Lucene search
Copyright (C) 2009 E-Soft Inc.OPENVAS:136141256231063501HistoryMar 07, 2009 - 12:00 a.m.
Gentoo Security Advisory GLSA 200903-01 (vinagre)
2009-03-0700:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
10
6.5 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.165 Low
EPSS
Percentile
96.0%
The remote host is missing updates announced in
advisory GLSA 200903-01.
# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.63501");
script_version("2023-07-14T16:09:26+0000");
script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"creation_date", value:"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)");
script_cve_id("CVE-2008-5660");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_name("Gentoo Security Advisory GLSA 200903-01 (vinagre)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 E-Soft Inc.");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name:"insight", value:"A format string error in Vinagre may allow for the execution of arbitrary
code.");
script_tag(name:"solution", value:"All Vinagre users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/vinagre-0.5.2'");
script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-01");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=250314");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 200903-01.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");
res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"net-misc/vinagre", unaffected: make_list("ge 0.5.2"), vulnerable: make_list("lt 0.5.2"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
openvas
openvas
Mandriva Update for vinagre MDVSA-2008:240 (vinagre)
2009-04-09 00:00:00
Mandriva Update for vinagre MDVSA-2008:240 (vinagre)
2009-04-09 00:00:00
Fedora Update for vinagre FEDORA-2008-10932
2009-02-16 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 8.10 : vinagre vulnerability (USN-689-1)
2009-04-23 00:00:00
Fedora 9 : vinagre-0.5.2-1.fc9 (2008-10932)
2008-12-09 00:00:00
Mandriva Linux Security Advisory : vinagre (MDVSA-2008:240)
2009-04-23 00:00:00
freebsd
freebsd
vinagre -- format string vulnerability
2008-12-09 00:00:00
redhatcve
redhatcve
CVE-2008-5660
2019-10-04 20:56:01
cve
cve
CVE-2008-5660
2008-12-17 20:30:00
ubuntucve
ubuntucve
CVE-2008-5660
2008-12-17 00:00:00
gentoo
gentoo
Vinagre: User-assisted execution of arbitrary code
2009-03-06 00:00:00
prion
prion
Format string
2008-12-17 20:30:00
debiancve
debiancve
CVE-2008-5660
2008-12-17 20:30:00
6.5 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.165 Low
EPSS
Percentile
96.0%
Related for OPENVAS:136141256231063501