| Reporter | Title | Published | Views | Family All 28 |
|---|---|---|---|---|
| Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information | 28 Apr 201500:00 | – | bdu_fstec | |
| xli -- integer overflows in image size calculations | 8 Feb 200500:00 | – | freebsd | |
| CAN-2005-0639 | 23 Feb 202418:05 | – | cve | |
| CVE-2005-0639 | 4 Mar 200505:00 | – | cve | |
| CVE-2005-0639 | 4 Mar 200505:00 | – | cvelist | |
| [SECURITY] [DSA 694-1] New xloadimage packages fix several vulnerabilities | 21 Mar 200510:14 | – | debian | |
| [SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities | 21 Mar 200514:09 | – | debian | |
| CVE-2005-0639 | 4 Mar 200505:00 | – | debiancve | |
| Debian DSA-694-1 : xloadimage - missing input sanitising, integer overflow | 21 Mar 200500:00 | – | nessus | |
| Debian DSA-695-1 : xli - buffer overflow, input sanitising, integer overflow | 21 Mar 200500:00 | – | nessus |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53005");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2005-0639");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("FreeBSD Ports: xli");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdrel");
script_tag(name:"insight", value:"The following package is affected: xli
CVE-2005-0639
Multiple vulnerabilities in xli before 1.17 may allow remote attackers
to execute arbitrary code via 'buffer management errors' from certain
image properties, some of which may be related to integer overflows in
PPM files.");
script_tag(name:"solution", value:"Update your system with the appropriate patches or
software upgrades.");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=79762");
script_xref(name:"URL", value:"http://pantransit.reptiles.org/prog/xli/CHANGES");
script_xref(name:"URL", value:"http://www.vuxml.org/freebsd/bfbbd505-3bd6-409c-8c67-445d3635cf4b.html");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-bsd.inc");
vuln = FALSE;
txt = "";
bver = portver(pkg:"xli");
if(!isnull(bver) && revcomp(a:bver, b:"1.17.0_1")<=0) {
txt += 'Package xli version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
if(vuln) {
security_message(data:txt);
} else if (__pkg_match) {
exit(99);
}Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation