Lucene search
Copyright (C) 2008 Greenbone AGOPENVAS:136141256231058729HistoryJan 17, 2008 - 12:00 a.m.
Debian: Security Advisory (DSA-1397-1)
2008-01-1700:00:00
Copyright (C) 2008 Greenbone AG
plugins.openvas.org
7
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.021
Percentile
89.4%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2008 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.58729");
script_cve_id("CVE-2007-5197");
script_tag(name:"creation_date", value:"2008-01-17 22:19:52 +0000 (Thu, 17 Jan 2008)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian: Security Advisory (DSA-1397-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB4");
script_xref(name:"Advisory-ID", value:"DSA-1397-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2007/DSA-1397-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-1397");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'mono' package(s) announced via the DSA-1397-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"An integer overflow in the BigInteger data type implementation has been discovered in the free .NET runtime Mono.
The oldstable distribution (sarge) doesn't contain mono.
For the stable distribution (etch) this problem has been fixed in version 1.2.2.1-1etch1. A powerpc build will be provided later.
The unstable distribution (sid) will be fixed soon.
We recommend that you upgrade your mono packages.");
script_tag(name:"affected", value:"'mono' package(s) on Debian 4.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB4") {
if(!isnull(res = isdpkgvuln(pkg:"libmono-accessibility1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-accessibility2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-bytefx0.7.6.1-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-bytefx0.7.6.2-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-c5-1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-cairo1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-cairo2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-corlib1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-corlib2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-cscompmgd7.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-cscompmgd8.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-data-tds1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-data-tds2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-dev", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-firebirdsql1.7-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-ldap1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-ldap2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-microsoft-build2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-microsoft7.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-microsoft8.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-npgsql1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-npgsql2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-oracle1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-oracle2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-peapi1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-peapi2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-relaxng1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-relaxng2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-security1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-security2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-sharpzip0.6-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-sharpzip0.84-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-sharpzip2.6-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-sharpzip2.84-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-sqlite1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-sqlite2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-data1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-data2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-ldap1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-ldap2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-messaging1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-messaging2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-runtime1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-runtime2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-web1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system-web2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-system2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-winforms1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono-winforms2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono0", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono1.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmono2.0-cil", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-common", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-devel", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-gac", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-gmcs", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-jay", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-jit", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-mcs", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-mjs", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-runtime", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mono-utils", ver:"1.2.2.1-1etch1", rls:"DEB4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
gentoo
gentoo
Mono: Buffer overflow
2007-11-07 00:00:00
debiancve
debiancve
CVE-2007-5197
2007-11-02 16:46:00
osv
osv
mono - buffer overflow
2007-11-03 00:00:00
openvas
openvas
Fedora Update for mono FEDORA-2007-2969
2009-02-27 00:00:00
Ubuntu Update for mono vulnerability USN-553-1
2009-03-23 00:00:00
Mandriva Update for mono MDKSA-2007:218 (mono)
2009-04-09 00:00:00
nessus
nessus
Debian DSA-1397-1 : mono - integer overflow
2007-11-05 00:00:00
SuSE 10 Security Update : Mono (ZYPP Patch Number 4453)
2007-12-13 00:00:00
Mandrake Linux Security Advisory : mono (MDKSA-2007:218)
2007-11-15 00:00:00
nvd
nvd
CVE-2007-5197
2007-11-02 16:46:00
ubuntucve
ubuntucve
CVE-2007-5197
2007-11-02 00:00:00
securityvulns
securityvulns
mono .Net runtime integer overflow
2007-11-05 00:00:00
[SECURITY] [DSA 1397-1] New mono packages fix integer overflow
2007-11-05 00:00:00
prion
prion
Buffer overflow
2007-11-02 16:46:00
redhatcve
redhatcve
CVE-2007-5197
2019-10-04 21:00:54
cvelist
cvelist
CVE-2007-5197
2007-11-02 16:00:00
cve
cve
CVE-2007-5197
2007-11-02 16:46:00
fedora
fedora
[SECURITY] Fedora 8 Update: mono-1.2.5.1-2.fc8
2007-11-08 06:01:19
[SECURITY] Fedora 7 Update: mono-1.2.3-5.fc7
2007-11-09 23:55:04
[SECURITY] Fedora Core 6 Update: mono-1.1.17.1-5.fc6
2007-11-15 15:38:51
ubuntu
ubuntu
Mono vulnerability
2007-12-04 00:00:00
seebug
seebug
Mono System.Math BigIntegerζ΄ζ°ζΊ’εΊζΌζ΄
2007-11-08 00:00:00
debian
debian
[SECURITY] [DSA 1397-1] New mono packages fix integer overflow
2007-11-03 15:52:14
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.021
Percentile
89.4%
Related for OPENVAS:136141256231058729