The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2008 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.60360");
script_cve_id("CVE-2007-2645", "CVE-2007-6351", "CVE-2007-6352");
script_tag(name:"creation_date", value:"2008-02-15 22:29:21 +0000 (Fri, 15 Feb 2008)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("Debian: Security Advisory (DSA-1487-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB(3\.1|4)");
script_xref(name:"Advisory-ID", value:"DSA-1487-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2008/DSA-1487-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-1487");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'libexif' package(s) announced via the DSA-1487-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several vulnerabilities have been discovered in the EXIF parsing code of the libexif library, which can lead to denial of service or the execution of arbitrary code if a user is tricked into opening a malformed image. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2007-2645
Victor Stinner discovered an integer overflow, which may result in denial of service or potentially the execution of arbitrary code.
CVE-2007-6351
Meder Kydyraliev discovered an infinite loop, which may result in denial of service.
CVE-2007-6352
Victor Stinner discovered an integer overflow, which may result in denial of service or potentially the execution of arbitrary code.
This update also fixes two potential NULL pointer deferences.
For the old stable distribution (sarge), these problems have been fixed in 0.6.9-6sarge2.
For the stable distribution (etch), these problems have been fixed in version 0.6.13-5etch2.
We recommend that you upgrade your libexif packages.");
script_tag(name:"affected", value:"'libexif' package(s) on Debian 3.1, Debian 4.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB3.1") {
if(!isnull(res = isdpkgvuln(pkg:"libexif-dev", ver:"0.6.9-6sarge2", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libexif10", ver:"0.6.9-6sarge2", rls:"DEB3.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "DEB4") {
if(!isnull(res = isdpkgvuln(pkg:"libexif-dev", ver:"0.6.13-5etch2", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libexif12", ver:"0.6.13-5etch2", rls:"DEB4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);