ID OPENVAS:136141256231065425 Type openvas Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com Modified 2018-04-06T00:00:00
Description
The remote host is missing updates to packages that affect
the security of your system. One or more of the following packages
are affected:
libpng
libpng-devel
For more information, please visit the referenced security
advisories.
More details may also be found by searching for keyword
5041680 within the SuSE Enterprise Server 9 patch
database at http://download.novell.com/patch/finder/
# OpenVAS Vulnerability Test
# $Id: sles9p5041680.nasl 9350 2018-04-06 07:03:33Z cfischer $
# Description: Security update for libpng, libpng-devel
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_summary = "The remote host is missing updates to packages that affect
the security of your system. One or more of the following packages
are affected:
libpng
libpng-devel
For more information, please visit the referenced security
advisories.
More details may also be found by searching for keyword
5041680 within the SuSE Enterprise Server 9 patch
database at http://download.novell.com/patch/finder/";
tag_solution = "Please install the updates provided by SuSE.";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.65425");
script_version("$Revision: 9350 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)");
script_cve_id("CVE-2008-5907");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_name("SLES9: Security update for libpng, libpng-devel");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"libpng", rpm:"libpng~1.2.5~182.20", rls:"SLES9.0")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"pluginID": "136141256231065425", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5041680.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for libpng, libpng-devel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5041680 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65425\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-5907\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES9: Security update for libpng, libpng-devel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.5~182.20\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "history": [], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5041680 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065425", "type": "openvas", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "7dd4b950a8cd41bfa3ee26232d5adca3"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "fc0e6666fabef5bfa753d83184e84a9a"}, {"key": "href", "hash": "ee509c6e5510a87ffc6b7ab863a5315f"}, {"key": "modified", "hash": "4fb7fd6149697e74d091717ea3f1ca84"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "c9d2fa38acf4ff66abaa121827635dd3"}, {"key": "published", "hash": "b5690f93a9a8de1997d799545818941e"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "b778055b37159119ce97e96620d4ff56"}, {"key": "sourceData", "hash": "492dc85b0a38bfac652de17a56e28d20"}, {"key": "title", "hash": "392ae7378acda324ee8d3cc0ba148492"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "viewCount": 0, "references": [], "lastseen": "2018-04-06T11:38:14", "published": "2009-10-10T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "cvelist": ["CVE-2008-5907"], "id": "OPENVAS:136141256231065425", "hash": "d3d9cee440c4afe69c12ed86fe48aaf81d87099fa0ee58160035c26bff692b98", "modified": "2018-04-06T00:00:00", "title": "SLES9: Security update for libpng, libpng-devel", "edition": 1, "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "bulletinFamily": "scanner", "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2018-04-06T11:38:14"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-5907"]}, {"type": "openvas", "idList": ["OPENVAS:65425", "OPENVAS:65940", "OPENVAS:900071", "OPENVAS:136141256231065940", "OPENVAS:1361412562310900071", "OPENVAS:136141256231063440", "OPENVAS:63440", "OPENVAS:63612", "OPENVAS:136141256231063612", "OPENVAS:136141256231063682"]}, {"type": "nessus", "idList": ["SUSE_LIBPNG-5945.NASL", "SUSE9_12339.NASL", "SUSE_11_0_LIBPNG-DEVEL-090121.NASL", "SUSE_11_1_LIBPNG-DEVEL-090120.NASL", "SUSE_LIBPNG-5944.NASL", "MANDRIVA_MDVSA-2009-051.NASL", "GENTOO_GLSA-200903-28.NASL", "DEBIAN_DSA-1750.NASL", "UBUNTU_USN-730-1.NASL", "GENTOO_GLSA-201412-08.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9691", "SECURITYVULNS:DOC:21384"]}, {"type": "gentoo", "idList": ["GLSA-200903-28", "GLSA-201412-08"]}, {"type": "ubuntu", "idList": ["USN-730-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1750-1:2594D"]}], "modified": "2018-04-06T11:38:14"}, "vulnersScore": 5.9}}
{"cve": [{"lastseen": "2019-07-24T12:26:00", "bulletinFamily": "NVD", "description": "The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.", "modified": "2018-11-08T20:18:00", "id": "CVE-2008-5907", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5907", "published": "2009-01-15T17:30:00", "title": "CVE-2008-5907", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2017-07-26T08:55:32", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5041680 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65425", "id": "OPENVAS:65425", "title": "SLES9: Security update for libpng, libpng-devel", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5041680.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for libpng, libpng-devel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5041680 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65425);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-5907\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES9: Security update for libpng, libpng-devel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.5~182.20\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:29", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65940", "id": "OPENVAS:65940", "title": "SLES10: Security update for libpng", "type": "openvas", "sourceData": "#\n#VID slesp2-libpng-5945\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libpng\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65940);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5907\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES10: Security update for libpng\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.8~19.18\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.8~19.18\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:40:23", "bulletinFamily": "scanner", "description": "The host has libpng installed and is prone to memory overwrite\n vulnerability.", "modified": "2019-04-29T00:00:00", "published": "2009-01-22T00:00:00", "id": "OPENVAS:1361412562310900071", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900071", "title": "libpng pngwutil.c NULL pointer Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# libpng pngwutil.c NULL pointer Vulnerability\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900071\");\n script_version(\"2019-04-29T15:08:03+0000\");\n script_tag(name:\"last_modification\", value:\"2019-04-29 15:08:03 +0000 (Mon, 29 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2009-01-22 12:00:13 +0100 (Thu, 22 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2008-5907\");\n script_name(\"libpng pngwutil.c NULL pointer Vulnerability\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2009/01/09/1\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_libpng_detect_lin.nasl\");\n script_mandatory_keys(\"Libpng/Version\");\n script_tag(name:\"impact\", value:\"Successful remote exploitation could result in arbitrary code execution\n on the affected system.\");\n script_tag(name:\"affected\", value:\"libpng 1.0.41 and prior and 1.2.x to 1.2.33 on Linux.\");\n script_tag(name:\"insight\", value:\"Attackers can set the value of arbitrary memory location to zero via\n vectors involving creation of crafted PNG files with keywords, related\n to an implicit cast of the '\\0' character constant to a NULL pointer.\");\n script_tag(name:\"solution\", value:\"Upgrade to libpng 1.0.42 or 1.2.34.\");\n script_tag(name:\"summary\", value:\"The host has libpng installed and is prone to memory overwrite\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\npngVer = get_kb_item(\"Libpng/Version\");\nif(!pngVer)\n exit(0);\n\nif(version_is_less_equal(version:pngVer, test_version:\"1.0.41\")||\n version_in_range(version:pngVer, test_version:\"1.2.0\", test_version2:\"1.2.33\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-04-06T11:38:06", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065940", "id": "OPENVAS:136141256231065940", "type": "openvas", "title": "SLES10: Security update for libpng", "sourceData": "#\n#VID slesp2-libpng-5945\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libpng\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libpng\n libpng-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65940\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5907\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES10: Security update for libpng\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.8~19.18\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.8~19.18\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-02T21:14:12", "bulletinFamily": "scanner", "description": "The host has libpng installed and is prone to memory overwrite\n vulnerability.", "modified": "2017-01-20T00:00:00", "published": "2009-01-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=900071", "id": "OPENVAS:900071", "title": "libpng pngwutil.c NULL pointer Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_libpng_null_pntr_vuln.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# libpng pngwutil.c NULL pointer Vulnerability\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful remote exploitation could result in arbitrary code execution\n on the affected system.\n Impact Level: Application\";\ntag_affected = \"libpng 1.0.41 and prior and 1.2.x to 1.2.33 on Linux.\";\ntag_insight = \"Attackers can set the value of arbitrary memory location to zero via\n vectors involving creation of crafted PNG files with keywords, related\n to an implicit cast of the '\\0' character constant to a NULL pointer.\";\ntag_solution = \"Upgrade to libpng 1.0.42 or 1.2.34,\n http://libpng.sourceforge.net/index.html\";\ntag_summary = \"The host has libpng installed and is prone to memory overwrite\n vulnerability.\";\n\n\nif(description)\n{\n script_id(900071);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-22 12:00:13 +0100 (Thu, 22 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2008-5907\");\n script_name(\"libpng pngwutil.c NULL pointer Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://openwall.com/lists/oss-security/2009/01/09/1\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_libpng_detect_lin.nasl\");\n script_require_keys(\"Libpng/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\npngVer = get_kb_item(\"Libpng/Version\");\nif(!pngVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:pngVer, test_version:\"1.0.41\")||\n version_in_range(version:pngVer, test_version:\"1.2.0\", test_version2:\"1.2.33\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:37:31", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200903-28.", "modified": "2018-04-06T00:00:00", "published": "2009-03-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063612", "id": "OPENVAS:136141256231063612", "title": "Gentoo Security Advisory GLSA 200903-28 (libpng)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in libpng, which might result in the\nexecution of arbitrary code\";\ntag_solution = \"All libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.35'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-28\nhttp://bugs.gentoo.org/show_bug.cgi?id=244808\nhttp://bugs.gentoo.org/show_bug.cgi?id=255231\nhttp://bugs.gentoo.org/show_bug.cgi?id=259578\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200903-28.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63612\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200903-28 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/libpng\", unaffected: make_list(\"ge 1.2.35\"), vulnerable: make_list(\"lt 1.2.35\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update to libpng\nannounced via advisory MDVSA-2009:051.", "modified": "2018-04-06T00:00:00", "published": "2009-03-02T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063440", "id": "OPENVAS:136141256231063440", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:051 (libpng)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_051.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:051 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been found and corrected in libpng:\n\nFixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was\nalready fixed in Mandriva Linux 2009.0.\n\nFix the function png_check_keyword() that allowed setting arbitrary\nbytes in the process memory to 0 (CVE-2008-5907).\n\nFix a potential DoS (Denial of Service) or to potentially compromise\nan application using the library (CVE-2009-0040).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:051\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory MDVSA-2009:051.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63440\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2008-3964\", \"CVE-2008-5907\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:051 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-devel\", rpm:\"lib64png3-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-static-devel\", rpm:\"lib64png3-static-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-devel\", rpm:\"lib64png3-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-static-devel\", rpm:\"lib64png3-static-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.5~10.11.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update to libpng\nannounced via advisory MDVSA-2009:051.", "modified": "2017-07-06T00:00:00", "published": "2009-03-02T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63440", "id": "OPENVAS:63440", "title": "Mandrake Security Advisory MDVSA-2009:051 (libpng)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_051.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:051 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been found and corrected in libpng:\n\nFixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was\nalready fixed in Mandriva Linux 2009.0.\n\nFix the function png_check_keyword() that allowed setting arbitrary\nbytes in the process memory to 0 (CVE-2008-5907).\n\nFix a potential DoS (Denial of Service) or to potentially compromise\nan application using the library (CVE-2009-0040).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:051\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory MDVSA-2009:051.\";\n\n \n\nif(description)\n{\n script_id(63440);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2008-3964\", \"CVE-2008-5907\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:051 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.22~0.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.25~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-source\", rpm:\"libpng-source~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-static-devel\", rpm:\"libpng-static-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-devel\", rpm:\"lib64png-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png-static-devel\", rpm:\"lib64png-static-devel~1.2.31~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-devel\", rpm:\"lib64png3-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-static-devel\", rpm:\"lib64png3-static-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3\", rpm:\"lib64png3~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-devel\", rpm:\"lib64png3-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64png3-static-devel\", rpm:\"lib64png3-static-devel~1.2.8~1.6.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.5~10.11.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-devel\", rpm:\"libpng3-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3-static-devel\", rpm:\"libpng3-static-devel~1.2.5~10.11.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:08", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200903-28.", "modified": "2017-07-07T00:00:00", "published": "2009-03-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63612", "id": "OPENVAS:63612", "title": "Gentoo Security Advisory GLSA 200903-28 (libpng)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in libpng, which might result in the\nexecution of arbitrary code\";\ntag_solution = \"All libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.35'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-28\nhttp://bugs.gentoo.org/show_bug.cgi?id=244808\nhttp://bugs.gentoo.org/show_bug.cgi?id=255231\nhttp://bugs.gentoo.org/show_bug.cgi?id=259578\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200903-28.\";\n\n \n \n\nif(description)\n{\n script_id(63612);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200903-28 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/libpng\", unaffected: make_list(\"ge 1.2.35\"), vulnerable: make_list(\"lt 1.2.35\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:06", "bulletinFamily": "scanner", "description": "The remote host is missing an update to libpng\nannounced via advisory DSA 1750-1.", "modified": "2018-04-06T00:00:00", "published": "2009-03-31T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063682", "id": "OPENVAS:136141256231063682", "type": "openvas", "title": "Debian Security Advisory DSA 1750-1 (libpng)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1750_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1750-1 (libpng)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nThe png_handle_tRNS function allows attackers to cause a denial of\nservice (application crash) via a grayscale PNG image with a bad tRNS\nchunk CRC value. (CVE-2007-2445)\n\nCertain chunk handlers allow attackers to cause a denial of service\n(crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG\nimages, which trigger out-of-bounds read operations. (CVE-2007-5269)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(crash) and possibly execute arbitrary code via a PNG file with zero\nlength unknown chunks, which trigger an access of uninitialized\nmemory. (CVE-2008-1382)\n\nThe png_check_keyword might allow context-dependent attackers to set the\nvalue of an arbitrary memory location to zero via vectors involving\ncreation of crafted PNG files with keywords. (CVE-2008-5907)\n\nA memory leak in the png_handle_tEXt function allows context-dependent\nattackers to cause a denial of service (memory exhaustion) via a crafted\nPNG file. (CVE-2008-6218)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(application crash) or possibly execute arbitrary code via a crafted PNG\nfile that triggers a free of an uninitialized pointer in (1) the\npng_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit\ngamma tables. (CVE-2009-0040)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.35-1.\n\nWe recommend that you upgrade your libpng packages.\";\ntag_summary = \"The remote host is missing an update to libpng\nannounced via advisory DSA 1750-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201750-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63682\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1750-1 (libpng)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.15~beta5-1+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng3\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-dev\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpng12-0\", ver:\"1.2.27-2+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-12-13T09:44:08", "bulletinFamily": "scanner", "description": "This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)", "modified": "2019-12-02T00:00:00", "id": "SUSE_LIBPNG-5945.NASL", "href": "https://www.tenable.com/plugins/nessus/41546", "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : libpng (ZYPP Patch Number 5945)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41546);\n script_version (\"1.9\");\n script_cvs_date(\"Date: 2019/10/25 13:36:36\");\n\n script_cve_id(\"CVE-2008-5907\");\n\n script_name(english:\"SuSE 10 Security Update : libpng (ZYPP Patch Number 5945)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5907.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5945.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libpng-1.2.8-19.18\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libpng-devel-1.2.8-19.18\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"libpng-32bit-1.2.8-19.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.8-19.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libpng-1.2.8-19.18\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libpng-devel-1.2.8-19.18\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"libpng-32bit-1.2.8-19.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.8-19.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-13T09:44:08", "bulletinFamily": "scanner", "description": "This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)", "modified": "2019-12-02T00:00:00", "id": "SUSE_LIBPNG-5944.NASL", "href": "https://www.tenable.com/plugins/nessus/35553", "published": "2009-01-29T00:00:00", "title": "openSUSE 10 Security Update : libpng (libpng-5944)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libpng-5944.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35553);\n script_version (\"1.7\");\n script_cvs_date(\"Date: 2019/10/25 13:36:36\");\n\n script_cve_id(\"CVE-2008-5907\");\n\n script_name(english:\"openSUSE 10 Security Update : libpng (libpng-5944)\");\n script_summary(english:\"Check for the libpng-5944 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libpng-1.2.18-15.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libpng-devel-1.2.18-15.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libpng-32bit-1.2.18-15.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.18-15.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-13T09:20:32", "bulletinFamily": "scanner", "description": "This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)", "modified": "2019-12-02T00:00:00", "id": "SUSE9_12339.NASL", "href": "https://www.tenable.com/plugins/nessus/41270", "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : libpng, libpng-devel (YOU Patch Number 12339)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41270);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/25 13:36:33\");\n\n script_cve_id(\"CVE-2008-5907\");\n\n script_name(english:\"SuSE9 Security Update : libpng, libpng-devel (YOU Patch Number 12339)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5907.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12339.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"libpng-1.2.5-182.20\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libpng-devel-1.2.5-182.20\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"libpng-32bit-9-200901202355\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-13T09:20:50", "bulletinFamily": "scanner", "description": "This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)", "modified": "2019-12-02T00:00:00", "id": "SUSE_11_1_LIBPNG-DEVEL-090120.NASL", "href": "https://www.tenable.com/plugins/nessus/40263", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libpng-devel (libpng-devel-455)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libpng-devel-455.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40263);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/25 13:36:35\");\n\n script_cve_id(\"CVE-2008-5907\");\n\n script_name(english:\"openSUSE Security Update : libpng-devel (libpng-devel-455)\");\n script_summary(english:\"Check for the libpng-devel-455 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=467308\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng12-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng12-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpng-devel-1.2.31-4.35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpng12-0-1.2.31-4.35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpng3-1.2.31-4.35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.31-4.35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libpng12-0-32bit-1.2.31-4.35.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-13T09:20:42", "bulletinFamily": "scanner", "description": "This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)", "modified": "2019-12-02T00:00:00", "id": "SUSE_11_0_LIBPNG-DEVEL-090121.NASL", "href": "https://www.tenable.com/plugins/nessus/40037", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libpng-devel (libpng-devel-455)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libpng-devel-455.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40037);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/25 13:36:34\");\n\n script_cve_id(\"CVE-2008-5907\");\n\n script_name(english:\"openSUSE Security Update : libpng-devel (libpng-devel-455)\");\n script_summary(english:\"Check for the libpng-devel-455 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libpng fixes the function png_check_keyword() that\nallowed setting arbitrary bytes in the process memory to 0.\n(CVE-2008-5907)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=467308\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpng-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng12-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng12-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpng3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libpng-devel-1.2.26-14.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libpng12-0-1.2.26-14.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libpng3-1.2.26-14.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libpng-devel-32bit-1.2.26-14.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libpng12-0-32bit-1.2.26-14.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-13T08:05:37", "bulletinFamily": "scanner", "description": "A number of vulnerabilities have been found and corrected in libpng :\n\nFixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was\nallready fixed in Mandriva Linux 2009.0.\n\nFix the function png_check_keyword() that allowed setting arbitrary\nbytes in the process memory to 0 (CVE-2008-5907).\n\nFix a potential DoS (Denial of Service) or to potentially compromise\nan application using the library (CVE-2009-0040).\n\nThe updated packages have been patched to prevent this.", "modified": "2019-12-02T00:00:00", "id": "MANDRIVA_MDVSA-2009-051.NASL", "href": "https://www.tenable.com/plugins/nessus/36671", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : libpng (MDVSA-2009:051)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:051. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36671);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:51\");\n\n script_cve_id(\"CVE-2008-3964\", \"CVE-2008-5907\", \"CVE-2009-0040\");\n script_bugtraq_id(33827);\n script_xref(name:\"MDVSA\", value:\"2009:051\");\n\n script_name(english:\"Mandriva Linux Security Advisory : libpng (MDVSA-2009:051)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been found and corrected in libpng :\n\nFixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was\nallready fixed in Mandriva Linux 2009.0.\n\nFix the function png_check_keyword() that allowed setting arbitrary\nbytes in the process memory to 0 (CVE-2008-5907).\n\nFix a potential DoS (Denial of Service) or to potentially compromise\nan application using the library (CVE-2009-0040).\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64png3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpng3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64png-devel-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64png-static-devel-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64png3-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpng-devel-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"libpng-source-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpng-static-devel-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpng3-1.2.22-0.3mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64png-devel-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64png-static-devel-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64png3-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpng-devel-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libpng-source-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpng-static-devel-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpng3-1.2.25-2.2mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64png-devel-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64png-static-devel-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64png3-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpng-devel-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"libpng-source-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpng-static-devel-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpng3-1.2.31-2.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-13T07:33:24", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200903-28\n(libpng: Multiple vulnerabilities)\n\n Multiple vulnerabilities were discovered in libpng:\n A\n memory leak bug was reported in png_handle_tEXt(), a function that is\n used while reading PNG images (CVE-2008-6218).\n A memory\n overwrite bug was reported by Jon Foster in png_check_keyword(), caused\n by writing overlong keywords to a PNG file (CVE-2008-5907).\n A\n memory corruption issue, caused by an incorrect handling of an out of\n memory condition has been reported by Tavis Ormandy of the Google\n Security Team. That vulnerability affects direct uses of\n png_read_png(), pCAL chunk and 16-bit gamma table handling\n (CVE-2009-0040).\n \nImpact :\n\n A remote attacker may execute arbitrary code with the privileges of the\n user opening a specially crafted PNG file by exploiting the erroneous\n out-of-memory handling. An attacker may also exploit the\n png_check_keyword() error to set arbitrary memory locations to 0, if\n the application allows overlong, user-controlled keywords when writing\n PNG files. The png_handle_tEXT() vulnerability may be exploited by an\n attacker to potentially consume all memory on a users system when a\n specially crafted PNG file is opened.\n \nWorkaround :\n\n There is no known workaround at this time.", "modified": "2019-12-02T00:00:00", "id": "GENTOO_GLSA-200903-28.NASL", "href": "https://www.tenable.com/plugins/nessus/35929", "published": "2009-03-16T00:00:00", "title": "GLSA-200903-28 : libpng: Multiple vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200903-28.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35929);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:45\");\n\n script_cve_id(\"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_bugtraq_id(31920, 33827);\n script_xref(name:\"GLSA\", value:\"200903-28\");\n\n script_name(english:\"GLSA-200903-28 : libpng: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200903-28\n(libpng: Multiple vulnerabilities)\n\n Multiple vulnerabilities were discovered in libpng:\n A\n memory leak bug was reported in png_handle_tEXt(), a function that is\n used while reading PNG images (CVE-2008-6218).\n A memory\n overwrite bug was reported by Jon Foster in png_check_keyword(), caused\n by writing overlong keywords to a PNG file (CVE-2008-5907).\n A\n memory corruption issue, caused by an incorrect handling of an out of\n memory condition has been reported by Tavis Ormandy of the Google\n Security Team. That vulnerability affects direct uses of\n png_read_png(), pCAL chunk and 16-bit gamma table handling\n (CVE-2009-0040).\n \nImpact :\n\n A remote attacker may execute arbitrary code with the privileges of the\n user opening a specially crafted PNG file by exploiting the erroneous\n out-of-memory handling. An attacker may also exploit the\n png_check_keyword() error to set arbitrary memory locations to 0, if\n the application allows overlong, user-controlled keywords when writing\n PNG files. The png_handle_tEXT() vulnerability may be exploited by an\n attacker to potentially consume all memory on a users system when a\n specially crafted PNG file is opened.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200903-28\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libpng users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.35'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/libpng\", unaffected:make_list(\"ge 1.2.35\"), vulnerable:make_list(\"lt 1.2.35\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-13T09:57:19", "bulletinFamily": "scanner", "description": "It was discovered that libpng did not properly perform bounds checking\nin certain operations. An attacker could send a specially crafted PNG\nimage and cause a denial of service in applications linked against\nlibpng. This issue only affected Ubuntu 8.04 LTS. (CVE-2007-5268,\nCVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize\nmemory. If a user or automated system were tricked into opening a\ncrafted PNG image, an attacker could cause a denial of service via\napplication crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue did not affect\nUbuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker\ncould could cause an application crash in programs using pngtest.\n(CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a\nkeyword string. An attacker could exploit this to set arbitrary memory\nlocations to zero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly\ninitialize pointers. If a user or automated system were tricked into\nopening a crafted PNG file, an attacker could cause a denial of\nservice or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2009-0040).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-12-02T00:00:00", "id": "UBUNTU_USN-730-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37042", "published": "2009-04-23T00:00:00", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-730-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37042);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-3964\", \"CVE-2008-5907\", \"CVE-2009-0040\");\n script_bugtraq_id(25956, 28276, 28770, 33827);\n script_xref(name:\"USN\", value:\"730-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libpng did not properly perform bounds checking\nin certain operations. An attacker could send a specially crafted PNG\nimage and cause a denial of service in applications linked against\nlibpng. This issue only affected Ubuntu 8.04 LTS. (CVE-2007-5268,\nCVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize\nmemory. If a user or automated system were tricked into opening a\ncrafted PNG image, an attacker could cause a denial of service via\napplication crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue did not affect\nUbuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker\ncould could cause an application crash in programs using pngtest.\n(CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a\nkeyword string. An attacker could exploit this to set arbitrary memory\nlocations to zero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly\ninitialize pointers. If a user or automated system were tricked into\nopening a crafted PNG file, an attacker could cause a denial of\nservice or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2009-0040).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/730-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libpng12-0, libpng12-dev and / or libpng3\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpng12-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpng12-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpng3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpng12-0\", pkgver:\"1.2.8rel-5ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpng12-dev\", pkgver:\"1.2.8rel-5ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpng3\", pkgver:\"1.2.8rel-5ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpng12-0\", pkgver:\"1.2.15~beta5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpng12-dev\", pkgver:\"1.2.15~beta5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libpng3\", pkgver:\"1.2.15~beta5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpng12-0\", pkgver:\"1.2.15~beta5-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpng12-dev\", pkgver:\"1.2.15~beta5-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpng3\", pkgver:\"1.2.15~beta5-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpng12-0\", pkgver:\"1.2.27-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpng12-dev\", pkgver:\"1.2.27-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpng3\", pkgver:\"1.2.27-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpng12-0 / libpng12-dev / libpng3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-13T06:51:05", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2007-2445\n The png_handle_tRNS function allows attackers to cause a\n denial of service (application crash) via a grayscale\n PNG image with a bad tRNS chunk CRC value.\n\n - CVE-2007-5269\n Certain chunk handlers allow attackers to cause a denial\n of service (crash) via crafted pCAL, sCAL, tEXt, iTXt,\n and ztXT chunking in PNG images, which trigger\n out-of-bounds read operations.\n\n - CVE-2008-1382\n libpng allows context-dependent attackers to cause a\n denial of service (crash) and possibly execute arbitrary\n code via a PNG file with zero length ", "modified": "2019-12-02T00:00:00", "id": "DEBIAN_DSA-1750.NASL", "href": "https://www.tenable.com/plugins/nessus/35988", "published": "2009-03-23T00:00:00", "title": "Debian DSA-1750-1 : libpng - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1750. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35988);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:21\");\n\n script_cve_id(\"CVE-2007-2445\", \"CVE-2007-5269\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2009-0040\");\n script_bugtraq_id(25956, 28276, 28770, 31920, 33827, 33990);\n script_xref(name:\"DSA\", value:\"1750\");\n\n script_name(english:\"Debian DSA-1750-1 : libpng - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2007-2445\n The png_handle_tRNS function allows attackers to cause a\n denial of service (application crash) via a grayscale\n PNG image with a bad tRNS chunk CRC value.\n\n - CVE-2007-5269\n Certain chunk handlers allow attackers to cause a denial\n of service (crash) via crafted pCAL, sCAL, tEXt, iTXt,\n and ztXT chunking in PNG images, which trigger\n out-of-bounds read operations.\n\n - CVE-2008-1382\n libpng allows context-dependent attackers to cause a\n denial of service (crash) and possibly execute arbitrary\n code via a PNG file with zero length 'unknown' chunks,\n which trigger an access of uninitialized memory.\n\n - CVE-2008-5907\n The png_check_keyword might allow context-dependent\n attackers to set the value of an arbitrary memory\n location to zero via vectors involving creation of\n crafted PNG files with keywords.\n\n - CVE-2008-6218\n A memory leak in the png_handle_tEXt function allows\n context-dependent attackers to cause a denial of service\n (memory exhaustion) via a crafted PNG file.\n\n - CVE-2009-0040\n libpng allows context-dependent attackers to cause a\n denial of service (application crash) or possibly\n execute arbitrary code via a crafted PNG file that\n triggers a free of an uninitialized pointer in (1) the\n png_read_png function, (2) pCAL chunk handling, or (3)\n setup of 16-bit gamma tables.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-5269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-6218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1750\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libpng packages.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libpng12-0\", reference:\"1.2.15~beta5-1+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpng12-dev\", reference:\"1.2.15~beta5-1+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpng3\", reference:\"1.2.15~beta5-1+etch2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpng12-0\", reference:\"1.2.27-2+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpng12-dev\", reference:\"1.2.27-2+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpng3\", reference:\"1.2.27-2+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-13T07:33:47", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201412-08\n(Multiple packages, Multiple vulnerabilities fixed in 2010)\n\n Vulnerabilities have been discovered in the packages listed below.\n Please review the CVE identifiers in the Reference section for details.\n Insight\n Perl Tk Module\n Source-Navigator\n Tk\n Partimage\n Mlmmj\n acl\n Xinit\n gzip\n ncompress\n liblzw\n splashutils\n GNU M4\n KDE Display Manager\n GTK+\n KGet\n dvipng\n Beanstalk\n Policy Mount\n pam_krb5\n GNU gv\n LFTP\n Uzbl\n Slim\n Bitdefender Console\n iputils\n DVBStreamer\n \nImpact :\n\n A context-dependent attacker may be able to gain escalated privileges,\n execute arbitrary code, cause Denial of Service, obtain sensitive\n information, or otherwise bypass security restrictions.\n \nWorkaround :\n\n There are no known workarounds at this time.", "modified": "2019-12-02T00:00:00", "id": "GENTOO_GLSA-201412-08.NASL", "href": "https://www.tenable.com/plugins/nessus/79961", "published": "2014-12-15T00:00:00", "title": "GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-08.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79961);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/08/12 17:35:38\");\n\n script_cve_id(\"CVE-2006-3005\", \"CVE-2007-2741\", \"CVE-2008-0553\", \"CVE-2008-1382\", \"CVE-2008-5907\", \"CVE-2008-6218\", \"CVE-2008-6661\", \"CVE-2009-0040\", \"CVE-2009-0360\", \"CVE-2009-0361\", \"CVE-2009-0946\", \"CVE-2009-2042\", \"CVE-2009-2624\", \"CVE-2009-3736\", \"CVE-2009-4029\", \"CVE-2009-4411\", \"CVE-2009-4896\", \"CVE-2010-0001\", \"CVE-2010-0436\", \"CVE-2010-0732\", \"CVE-2010-0829\", \"CVE-2010-1000\", \"CVE-2010-1205\", \"CVE-2010-1511\", \"CVE-2010-2056\", \"CVE-2010-2060\", \"CVE-2010-2192\", \"CVE-2010-2251\", \"CVE-2010-2529\", \"CVE-2010-2809\", \"CVE-2010-2945\");\n script_bugtraq_id(24001, 27655, 28770, 31920, 32751, 33740, 33741, 33827, 33990, 34550, 35233, 37128, 37378, 37455, 37886, 37888, 38211, 39467, 39969, 40141, 40426, 40516, 40939, 41174, 41841, 41911, 42297, 43728);\n script_xref(name:\"GLSA\", value:\"201412-08\");\n\n script_name(english:\"GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-08\n(Multiple packages, Multiple vulnerabilities fixed in 2010)\n\n Vulnerabilities have been discovered in the packages listed below.\n Please review the CVE identifiers in the Reference section for details.\n Insight\n Perl Tk Module\n Source-Navigator\n Tk\n Partimage\n Mlmmj\n acl\n Xinit\n gzip\n ncompress\n liblzw\n splashutils\n GNU M4\n KDE Display Manager\n GTK+\n KGet\n dvipng\n Beanstalk\n Policy Mount\n pam_krb5\n GNU gv\n LFTP\n Uzbl\n Slim\n Bitdefender Console\n iputils\n DVBStreamer\n \nImpact :\n\n A context-dependent attacker may be able to gain escalated privileges,\n execute arbitrary code, cause Denial of Service, obtain sensitive\n information, or otherwise bypass security restrictions.\n \nWorkaround :\n\n There are no known workarounds at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Insight users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/insight-6.7.1-r1'\n All Perl Tk Module users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-perl/perl-tk-804.028-r2'\n All Source-Navigator users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/sourcenav-5.1.4'\n All Tk users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/tk-8.4.18-r1'\n All Partimage users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-block/partimage-0.6.8'\n All Mlmmj users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/mlmmj-1.2.17.1'\n All acl users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/acl-2.2.49'\n All Xinit users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-apps/xinit-1.2.0-r4'\n All gzip users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.4'\n All ncompress users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/ncompress-4.2.4.3'\n All liblzw users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/liblzw-0.2'\n All splashutils users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=media-gfx/splashutils-1.5.4.3-r3'\n All GNU M4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-devel/m4-1.4.14-r1'\n All KDE Display Manager users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdm-4.3.5-r1'\n All GTK+ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/gtk+-2.18.7'\n All KGet 4.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kget-4.3.5-r1'\n All dvipng users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/dvipng-1.13'\n All Beanstalk users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-misc/beanstalkd-1.4.6'\n All Policy Mount users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/pmount-0.9.23'\n All pam_krb5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-auth/pam_krb5-4.3'\n All GNU gv users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/gv-3.7.1'\n All LFTP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-ftp/lftp-4.0.6'\n All Uzbl users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/uzbl-2010.08.05'\n All Slim users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-misc/slim-1.3.2'\n All iputils users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/iputils-20100418'\n All DVBStreamer users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-tv/dvbstreamer-1.1-r1'\n Gentoo has discontinued support for Bitdefender Console. We recommend\n that users unmerge Bitdefender Console:\n # emerge --unmerge 'app-antivirus/bitdefender-console'\n NOTE: This is a legacy GLSA. Updates for all affected architectures have\n been available since 2011. It is likely that your system is already no\n longer affected by these issues.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:acl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:beanstalkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bitdefender-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dvbstreamer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dvipng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gtk+\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:insight\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:iputils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kget\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:liblzw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:m4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mlmmj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ncompress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pam_krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:partimage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:perl-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pmount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:slim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sourcenav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:splashutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:uzbl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/gzip\", unaffected:make_list(\"ge 1.4\"), vulnerable:make_list(\"lt 1.4\"))) flag++;\nif (qpkg_check(package:\"kde-base/kget\", unaffected:make_list(\"ge 4.3.5-r1\"), vulnerable:make_list(\"lt 4.3.5-r1\"))) flag++;\nif (qpkg_check(package:\"dev-libs/liblzw\", unaffected:make_list(\"ge 0.2\"), vulnerable:make_list(\"lt 0.2\"))) flag++;\nif (qpkg_check(package:\"kde-base/kdm\", unaffected:make_list(\"ge 4.3.5-r1\"), vulnerable:make_list(\"lt 4.3.5-r1\"))) flag++;\nif (qpkg_check(package:\"app-text/dvipng\", unaffected:make_list(\"ge 1.13\"), vulnerable:make_list(\"lt 1.13\"))) flag++;\nif (qpkg_check(package:\"x11-apps/xinit\", unaffected:make_list(\"ge 1.2.0-r4\"), vulnerable:make_list(\"lt 1.2.0-r4\"))) flag++;\nif (qpkg_check(package:\"net-ftp/lftp\", unaffected:make_list(\"ge 4.0.6\"), vulnerable:make_list(\"lt 4.0.6\"))) flag++;\nif (qpkg_check(package:\"net-mail/mlmmj\", unaffected:make_list(\"ge 1.2.17.1\"), vulnerable:make_list(\"lt 1.2.17.1\"))) flag++;\nif (qpkg_check(package:\"sys-apps/pmount\", unaffected:make_list(\"ge 0.9.23\"), vulnerable:make_list(\"lt 0.9.23\"))) flag++;\nif (qpkg_check(package:\"sys-block/partimage\", unaffected:make_list(\"ge 0.6.8\"), vulnerable:make_list(\"lt 0.6.8\"))) flag++;\nif (qpkg_check(package:\"sys-apps/acl\", unaffected:make_list(\"ge 2.2.49\"), vulnerable:make_list(\"lt 2.2.49\"))) flag++;\nif (qpkg_check(package:\"app-arch/ncompress\", unaffected:make_list(\"ge 4.2.4.3\"), vulnerable:make_list(\"lt 4.2.4.3\"))) flag++;\nif (qpkg_check(package:\"media-gfx/splashutils\", unaffected:make_list(\"ge 1.5.4.3-r3\"), vulnerable:make_list(\"lt 1.5.4.3-r3\"))) flag++;\nif (qpkg_check(package:\"www-client/uzbl\", unaffected:make_list(\"ge 2010.08.05\"), vulnerable:make_list(\"lt 2010.08.05\"))) flag++;\nif (qpkg_check(package:\"dev-util/insight\", unaffected:make_list(\"ge 6.7.1-r1\"), vulnerable:make_list(\"lt 6.7.1-r1\"))) flag++;\nif (qpkg_check(package:\"sys-devel/m4\", unaffected:make_list(\"ge 1.4.14-r1\"), vulnerable:make_list(\"lt 1.4.14-r1\"))) flag++;\nif (qpkg_check(package:\"app-antivirus/bitdefender-console\", unaffected:make_list(), vulnerable:make_list(\"le 7.1\"))) flag++;\nif (qpkg_check(package:\"app-text/gv\", unaffected:make_list(\"ge 3.7.1\"), vulnerable:make_list(\"lt 3.7.1\"))) flag++;\nif (qpkg_check(package:\"media-tv/dvbstreamer\", unaffected:make_list(\"ge 1.1-r1\"), vulnerable:make_list(\"lt 1.1-r1\"))) flag++;\nif (qpkg_check(package:\"app-misc/beanstalkd\", unaffected:make_list(\"ge 1.4.6\"), vulnerable:make_list(\"lt 1.4.6\"))) flag++;\nif (qpkg_check(package:\"net-misc/iputils\", unaffected:make_list(\"ge 20100418\"), vulnerable:make_list(\"lt 20100418\"))) flag++;\nif (qpkg_check(package:\"dev-util/sourcenav\", unaffected:make_list(\"ge 5.1.4\"), vulnerable:make_list(\"lt 5.1.4\"))) flag++;\nif (qpkg_check(package:\"x11-libs/gtk+\", unaffected:make_list(\"ge 2.18.7\"), vulnerable:make_list(\"lt 2.18.7\"))) flag++;\nif (qpkg_check(package:\"sys-auth/pam_krb5\", unaffected:make_list(\"ge 4.3\"), vulnerable:make_list(\"lt 4.3\"))) flag++;\nif (qpkg_check(package:\"dev-lang/tk\", unaffected:make_list(\"ge 8.4.18-r1\"), vulnerable:make_list(\"lt 8.4.18-r1\"))) flag++;\nif (qpkg_check(package:\"x11-misc/slim\", unaffected:make_list(\"ge 1.3.2\"), vulnerable:make_list(\"lt 1.3.2\"))) flag++;\nif (qpkg_check(package:\"dev-perl/perl-tk\", unaffected:make_list(\"ge 804.028-r2\"), vulnerable:make_list(\"lt 804.028-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-arch/gzip / kde-base/kget / dev-libs/liblzw / kde-base/kdm / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:32", "bulletinFamily": "software", "description": "Few vulnerabilities potentially allow code execution on PNG parsing.", "modified": "2009-02-25T00:00:00", "published": "2009-02-25T00:00:00", "id": "SECURITYVULNS:VULN:9691", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9691", "title": "libpng multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:051\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : libpng\r\n Date : February 23, 2009\r\n Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0,\r\n Multi Network Firewall 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A number of vulnerabilities have been found and corrected in libpng:\r\n \r\n Fixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was\r\n allready fixed in Mandriva Linux 2009.0.\r\n \r\n Fix the function png_check_keyword() that allowed setting arbitrary\r\n bytes in the process memory to 0 (CVE-2008-5907).\r\n \r\n Fix a potential DoS (Denial of Service) or to potentially compromise\r\n an application using the library (CVE-2009-0040).\r\n \r\n The updated packages have been patched to prevent this.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5907\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.0:\r\n 998ac96ae507c96bc3bf5180319412e7 2008.0/i586/libpng3-1.2.22-0.3mdv2008.0.i586.rpm\r\n acbb66ecf6c7ad53d171aa3958d58abf 2008.0/i586/libpng-devel-1.2.22-0.3mdv2008.0.i586.rpm\r\n c2648d20ebe13e5d954f24876a14e513 2008.0/i586/libpng-source-1.2.22-0.3mdv2008.0.i586.rpm\r\n 388af16c0f685b8cd726e0ace52b60ce 2008.0/i586/libpng-static-devel-1.2.22-0.3mdv2008.0.i586.rpm \r\n b27dd859afb25f890d7d6b2030dc5271 2008.0/SRPMS/libpng-1.2.22-0.3mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n 7c69863bb4054d737a898e039bcd61d4 2008.0/x86_64/lib64png3-1.2.22-0.3mdv2008.0.x86_64.rpm\r\n 99b8f97c3f5df41a0b72cb6ca1962d60 2008.0/x86_64/lib64png-devel-1.2.22-0.3mdv2008.0.x86_64.rpm\r\n 823d4ae86d6367d4364ad7f7ba0285f6 2008.0/x86_64/lib64png-static-devel-1.2.22-0.3mdv2008.0.x86_64.rpm\r\n 110e19b8057b5d3711476e66ce27a8c4 2008.0/x86_64/libpng-source-1.2.22-0.3mdv2008.0.x86_64.rpm \r\n b27dd859afb25f890d7d6b2030dc5271 2008.0/SRPMS/libpng-1.2.22-0.3mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.1:\r\n 1b179e2b3487869c27b207017dff48d3 2008.1/i586/libpng3-1.2.25-2.2mdv2008.1.i586.rpm\r\n f7eab99997bb5141d479c6c503d9d1f6 2008.1/i586/libpng-devel-1.2.25-2.2mdv2008.1.i586.rpm\r\n ca12104e547b7faf7ba1018ef244aa88 2008.1/i586/libpng-source-1.2.25-2.2mdv2008.1.i586.rpm\r\n 8902a48738d5729160f31e37fc46a9f2 2008.1/i586/libpng-static-devel-1.2.25-2.2mdv2008.1.i586.rpm \r\n 2a7f7d02d232ce9948359377ba1e1ffb 2008.1/SRPMS/libpng-1.2.25-2.2mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 2b1949ee8868bb7475310de66478640e 2008.1/x86_64/lib64png3-1.2.25-2.2mdv2008.1.x86_64.rpm\r\n 4abeaf3ca19d4660b5ee1d22451413d5 2008.1/x86_64/lib64png-devel-1.2.25-2.2mdv2008.1.x86_64.rpm\r\n 7aa2e1a738a12c633dcf1d1d5b7acd6e 2008.1/x86_64/lib64png-static-devel-1.2.25-2.2mdv2008.1.x86_64.rpm\r\n 702d85b49120f5422db08345fc697758 2008.1/x86_64/libpng-source-1.2.25-2.2mdv2008.1.x86_64.rpm \r\n 2a7f7d02d232ce9948359377ba1e1ffb 2008.1/SRPMS/libpng-1.2.25-2.2mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n db67f1e4b8a43986f03f718ad4d7120e 2009.0/i586/libpng3-1.2.31-2.1mdv2009.0.i586.rpm\r\n 02a423cae16e9c656129601f1ae69600 2009.0/i586/libpng-devel-1.2.31-2.1mdv2009.0.i586.rpm\r\n f91a68467b81b3f532ef21b4ff9c9516 2009.0/i586/libpng-source-1.2.31-2.1mdv2009.0.i586.rpm\r\n 0f28993456fd4c012385aa11baba2f7e 2009.0/i586/libpng-static-devel-1.2.31-2.1mdv2009.0.i586.rpm \r\n 99962c17399bba390d4996e09f7cfd28 2009.0/SRPMS/libpng-1.2.31-2.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 6c9a8ddfc4872957863cad6b24e8a3ac 2009.0/x86_64/lib64png3-1.2.31-2.1mdv2009.0.x86_64.rpm\r\n 3d25e33a29512b1aca2ce738b8f5f349 2009.0/x86_64/lib64png-devel-1.2.31-2.1mdv2009.0.x86_64.rpm\r\n a0e049c7090222715957c8db4bf102b5 2009.0/x86_64/lib64png-static-devel-1.2.31-2.1mdv2009.0.x86_64.rpm\r\n 7611de5e02c238f6b8338fd49e07fcfa 2009.0/x86_64/libpng-source-1.2.31-2.1mdv2009.0.x86_64.rpm \r\n 99962c17399bba390d4996e09f7cfd28 2009.0/SRPMS/libpng-1.2.31-2.1mdv2009.0.src.rpm\r\n\r\n Corporate 3.0:\r\n 0ea2e361290b0c8aceb44c3534939ed5 corporate/3.0/i586/libpng3-1.2.5-10.11.C30mdk.i586.rpm\r\n 032c61ff00b460854757cd55b32d5d2a corporate/3.0/i586/libpng3-devel-1.2.5-10.11.C30mdk.i586.rpm\r\n 3bcfeddfcbb1c695a3a0a9b44850ad27 \r\ncorporate/3.0/i586/libpng3-static-devel-1.2.5-10.11.C30mdk.i586.rpm \r\n 4bf80d3855abcfde33835c4bc4ebad4d corporate/3.0/SRPMS/libpng-1.2.5-10.11.C30mdk.src.rpm\r\n\r\n Corporate 3.0/X86_64:\r\n 57ee9252923d33d66a1787a9a68174a4 corporate/3.0/x86_64/lib64png3-1.2.5-10.11.C30mdk.x86_64.rpm\r\n c8c47259e3eb68c1c71be2a90ac1cde9 corporate/3.0/x86_64/lib64png3-devel-1.2.5-10.11.C30mdk.x86_64.rpm\r\n 2370808839b2f59ded6bc1b59f437801 \r\ncorporate/3.0/x86_64/lib64png3-static-devel-1.2.5-10.11.C30mdk.x86_64.rpm \r\n 4bf80d3855abcfde33835c4bc4ebad4d corporate/3.0/SRPMS/libpng-1.2.5-10.11.C30mdk.src.rpm\r\n\r\n Corporate 4.0:\r\n 778576940a74bd6db459c275cd2203e1 corporate/4.0/i586/libpng3-1.2.8-1.6.20060mlcs4.i586.rpm\r\n c2a63382d99f8b9fb0d68f1ab21e5d21 corporate/4.0/i586/libpng3-devel-1.2.8-1.6.20060mlcs4.i586.rpm\r\n 820ff66e8fdad685d26f9180070f3c4c \r\ncorporate/4.0/i586/libpng3-static-devel-1.2.8-1.6.20060mlcs4.i586.rpm \r\n bcbfc6f4913e8fd5787428076f1a1a48 corporate/4.0/SRPMS/libpng-1.2.8-1.6.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 11d4794bd27fafcb127101bf7787ca15 corporate/4.0/x86_64/lib64png3-1.2.8-1.6.20060mlcs4.x86_64.rpm\r\n 64719027cd4bfa88a22bc8093708ac60 \r\ncorporate/4.0/x86_64/lib64png3-devel-1.2.8-1.6.20060mlcs4.x86_64.rpm\r\n f148fcfab25d6eab2cca7d990c0df781 \r\ncorporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.6.20060mlcs4.x86_64.rpm \r\n bcbfc6f4913e8fd5787428076f1a1a48 corporate/4.0/SRPMS/libpng-1.2.8-1.6.20060mlcs4.src.rpm\r\n\r\n Multi Network Firewall 2.0:\r\n 64eb92be451c217de475874e6877cf93 mnf/2.0/i586/libpng3-1.2.5-10.11.C30mdk.i586.rpm\r\n c34ffb76d4dbbcabcce7b98aed909d20 mnf/2.0/i586/libpng3-devel-1.2.5-10.11.C30mdk.i586.rpm\r\n bad230920945e3204e27b5ff52a9875c mnf/2.0/i586/libpng3-static-devel-1.2.5-10.11.C30mdk.i586.rpm \r\n bd0355475f58e795b1bb8b9ec67ffdad mnf/2.0/SRPMS/libpng-1.2.5-10.11.C30mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFJotpVmqjQ0CJFipgRAmwfAJ9tDviMESsfI7z2eJQWNrQCDN/WGgCg7aKV\r\n0icY9xLHmK7LH2kepSQuc34=\r\n=uk3n\r\n-----END PGP SIGNATURE-----", "modified": "2009-02-25T00:00:00", "published": "2009-02-25T00:00:00", "id": "SECURITYVULNS:DOC:21384", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21384", "title": "[ MDVSA-2009:051 ] libpng", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:58", "bulletinFamily": "unix", "description": "### Background\n\nlibpng is the official PNG reference library used to read, write and manipulate PNG images. \n\n### Description\n\nMultiple vulnerabilities were discovered in libpng: \n\n * A memory leak bug was reported in png_handle_tEXt(), a function that is used while reading PNG images (CVE-2008-6218).\n * A memory overwrite bug was reported by Jon Foster in png_check_keyword(), caused by writing overlong keywords to a PNG file (CVE-2008-5907).\n * A memory corruption issue, caused by an incorrect handling of an out of memory condition has been reported by Tavis Ormandy of the Google Security Team. That vulnerability affects direct uses of png_read_png(), pCAL chunk and 16-bit gamma table handling (CVE-2009-0040).\n\n### Impact\n\nA remote attacker may execute arbitrary code with the privileges of the user opening a specially crafted PNG file by exploiting the erroneous out-of-memory handling. An attacker may also exploit the png_check_keyword() error to set arbitrary memory locations to 0, if the application allows overlong, user-controlled keywords when writing PNG files. The png_handle_tEXT() vulnerability may be exploited by an attacker to potentially consume all memory on a users system when a specially crafted PNG file is opened. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll libpng users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libpng-1.2.35\"", "modified": "2009-03-15T00:00:00", "published": "2009-03-15T00:00:00", "id": "GLSA-200903-28", "href": "https://security.gentoo.org/glsa/200903-28", "type": "gentoo", "title": "libpng: Multiple vulnerabilities", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:16", "bulletinFamily": "unix", "description": "### Background\n\nFor more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. \n\n### Description\n\nVulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. \n\n * Insight\n * Perl Tk Module\n * Source-Navigator\n * Tk\n * Partimage\n * Mlmmj\n * acl\n * Xinit\n * gzip\n * ncompress\n * liblzw\n * splashutils\n * GNU M4\n * KDE Display Manager\n * GTK+\n * KGet\n * dvipng\n * Beanstalk\n * Policy Mount\n * pam_krb5\n * GNU gv\n * LFTP\n * Uzbl\n * Slim\n * Bitdefender Console\n * iputils\n * DVBStreamer\n\n### Impact\n\nA context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. \n\n### Workaround\n\nThere are no known workarounds at this time.\n\n### Resolution\n\nAll Insight users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/insight-6.7.1-r1\"\n \n\nAll Perl Tk Module users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-perl/perl-tk-804.028-r2\"\n \n\nAll Source-Navigator users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/sourcenav-5.1.4\"\n \n\nAll Tk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/tk-8.4.18-r1\"\n \n\nAll Partimage users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-block/partimage-0.6.8\"\n \n\nAll Mlmmj users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-mail/mlmmj-1.2.17.1\"\n \n\nAll acl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/acl-2.2.49\"\n \n\nAll Xinit users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-apps/xinit-1.2.0-r4\"\n \n\nAll gzip users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/gzip-1.4\"\n \n\nAll ncompress users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/ncompress-4.2.4.3\"\n \n\nAll liblzw users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/liblzw-0.2\"\n \n\nAll splashutils users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-gfx/splashutils-1.5.4.3-r3\"\n \n\nAll GNU M4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-devel/m4-1.4.14-r1\"\n \n\nAll KDE Display Manager users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdm-4.3.5-r1\"\n \n\nAll GTK+ users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/gtk+-2.18.7\"\n \n\nAll KGet 4.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kget-4.3.5-r1\"\n \n\nAll dvipng users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/dvipng-1.13\"\n \n\nAll Beanstalk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-misc/beanstalkd-1.4.6\"\n \n\nAll Policy Mount users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/pmount-0.9.23\"\n \n\nAll pam_krb5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-auth/pam_krb5-4.3\"\n \n\nAll GNU gv users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/gv-3.7.1\"\n \n\nAll LFTP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-ftp/lftp-4.0.6\"\n \n\nAll Uzbl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/uzbl-2010.08.05\"\n \n\nAll Slim users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-misc/slim-1.3.2\"\n \n\nAll iputils users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/iputils-20100418\"\n \n\nAll DVBStreamer users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-tv/dvbstreamer-1.1-r1\"\n \n\nGentoo has discontinued support for Bitdefender Console. We recommend that users unmerge Bitdefender Console: \n \n \n # emerge --unmerge \"app-antivirus/bitdefender-console\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2011. It is likely that your system is already no longer affected by these issues.", "modified": "2014-12-11T00:00:00", "published": "2014-12-11T00:00:00", "id": "GLSA-201412-08", "href": "https://security.gentoo.org/glsa/201412-08", "type": "gentoo", "title": "Multiple packages, Multiple vulnerabilities fixed in 2010", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2019-05-30T02:22:01", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1750-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nMarch 22, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : libpng\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 CVE-2009-0040\nDebian Bug : 446308 476669 516256 512665\n\nSeveral vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nThe png_handle_tRNS function allows attackers to cause a denial of\nservice (application crash) via a grayscale PNG image with a bad tRNS\nchunk CRC value. (CVE-2007-2445)\n\nCertain chunk handlers allow attackers to cause a denial of service\n(crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG\nimages, which trigger out-of-bounds read operations. (CVE-2007-5269)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(crash) and possibly execute arbitrary code via a PNG file with zero\nlength "unknown" chunks, which trigger an access of uninitialized\nmemory. (CVE-2008-1382)\n\nThe png_check_keyword might allow context-dependent attackers to set the\nvalue of an arbitrary memory location to zero via vectors involving\ncreation of crafted PNG files with keywords. (CVE-2008-5907)\n\nA memory leak in the png_handle_tEXt function allows context-dependent\nattackers to cause a denial of service (memory exhaustion) via a crafted\nPNG file. (CVE-2008-6218)\n\nlibpng allows context-dependent attackers to cause a denial of service\n(application crash) or possibly execute arbitrary code via a crafted PNG\nfile that triggers a free of an uninitialized pointer in (1) the\npng_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit\ngamma tables. (CVE-2009-0040)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version1.2.15~beta5-1+etch2.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and\nCVE-2009-0040 affect the stable distribution.)\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.35-1.\n\nWe recommend that you upgrade your libpng packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5 checksum: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.diff.gz\n Size/MD5 checksum: 18622 e1e1b7d74b9af5861bdcfc50154d2b4c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.dsc\n Size/MD5 checksum: 1033 a0668aeec893b093e1f8f68316a04041\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.15~beta5-1+etch2_all.deb\n Size/MD5 checksum: 882 eb0e501247bd91837c090cf3353e07c6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_alpha.deb\n Size/MD5 checksum: 214038 1dd9a6d646d8ae533fbabbb32e03149a\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_alpha.deb\n Size/MD5 checksum: 204478 d04c5a2151ca4aa8b1fa6f1b3078e418\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_alpha.udeb\n Size/MD5 checksum: 85270 1fcfca5bfd47a2f6611074832273ac0b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_amd64.deb\n Size/MD5 checksum: 188124 703758e444f77281b9104e20c358b521\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_amd64.deb\n Size/MD5 checksum: 179186 d2596f942999be2acb79e77d12d99c2e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_amd64.udeb\n Size/MD5 checksum: 69056 4bd8858ff3ef96c108d2f357e67c7b73\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_arm.udeb\n Size/MD5 checksum: 63714 14bd7b3fa29b01ebc18b6611eea486d1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_arm.deb\n Size/MD5 checksum: 168764 54a349016bbdd6624fe8552bd951fee0\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_arm.deb\n Size/MD5 checksum: 182720 79e501f9c79d31b0f9c8b5a4f16f6a2e\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_hppa.udeb\n Size/MD5 checksum: 74440 e240adb3f2b0f8ed35a3c2fe2dd35da1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_hppa.deb\n Size/MD5 checksum: 187052 e5f7162d516fc3d8e953726d7fb5b6ae\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_hppa.deb\n Size/MD5 checksum: 194360 83928ed4057deade50551874a6a85d27\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_i386.udeb\n Size/MD5 checksum: 67656 66d9d533e26e4f74fbdd01bf55fa40b1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_i386.deb\n Size/MD5 checksum: 187710 20da5a533679aee19edf5cd0c339f2c9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_i386.deb\n Size/MD5 checksum: 170784 b19d4f0f8be4d65dbb847079ce2effa8\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_ia64.deb\n Size/MD5 checksum: 227792 eb01ade8e4b4dba3215832b8c632548a\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_ia64.udeb\n Size/MD5 checksum: 108076 cb3ae7c7c66dcafce969608a437fdade\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_ia64.deb\n Size/MD5 checksum: 227388 83fa9e2ba1a370fe1b973688ab6096dd\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mips.deb\n Size/MD5 checksum: 187814 daa3c7c3aeae294c661324528e0f6c3e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mips.deb\n Size/MD5 checksum: 187016 e556557c1c570c66656232422af38c8e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mips.udeb\n Size/MD5 checksum: 67730 ae7ea1cd95eacae754ba35e9fae19818\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mipsel.udeb\n Size/MD5 checksum: 67996 4be0aa40152ac55a7355aea2204d7888\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mipsel.deb\n Size/MD5 checksum: 187852 19a6eddae81d4f9d768f8c0ef442b0ed\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mipsel.deb\n Size/MD5 checksum: 187282 119ae6083edd419fed3fe970cc507919\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_powerpc.deb\n Size/MD5 checksum: 178452 e48dc544abc3df3ec474930639e29469\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_powerpc.deb\n Size/MD5 checksum: 186636 b8319bb815dec618288cdd35cd37c191\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_powerpc.udeb\n Size/MD5 checksum: 67430 a3717e7c30011e60be99ce04983f2984\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_s390.deb\n Size/MD5 checksum: 178548 790f01dc85511343a4ef9b4832f3b1fa\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_s390.deb\n Size/MD5 checksum: 190648 a79ea20f0b8af58765d2b14ec276aa5a\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_s390.udeb\n Size/MD5 checksum: 71438 aa83c3a2ab4da51670da3eafcedddac9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_sparc.udeb\n Size/MD5 checksum: 64914 13bcdda845e00493e1b25413452302d0\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_sparc.deb\n Size/MD5 checksum: 184734 0f0e7865607948f07a604c86fd4f94bb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_sparc.deb\n Size/MD5 checksum: 172558 2853d84c9f9823d0bfe77b1fca00348d\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.diff.gz\n Size/MD5 checksum: 16783 64d84ee2a3098905d361711dc96698c9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.dsc\n Size/MD5 checksum: 1492 8c82810267b23916b6207fa40f0b6bce\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny2_all.deb\n Size/MD5 checksum: 878 8d46f725bd49014cdb4e15508baea203\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_alpha.deb\n Size/MD5 checksum: 287802 470918bf3d543a1128df53d4bed78b3f\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_alpha.deb\n Size/MD5 checksum: 182372 df321c1623004da3cf1daacae952e8b6\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_alpha.udeb\n Size/MD5 checksum: 86746 975dccb76f777be09e8e5353704bf6bf\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_amd64.udeb\n Size/MD5 checksum: 71944 3f3bdfdee4699b4b3e5c793686330036\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_amd64.deb\n Size/MD5 checksum: 254598 122c139abf34eb461eca9847ec9dffe7\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_amd64.deb\n Size/MD5 checksum: 167190 1c17a5378b2e6b8fa8760847510f208b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_arm.deb\n Size/MD5 checksum: 245788 9d3fe182d56caad3f9d8a436ca109b57\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_arm.udeb\n Size/MD5 checksum: 64754 81ee041de30e2e5343d38965ab0645c1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_arm.deb\n Size/MD5 checksum: 160222 5741adc357ec8f3f09c4c8e72f02ec88\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_armel.udeb\n Size/MD5 checksum: 67178 71747c7d6f7bffde46bb38055948b781\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_armel.deb\n Size/MD5 checksum: 246680 bb9df968f72c62d5adceab0079c86e02\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_armel.deb\n Size/MD5 checksum: 163028 60bf255a23031c9c105d3582ed2c21bd\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_hppa.deb\n Size/MD5 checksum: 261298 a0bac6595474dc5778c764fab4acd9be\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_hppa.deb\n Size/MD5 checksum: 170170 de217ce54775d5f648ad369f4ce7cb72\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_hppa.udeb\n Size/MD5 checksum: 74124 affd4f1155bd1d571615b6c767886974\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_i386.udeb\n Size/MD5 checksum: 70314 865ea6726b205467e770d56d1530fdd2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_i386.deb\n Size/MD5 checksum: 165892 cfcd37b7eee72625d13f09328bc24e23\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_i386.deb\n Size/MD5 checksum: 247056 bc860a52608d966576f581c27e89a86c\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_ia64.deb\n Size/MD5 checksum: 305532 d6f329a47a523353fcd527c48abb078c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_ia64.deb\n Size/MD5 checksum: 207604 78b003ade0b48d1510f436f2e5008588\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_ia64.udeb\n Size/MD5 checksum: 112070 a0f1e5e8a85bcc1995faa1e031f5e16e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mips.udeb\n Size/MD5 checksum: 68198 a68e0ba1f7a39bd9984414f4160de5bc\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mips.deb\n Size/MD5 checksum: 262138 f3580912592abe14609134cab2242728\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mips.deb\n Size/MD5 checksum: 163666 0c9f75230c396553e6062eb397d6b95c\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mipsel.deb\n Size/MD5 checksum: 163956 dfda7e322af96e8ae5104cfd9f955e92\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mipsel.udeb\n Size/MD5 checksum: 68468 9c357d2d831dca03ed0887c58a18c523\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mipsel.deb\n Size/MD5 checksum: 262162 a1d0ba1b7adb92a95180e6d65b398b5b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_powerpc.udeb\n Size/MD5 checksum: 70814 3053467f8b8864802cc7261742abfa00\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_powerpc.deb\n Size/MD5 checksum: 166240 13acfd773d2a31bd555ac1936411fe95\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_powerpc.deb\n Size/MD5 checksum: 253322 d4a722d84e5c2f263d72a59dea00ce17\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_s390.deb\n Size/MD5 checksum: 253696 bc748b49195dcd01b5288349e3e85510\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_s390.udeb\n Size/MD5 checksum: 73624 f35735be37fc376c56941795a185c742\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_s390.deb\n Size/MD5 checksum: 169052 4cf962619d634ea59a39d14c32134594\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_sparc.udeb\n Size/MD5 checksum: 66216 07bcad5c11908d2fe6d358dfc94d9051\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_sparc.deb\n Size/MD5 checksum: 247212 f388365559e6b9313aa6048c6fa341f9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_sparc.deb\n Size/MD5 checksum: 162316 16f01a96b1fec79e9614df831dba6a05\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-03-22T17:16:25", "published": "2009-03-22T17:16:25", "id": "DEBIAN:DSA-1750-1:2594D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00060.html", "title": "[SECURITY] [DSA 1750-1] New libpng packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T17:22:23", "bulletinFamily": "unix", "description": "It was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. (CVE-2007-5268, CVE-2007-5269)\n\nTavis Ormandy discovered that libpng did not properly initialize memory. If a user or automated system were tricked into opening a crafted PNG image, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue did not affect Ubuntu 8.10. (CVE-2008-1382)\n\nHarald van Dijk discovered an off-by-one error in libpng. An attacker could could cause an application crash in programs using pngtest. (CVE-2008-3964)\n\nIt was discovered that libpng did not properly NULL terminate a keyword string. An attacker could exploit this to set arbitrary memory locations to zero. (CVE-2008-5907)\n\nGlenn Randers-Pehrson discovered that libpng did not properly initialize pointers. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0040)", "modified": "2009-03-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "USN-730-1", "href": "https://usn.ubuntu.com/730-1/", "title": "libpng vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}