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for exiv2 MDVSA-2008:006 (exiv2)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An integer overflow in the Exiv2 library allows context-dependent\n attackers to execute arbitrary code via a crafted EXIF file that\n triggers a heap-based buffer overflow.\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"exiv2 on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00012.php\");\n script_id(830528);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:006\");\n script_cve_id(\"CVE-2007-6353\");\n script_name( \"Mandriva Update for exiv2 MDVSA-2008:006 (exiv2)\");\n\n script_summary(\"Check for the Version of exiv2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:29", "bulletinFamily": "scanner", "description": "Check for the Version of exiv2", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830528", "id": "OPENVAS:1361412562310830528", "type": "openvas", "title": "Mandriva Update for exiv2 MDVSA-2008:006 (exiv2)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for exiv2 MDVSA-2008:006 (exiv2)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An integer overflow in the Exiv2 library allows context-dependent\n attackers to execute arbitrary code via a crafted EXIF file that\n triggers a heap-based buffer overflow.\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"exiv2 on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00012.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830528\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:006\");\n script_cve_id(\"CVE-2007-6353\");\n script_name( \"Mandriva Update for exiv2 MDVSA-2008:006 (exiv2)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of exiv2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.13~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.15~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:42", "bulletinFamily": "scanner", "description": "Check for the Version of exiv2", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830398", "id": "OPENVAS:1361412562310830398", "title": "Mandriva Update for exiv2 MDVSA-2008:119 (exiv2)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for exiv2 MDVSA-2008:119 (exiv2)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in exiv2 that would cause exiv2, or applictions linked\n to libexiv2, to crash on image files with certain metadata in the image\n (CVE-2008-2696).\n\n The updated packages have been patched to prevent this issue.\";\n\ntag_affected = \"exiv2 on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-06/msg00029.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830398\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:119\");\n script_cve_id(\"CVE-2008-2696\");\n script_name( \"Mandriva Update for exiv2 MDVSA-2008:119 (exiv2)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of exiv2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2_2\", rpm:\"libexiv2_2~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2_2-devel\", rpm:\"libexiv2_2-devel~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2_2\", rpm:\"lib64exiv2_2~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2_2-devel\", rpm:\"lib64exiv2_2-devel~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:28", "bulletinFamily": "scanner", "description": "Check for the Version of exiv2", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830398", "id": "OPENVAS:830398", "title": "Mandriva Update for exiv2 MDVSA-2008:119 (exiv2)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for exiv2 MDVSA-2008:119 (exiv2)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in exiv2 that would cause exiv2, or applictions linked\n to libexiv2, to crash on image files with certain metadata in the image\n (CVE-2008-2696).\n\n The updated packages have been patched to prevent this issue.\";\n\ntag_affected = \"exiv2 on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-06/msg00029.php\");\n script_id(830398);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:119\");\n script_cve_id(\"CVE-2008-2696\");\n script_name( \"Mandriva Update for exiv2 MDVSA-2008:119 (exiv2)\");\n\n script_summary(\"Check for the Version of exiv2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.13~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2\", rpm:\"libexiv2~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2\", rpm:\"lib64exiv2~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2-devel\", rpm:\"lib64exiv2-devel~0.15~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2_2\", rpm:\"libexiv2_2~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libexiv2_2-devel\", rpm:\"libexiv2_2-devel~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2_2\", rpm:\"lib64exiv2_2~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64exiv2_2-devel\", rpm:\"lib64exiv2_2-devel~0.16~3.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:10:34", "bulletinFamily": "scanner", "description": "- Mon Dec 17 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.15-5\n\n - CVE-2007-6353 (#425922)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-21T00:00:00", "id": "FEDORA_2007-4551.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29757", "published": "2007-12-24T00:00:00", "title": "Fedora 8 : exiv2-0.15-5.fc8 (2007-4551)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-4551.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29757);\n script_version (\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:04:02 $\");\n\n script_cve_id(\"CVE-2007-6353\");\n script_bugtraq_id(26918);\n script_xref(name:\"FEDORA\", value:\"2007-4551\");\n\n script_name(english:\"Fedora 8 : exiv2-0.15-5.fc8 (2007-4551)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Dec 17 2007 Rex Dieter\n <rdieter[AT]fedoraproject.org> 0.15-5\n\n - CVE-2007-6353 (#425922)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=425921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=425922\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/006136.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?38ef90c2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"exiv2-0.15-5.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"exiv2-debuginfo-0.15-5.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"exiv2-devel-0.15-5.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"exiv2-libs-0.15-5.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / exiv2-debuginfo / exiv2-devel / exiv2-libs\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:11:38", "bulletinFamily": "scanner", "description": "An integer overflow in the Exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.\n\nThe updated packages have been patched to correct these issues.", "modified": "2018-07-19T00:00:00", "id": "MANDRIVA_MDVSA-2008-006.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36426", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : exiv2 (MDVSA-2008:006)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:006. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36426);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2018/07/19 20:59:15\");\n\n script_cve_id(\"CVE-2007-6353\");\n script_xref(name:\"MDVSA\", value:\"2008:006\");\n\n script_name(english:\"Mandriva Linux Security Advisory : exiv2 (MDVSA-2008:006)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An integer overflow in the Exiv2 library allows context-dependent\nattackers to execute arbitrary code via a crafted EXIF file that\ntriggers a heap-based buffer overflow.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64exiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", reference:\"exiv2-0.13-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64exiv2-0.13-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64exiv2-devel-0.13-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libexiv2-0.13-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libexiv2-devel-0.13-1.1mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", reference:\"exiv2-0.15-2.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64exiv2-0.15-2.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64exiv2-devel-0.15-2.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libexiv2-0.15-2.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libexiv2-devel-0.15-2.1mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:35", "bulletinFamily": "scanner", "description": "Specially crafted files could trigger an integer overflow in libexiv2 (CVE-2007-6353).", "modified": "2014-06-13T00:00:00", "id": "SUSE_LIBEXIV2-4850.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29787", "published": "2007-12-24T00:00:00", "title": "openSUSE 10 Security Update : libexiv2 (libexiv2-4850)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libexiv2-4850.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29787);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:11:36 $\");\n\n script_cve_id(\"CVE-2007-6353\");\n\n script_name(english:\"openSUSE 10 Security Update : libexiv2 (libexiv2-4850)\");\n script_summary(english:\"Check for the libexiv2-4850 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted files could trigger an integer overflow in libexiv2\n(CVE-2007-6353).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libexiv2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libexiv2-0.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libexiv2-devel-0.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libexiv2-0.15-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libexiv2-devel-0.15-8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libexiv2 / libexiv2-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:35", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200712-16 (Exiv2: Integer overflow)\n\n Meder Kydyraliev (Google Security) discovered an integer overflow vulnerability in the JpegThumbnail::setDataArea() method leading to a heap-based buffer overflow.\n Impact :\n\n An attacker could entice the user of an application making use of Exiv2 or an application included in Exiv2 to load an image file with specially crafted Exif tags, possibly resulting in the execution of arbitrary code with the privileges of the user running the application.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-07-11T00:00:00", "id": "GENTOO_GLSA-200712-16.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29813", "published": "2007-12-31T00:00:00", "title": "GLSA-200712-16 : Exiv2: Integer overflow", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200712-16.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29813);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2007-6353\");\n script_bugtraq_id(26918);\n script_xref(name:\"GLSA\", value:\"200712-16\");\n\n script_name(english:\"GLSA-200712-16 : Exiv2: Integer overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200712-16\n(Exiv2: Integer overflow)\n\n Meder Kydyraliev (Google Security) discovered an integer overflow\n vulnerability in the JpegThumbnail::setDataArea() method leading to a\n heap-based buffer overflow.\n \nImpact :\n\n An attacker could entice the user of an application making use of Exiv2\n or an application included in Exiv2 to load an image file with\n specially crafted Exif tags, possibly resulting in the execution of\n arbitrary code with the privileges of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200712-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Exiv2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/exiv2-0.13-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/exiv2\", unaffected:make_list(\"ge 0.13-r1\"), vulnerable:make_list(\"lt 0.13-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Exiv2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:39", "bulletinFamily": "scanner", "description": "Meder Kydyraliev discovered an integer overflow in the thumbnail handling of libexif, the EXIF/IPTC metadata manipulation library, which could result in the execution of arbitrary code.", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-1474.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=30066", "published": "2008-01-27T00:00:00", "title": "Debian DSA-1474-1 : exiv2 - integer overflow", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1474. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(30066);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:33\");\n\n script_cve_id(\"CVE-2007-6353\");\n script_xref(name:\"DSA\", value:\"1474\");\n\n script_name(english:\"Debian DSA-1474-1 : exiv2 - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Meder Kydyraliev discovered an integer overflow in the thumbnail\nhandling of libexif, the EXIF/IPTC metadata manipulation library,\nwhich could result in the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1474\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the exiv2 packages.\n\nThe old stable distribution (sarge) doesn't contain exiv2 packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.10-1.5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"exiv2\", reference:\"0.10-1.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libexiv2-0.10\", reference:\"0.10-1.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libexiv2-dev\", reference:\"0.10-1.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libexiv2-doc\", reference:\"0.10-1.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:35", "bulletinFamily": "scanner", "description": "- Mon Dec 17 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.15-5\n\n - CVE-2007-6353 (#425922)\n\n - Tue Sep 18 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.15-4\n\n - -libs: -Requires: %name\n\n - Tue Aug 21 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.15-3\n\n - -libs subpkg to be multilib-friendlier (f8+)\n\n - Sat Aug 11 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.15-2\n\n - License: GPLv2+\n\n - Thu Jul 12 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 0.15-1\n\n - exiv2-0.15\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-21T00:00:00", "id": "FEDORA_2007-4591.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29761", "published": "2007-12-24T00:00:00", "title": "Fedora 7 : exiv2-0.15-5.fc7 (2007-4591)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-4591.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29761);\n script_version (\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:04:02 $\");\n\n script_cve_id(\"CVE-2007-6353\");\n script_bugtraq_id(26918);\n script_xref(name:\"FEDORA\", value:\"2007-4591\");\n\n script_name(english:\"Fedora 7 : exiv2-0.15-5.fc7 (2007-4591)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Dec 17 2007 Rex Dieter\n <rdieter[AT]fedoraproject.org> 0.15-5\n\n - CVE-2007-6353 (#425922)\n\n - Tue Sep 18 2007 Rex Dieter\n <rdieter[AT]fedoraproject.org> 0.15-4\n\n - -libs: -Requires: %name\n\n - Tue Aug 21 2007 Rex Dieter\n <rdieter[AT]fedoraproject.org> 0.15-3\n\n - -libs subpkg to be multilib-friendlier (f8+)\n\n - Sat Aug 11 2007 Rex Dieter\n <rdieter[AT]fedoraproject.org> 0.15-2\n\n - License: GPLv2+\n\n - Thu Jul 12 2007 Rex Dieter\n <rdieter[AT]fedoraproject.org> 0.15-1\n\n - exiv2-0.15\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=425921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=425922\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/006114.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5486bf22\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected exiv2, exiv2-debuginfo and / or exiv2-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"exiv2-0.15-5.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"exiv2-debuginfo-0.15-5.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"exiv2-devel-0.15-5.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / exiv2-debuginfo / exiv2-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:05", "bulletinFamily": "scanner", "description": "This update of exiv2 solves a denial of service bug that can be triggered by using crafted metadata. (CVE-2008-2696)", "modified": "2014-06-13T00:00:00", "id": "SUSE_11_0_EXIV2-081022.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39958", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : exiv2 (exiv2-267)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update exiv2-267.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39958);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:38:12 $\");\n\n script_cve_id(\"CVE-2008-2696\");\n\n script_name(english:\"openSUSE Security Update : exiv2 (exiv2-267)\");\n script_summary(english:\"Check for the exiv2-267 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of exiv2 solves a denial of service bug that can be\ntriggered by using crafted metadata. (CVE-2008-2696)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=435509\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected exiv2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"exiv2-0.16-29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libexiv2-2-0.16-29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libexiv2-devel-0.16-29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libexiv2-2-32bit-0.16-29.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:11:42", "bulletinFamily": "scanner", "description": "A flaw was found in exiv2 that would cause exiv2, or applications linked to libexiv2, to crash on image files with certain metadata in the image (CVE-2008-2696).\n\nThe updated packages have been patched to prevent this issue.", "modified": "2018-07-19T00:00:00", "id": "MANDRIVA_MDVSA-2008-119.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36938", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : exiv2 (MDVSA-2008:119)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:119. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36938);\n script_version (\"1.12\");\n script_cvs_date(\"Date: 2018/07/19 20:59:15\");\n\n script_cve_id(\"CVE-2008-2696\");\n script_xref(name:\"MDVSA\", value:\"2008:119\");\n\n script_name(english:\"Mandriva Linux Security Advisory : exiv2 (MDVSA-2008:119)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in exiv2 that would cause exiv2, or applications\nlinked to libexiv2, to crash on image files with certain metadata in\nthe image (CVE-2008-2696).\n\nThe updated packages have been patched to prevent this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64exiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64exiv2_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64exiv2_2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexiv2_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexiv2_2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", reference:\"exiv2-0.13-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64exiv2-0.13-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64exiv2-devel-0.13-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libexiv2-0.13-1.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libexiv2-devel-0.13-1.2mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", reference:\"exiv2-0.15-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64exiv2-0.15-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64exiv2-devel-0.15-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libexiv2-0.15-2.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libexiv2-devel-0.15-2.2mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"exiv2-0.16-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64exiv2_2-0.16-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64exiv2_2-devel-0.16-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libexiv2_2-0.16-3.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libexiv2_2-devel-0.16-3.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:11:17", "bulletinFamily": "scanner", "description": "This update of libexiv2 solves a denial of service bug that can be triggered by using crafted metadata. (CVE-2008-2696)", "modified": "2014-06-13T00:00:00", "id": "SUSE_LIBEXIV2-5707.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=34509", "published": "2008-10-29T00:00:00", "title": "openSUSE 10 Security Update : libexiv2 (libexiv2-5707)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libexiv2-5707.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34509);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:11:36 $\");\n\n script_cve_id(\"CVE-2008-2696\");\n\n script_name(english:\"openSUSE 10 Security Update : libexiv2 (libexiv2-5707)\");\n script_summary(english:\"Check for the libexiv2-5707 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libexiv2 solves a denial of service bug that can be\ntriggered by using crafted metadata. (CVE-2008-2696)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libexiv2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libexiv2-0.11-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libexiv2-devel-0.11-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libexiv2-0.15-8.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libexiv2-devel-0.15-8.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libexiv2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:07", "bulletinFamily": "unix", "description": "### Background\n\nExiv2 is a C++ library and set of tools for parsing, editing and saving Exif and IPTC metadata from images. Exif, the Exchangeable image file format, specifies the addition of metadata tags to JPEG, TIFF and RIFF files. \n\n### Description\n\nMeder Kydyraliev (Google Security) discovered an integer overflow vulnerability in the JpegThumbnail::setDataArea() method leading to a heap-based buffer overflow. \n\n### Impact\n\nAn attacker could entice the user of an application making use of Exiv2 or an application included in Exiv2 to load an image file with specially crafted Exif tags, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Exiv2 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/exiv2-0.13-r1\"", "modified": "2007-12-29T00:00:00", "published": "2007-12-29T00:00:00", "id": "GLSA-200712-16", "href": "https://security.gentoo.org/glsa/200712-16", "type": "gentoo", "title": "Exiv2: Integer overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "description": "Division by zero on zero Nikon lens metadata parameter.", "modified": "2008-06-23T00:00:00", "published": "2008-06-23T00:00:00", "id": "SECURITYVULNS:VULN:9102", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9102", "title": "exiv2 / libexiv2 DoS", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:26", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDVSA-2008:119\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : exiv2\r\n Date : June 19, 2008\r\n Affected: 2007.1, 2008.0, 2008.1\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n A flaw was found in exiv2 that would cause exiv2, or applictions linked\r\n to libexiv2, to crash on image files with certain metadata in the image\r\n (CVE-2008-2696).\r\n \r\n The updated packages have been patched to prevent this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 2007.1:\r\n 137ec114723baf0d68d42905db8b8e33 2007.1/i586/exiv2-0.13-1.2mdv2007.1.i586.rpm\r\n ba496c25fae6bc9c2f11211d8a89f9c1 2007.1/i586/libexiv2-0.13-1.2mdv2007.1.i586.rpm\r\n c70a9fa23b6d44a94283ac82450c868b 2007.1/i586/libexiv2-devel-0.13-1.2mdv2007.1.i586.rpm \r\n a79c44c1d7fa86dcfeca9764e8e15ee0 2007.1/SRPMS/exiv2-0.13-1.2mdv2007.1.src.rpm\r\n\r\n Mandriva Linux 2007.1/X86_64:\r\n 359e786ec723e0e2e7d486e84e8881c6 2007.1/x86_64/exiv2-0.13-1.2mdv2007.1.x86_64.rpm\r\n 479ddc4f5fca0cae1fe82b7c1d36b25f 2007.1/x86_64/lib64exiv2-0.13-1.2mdv2007.1.x86_64.rpm\r\n 55d15a99a63b56e08aee64f7764c1159 2007.1/x86_64/lib64exiv2-devel-0.13-1.2mdv2007.1.x86_64.rpm \r\n a79c44c1d7fa86dcfeca9764e8e15ee0 2007.1/SRPMS/exiv2-0.13-1.2mdv2007.1.src.rpm\r\n\r\n Mandriva Linux 2008.0:\r\n 50b49d19718687c430b2991d41432387 2008.0/i586/exiv2-0.15-2.2mdv2008.0.i586.rpm\r\n 31fc362f85f0d642ec7813d422a6b260 2008.0/i586/libexiv2-0.15-2.2mdv2008.0.i586.rpm\r\n 9da5055f6a7b5ffd3e23be557bba0e08 2008.0/i586/libexiv2-devel-0.15-2.2mdv2008.0.i586.rpm \r\n c8cf851fb5e77386e255908a2b7f9ba5 2008.0/SRPMS/exiv2-0.15-2.2mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n d58c54957f4a135b1264c0961660ed48 2008.0/x86_64/exiv2-0.15-2.2mdv2008.0.x86_64.rpm\r\n 042331921b92b72512d428659dda09f0 2008.0/x86_64/lib64exiv2-0.15-2.2mdv2008.0.x86_64.rpm\r\n da07bde17caea7c8c3bcd3e46f1bc14b 2008.0/x86_64/lib64exiv2-devel-0.15-2.2mdv2008.0.x86_64.rpm \r\n c8cf851fb5e77386e255908a2b7f9ba5 2008.0/SRPMS/exiv2-0.15-2.2mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.1:\r\n 69b4af073a960edc70b54d117d280760 2008.1/i586/exiv2-0.16-3.1mdv2008.1.i586.rpm\r\n 223e0e2bbbd9affa6d28b1c15109eb91 2008.1/i586/libexiv2_2-0.16-3.1mdv2008.1.i586.rpm\r\n 735c29dc07f50d7a7e56ad4b0bb862ff 2008.1/i586/libexiv2_2-devel-0.16-3.1mdv2008.1.i586.rpm \r\n e571687d2755d0329d6b27f7d9701042 2008.1/SRPMS/exiv2-0.16-3.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 1cf7ec6ed39fd9b1622ad85f3b294b3b 2008.1/x86_64/exiv2-0.16-3.1mdv2008.1.x86_64.rpm\r\n 6a1e8eae411f48a28463f922c1d1ba09 2008.1/x86_64/lib64exiv2_2-0.16-3.1mdv2008.1.x86_64.rpm\r\n 0f18947fdf8ed8a3b265cab81d4f305f 2008.1/x86_64/lib64exiv2_2-devel-0.16-3.1mdv2008.1.x86_64.rpm \r\n e571687d2755d0329d6b27f7d9701042 2008.1/SRPMS/exiv2-0.16-3.1mdv2008.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFIXG/qmqjQ0CJFipgRApeGAJwIgBJ5rAqtnS1nrojl5L8ZkRSM4wCeKEjl\r\nNgFejtymEXzoMsOqC2tkiwg=\r\n=s2Fh\r\n-----END PGP SIGNATURE-----", "modified": "2008-06-23T00:00:00", "published": "2008-06-23T00:00:00", "id": "SECURITYVULNS:DOC:20069", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20069", "title": "[ MDVSA-2008:119 ] - Updated exiv2 packages fix vulnerability", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "description": "Multiple DoS conditions, integer overflows, buffer overflows on parsing JPEG/TIFF/RIFF EXIF data.", "modified": "2007-12-29T00:00:00", "published": "2007-12-29T00:00:00", "id": "SECURITYVULNS:VULN:8510", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8510", "title": "Multiple security vulnerabilities in different Exif libraries (libexif, exiv2, exiftags)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:36", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific Solution URL: http://security.gentoo.org/glsa/glsa-200712-16.xml\nVendor Specific News/Changelog Entry: https://bugzilla.redhat.com/show_bug.cgi?id=425921\nVendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=202351\n[Secunia Advisory ID:28132](https://secuniaresearch.flexerasoftware.com/advisories/28132/)\n[Secunia Advisory ID:28178](https://secuniaresearch.flexerasoftware.com/advisories/28178/)\n[Secunia Advisory ID:28267](https://secuniaresearch.flexerasoftware.com/advisories/28267/)\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00652.html\nISS X-Force ID: 39118\nFrSIRT Advisory: ADV-2007-4252\n[CVE-2007-6353](https://vulners.com/cve/CVE-2007-6353)\nBugtraq ID: 26918\n", "modified": "2007-12-15T00:00:00", "published": "2007-12-15T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:40249", "id": "OSVDB:40249", "title": "exiv2 exif.cpp Crafted EXIF File Arbitrary Code Execution", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:13:36", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1474-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 23, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : exiv2\nVulnerability : integer overflow\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-6353\n\nMeder Kydyraliev discovered an integer overflow in the thumbnail\nhandling of libexif, the EXIF/IPTC metadata manipulation library, which\ncould result in the execution of arbitrary code.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.10-1.5.\n\nThe old stable distribution (sarge) doesn't contain exiv2 packages.\n\nWe recommend that you upgrade your exiv2 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5.diff.gz\n Size/MD5 checksum: 31515 ff0fc3ef64872fbb591f7258620f5f0b\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5.dsc\n Size/MD5 checksum: 660 ed1b77214142dfedc6c6d88d475987d9\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10.orig.tar.gz\n Size/MD5 checksum: 2053756 5af2256fb9895d9331684e8c1865b956\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-doc_0.10-1.5_all.deb\n Size/MD5 checksum: 1471716 ba3233f1b9cf71d3bf45ce0790942af9\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_alpha.deb\n Size/MD5 checksum: 82506 a1c6311554e0301f3e5707ce45b12c44\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_alpha.deb\n Size/MD5 checksum: 315770 08a274e26723b6644121a77718650df8\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_alpha.deb\n Size/MD5 checksum: 716946 65bd53cad7fe49bd5a8b52c18845531d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_amd64.deb\n Size/MD5 checksum: 75710 214d62419a4da25d2c43119992adc1b8\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_amd64.deb\n Size/MD5 checksum: 546036 b1d63a71e00c934d14f3263d626466a2\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_amd64.deb\n Size/MD5 checksum: 282494 0b963505e15fc126583c08b4d6a8671e\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_arm.deb\n Size/MD5 checksum: 88084 05fbc6853bc2517e58e587bc2e45942c\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_arm.deb\n Size/MD5 checksum: 311516 12a1dbbc1dc560187fec31152836831e\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_arm.deb\n Size/MD5 checksum: 552870 9e6da478b70cac4cd297c1a2efe8713f\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_hppa.deb\n Size/MD5 checksum: 642320 b55a5e8930f4e4fec0e1b83fd2f8d9f8\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_hppa.deb\n Size/MD5 checksum: 349652 520fcd26a32bcb915f1221a7cc09d342\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_hppa.deb\n Size/MD5 checksum: 82724 643c5f109ad8b0b1e4f2d9ee35cf8283\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_i386.deb\n Size/MD5 checksum: 75758 33830c83524ab3ea4fb72ed5fad9889a\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_i386.deb\n Size/MD5 checksum: 509668 5871ee4d12d7833b55434a0bd2c78804\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_i386.deb\n Size/MD5 checksum: 283882 32dc3334472467a5642b3ebf70d73f83\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_ia64.deb\n Size/MD5 checksum: 730890 47ae5bab36a976e9d4c9d20c7e059e06\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_ia64.deb\n Size/MD5 checksum: 95450 1a14407cb292d2a7991a34434d971878\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_ia64.deb\n Size/MD5 checksum: 368756 4c9297fa105c67af45b7971f0b00c299\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_mips.deb\n Size/MD5 checksum: 271654 811dc70c015b27cdcc94bad7147a0fa4\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_mips.deb\n Size/MD5 checksum: 586988 fbd433a7f7369be1cff39f9d79b1395e\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_mips.deb\n Size/MD5 checksum: 73684 beaaf91359bb0b3d0f3a22a1cade1505\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_mipsel.deb\n Size/MD5 checksum: 583038 de9ddb262ef8f49e0512119206ef63b0\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_mipsel.deb\n Size/MD5 checksum: 73176 f5d016a0b5e2ec60ef2e2d3446e363b3\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_mipsel.deb\n Size/MD5 checksum: 267776 68fa9f26c0c3fbbda74bd6139e332615\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_powerpc.deb\n Size/MD5 checksum: 296440 a306748aafa37fa4d7874f817520f71f\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_powerpc.deb\n Size/MD5 checksum: 569730 cbf10c6a2166a27406dee3e151ec498b\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_powerpc.deb\n Size/MD5 checksum: 76080 dd8f0bfdddf9896fa21dd455a8c30052\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_s390.deb\n Size/MD5 checksum: 70088 6a1550294fdf218741ca998c621825b5\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_s390.deb\n Size/MD5 checksum: 534022 d2b1f2455e02e16a300f0478c4b40779\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_s390.deb\n Size/MD5 checksum: 288842 2134f38671787dd40a582deda5771824\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-0.10_0.10-1.5_sparc.deb\n Size/MD5 checksum: 306884 0cff748083910cd2359765fef3d3b6e0\n http://security.debian.org/pool/updates/main/e/exiv2/libexiv2-dev_0.10-1.5_sparc.deb\n Size/MD5 checksum: 511544 97c2efefdb8d3067d88b82763e7eba6e\n http://security.debian.org/pool/updates/main/e/exiv2/exiv2_0.10-1.5_sparc.deb\n Size/MD5 checksum: 73494 89d72b486036f6bfabde2cbfc1c16986\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2008-01-23T21:41:11", "published": "2008-01-23T21:41:11", "id": "DEBIAN:DSA-1474-1:1FCA7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00036.html", "title": "[SECURITY] [DSA 1474-1] New exiv2 packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}