Lucene search
Slackware: Security Advisory (SSA:2009-083-01)
ποΈΒ 10 Sep 2012Β 00:00:00Reported byΒ Copyright (C) 2012 Greenbone AGTypeΒ 
Β openvasπΒ plugins.openvas.orgπΒ 20Β Views
The remote host is missing an update for the 'lcms' package(s) announced via the SSA:2009-083-01 advisory. New lcms packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues
Show more
| Reporter | Title | Published | Views | Family All 130 |
|---|---|---|---|---|
| Debian Security Advisory DSA 1745-1 (lcms) | 31 Mar 200900:00 | β | openvas |
| Slackware Advisory SSA:2009-083-01 lcms | 11 Sep 201200:00 | β | openvas |
| RedHat Security Advisory RHSA-2009:0339 | 20 Mar 200900:00 | β | openvas |
| SLES11: Security update for lcms | 11 Oct 200900:00 | β | openvas |
| Fedora Core 10 FEDORA-2009-2970 (lcms) | 31 Mar 200900:00 | β | openvas |
| Fedora Core 9 FEDORA-2009-2928 (lcms) | 31 Mar 200900:00 | β | openvas |
| SLES9: Security update for liblcms | 10 Oct 200900:00 | β | openvas |
| Fedora Core 9 FEDORA-2009-2910 (lcms) | 31 Mar 200900:00 | β | openvas |
| SLES10: Security update for liblcms | 13 Oct 200900:00 | β | openvas |
| Fedora Core 9 FEDORA-2009-3034 (java-1.6.0-openjdk) | 31 Mar 200900:00 | β | openvas |
10
| Source | Link |
|---|---|
| www.2009-083-01 | |
| slackware | www.slackware.com/security/viewer.php |
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.63697");
script_cve_id("CVE-2009-0581", "CVE-2009-0723", "CVE-2009-0733");
script_tag(name:"creation_date", value:"2012-09-10 23:34:21 +0000 (Mon, 10 Sep 2012)");
script_version("2025-01-14T05:37:02+0000");
script_tag(name:"last_modification", value:"2025-01-14 05:37:02 +0000 (Tue, 14 Jan 2025)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("Slackware: Security Advisory (SSA:2009-083-01)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("Slackware Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack", re:"ssh/login/release=SLK(10\.0|10\.1|10\.2|11\.0|12\.0|12\.1|12\.2|current)");
script_xref(name:"Advisory-ID", value:"SSA:2009-083-01");
script_xref(name:"URL", value:"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438");
script_tag(name:"summary", value:"The remote host is missing an update for the 'lcms' package(s) announced via the SSA:2009-083-01 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"New lcms packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0,
12.1, 12.2, and -current to fix security issues.
More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
[links moved to references]
Here are the details from the Slackware 12.2 ChangeLog:
+--------------------------+
patches/packages/lcms-1.18-i486-1_slack12.2.tgz: Upgraded to lcms-1.18.
This update fixes security issues discovered in LittleCMS by Chris Evans.
These flaws could cause program crashes (denial of service) or the execution
of arbitrary code as the user of the lcms-linked program.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+");
script_tag(name:"affected", value:"'lcms' package(s) on Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware current.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-slack.inc");
release = slk_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLK10.0") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack10.0", rls:"SLK10.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK10.1") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack10.1", rls:"SLK10.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK10.2") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack10.2", rls:"SLK10.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK11.0") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack11.0", rls:"SLK11.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK12.0") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack12.0", rls:"SLK12.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK12.1") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack12.1", rls:"SLK12.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK12.2") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1_slack12.2", rls:"SLK12.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLKcurrent") {
if(!isnull(res = isslkpkgvuln(pkg:"lcms", ver:"1.18-i486-1", rls:"SLKcurrent"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo10 Sep 2012 00:00Current
6.7Medium risk
Vulners AI Score6.7
CVSS29.3
EPSS0.0199