Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 Greenbone Networks GmbHOPENVAS:1361412562310830125
HistoryApr 09, 2009 - 12:00 a.m.

Mandriva Update for tetex MDKSA-2007:109 (tetex)

2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
18

EPSS

0.065

Percentile

93.7%

JSON

Check for the Version of tetex

###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for tetex MDKSA-2007:109 (tetex)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Buffer overflow in the gdImageStringFTEx function in gdft.c in the
  GD Graphics Library 2.0.33 and earlier allows remote attackers to
  cause a denial of service (application crash) and possibly execute
  arbitrary code via a crafted string with a JIS encoded font.

  Tetex 3.x uses an embedded copy of the gd source and may also be
  affected by this issue (CVE-2007-0455).
  
  A buffer overflow in the open_sty function for makeindex in Tetex
  could allow user-assisted remote attackers to overwrite files and
  possibly execute arbitrary code via a long filename (CVE-2007-0650).
  
  The updated packages have been patched to prevent these issues.";

tag_affected = "tetex on Mandriva Linux 2007.0,
  Mandriva Linux 2007.0/X86_64,
  Mandriva Linux 2007.1,
  Mandriva Linux 2007.1/X86_64";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2007-05/msg00033.php");
  script_oid("1.3.6.1.4.1.25623.1.0.830125");
  script_version("$Revision: 9370 $");
  script_tag(name:"last_modification", value:"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $");
  script_tag(name:"creation_date", value:"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_xref(name: "MDKSA", value: "2007:109");
  script_cve_id("CVE-2007-0455", "CVE-2007-0650");
  script_name( "Mandriva Update for tetex MDKSA-2007:109 (tetex)");

  script_tag(name:"summary", value:"Check for the Version of tetex");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "MNDK_2007.1")
{

  if ((res = isrpmvuln(pkg:"jadetex", rpm:"jadetex~3.12~129.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex", rpm:"tetex~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-afm", rpm:"tetex-afm~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-context", rpm:"tetex-context~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-devel", rpm:"tetex-devel~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-doc", rpm:"tetex-doc~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-dvilj", rpm:"tetex-dvilj~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-dvipdfm", rpm:"tetex-dvipdfm~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-dvips", rpm:"tetex-dvips~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-latex", rpm:"tetex-latex~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-mfwin", rpm:"tetex-mfwin~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-texi2html", rpm:"tetex-texi2html~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-usrlocal", rpm:"tetex-usrlocal~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-xdvi", rpm:"tetex-xdvi~3.0~31.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xmltex", rpm:"xmltex~1.9~77.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "MNDK_2007.0")
{

  if ((res = isrpmvuln(pkg:"jadetex", rpm:"jadetex~3.12~116.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex", rpm:"tetex~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-afm", rpm:"tetex-afm~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-context", rpm:"tetex-context~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-devel", rpm:"tetex-devel~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-doc", rpm:"tetex-doc~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-dvilj", rpm:"tetex-dvilj~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-dvipdfm", rpm:"tetex-dvipdfm~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-dvips", rpm:"tetex-dvips~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-latex", rpm:"tetex-latex~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-mfwin", rpm:"tetex-mfwin~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-texi2html", rpm:"tetex-texi2html~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"tetex-xdvi", rpm:"tetex-xdvi~3.0~18.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xmltex", rpm:"xmltex~1.9~64.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

openvas 37
nessus 30
redhatcve 1
prion 2
nvd 2
securityvulns 2
cvelist 2
ubuntucve 2
cve 2
debiancve 1
veracode 1
fedora 5
gentoo 1
ubuntu 1
debian 1
osv 1
redhat 4
centos 3
oraclelinux 3
f5 2
amazon 1
freebsd 1
archlinux 1
slackware 1
kitploit 1
openvas
openvas
Mandriva Update for tetex MDKSA-2007:109 (tetex)
2009-04-09 00:00:00
Fedora Update for gd FEDORA-2007-150
2009-02-27 00:00:00
Mandriva Update for libwmf MDKSA-2007:036 (libwmf)
2009-04-09 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : tetex (MDKSA-2007:109)
2007-05-25 00:00:00
Mandrake Linux Security Advisory : libwmf (MDKSA-2007:036)
2007-02-18 00:00:00
Fedora Core 5 : gd-2.0.33-7.fc5 (2007-150)
2007-02-13 00:00:00
redhatcve
redhatcve
CVE-2007-0650
2015-10-30 09:35:03
prion
prion
Heap overflow
2007-02-01 19:28:00
Buffer overflow
2007-01-30 17:28:00
nvd
nvd
CVE-2007-0650
2007-02-01 19:28:00
CVE-2007-0455
2007-01-30 17:28:00
securityvulns
securityvulns
makeindex buffer overflows
2007-02-03 00:00:00
libgd graphics library code execution
2007-01-31 00:00:00
cvelist
cvelist
CVE-2007-0650
2007-02-01 19:00:00
CVE-2007-0455
2007-01-30 17:00:00
ubuntucve
ubuntucve
CVE-2007-0650
2007-02-01 00:00:00
CVE-2007-0455
2007-01-30 00:00:00
cve
cve
CVE-2007-0650
2007-02-01 19:28:00
CVE-2007-0455
2007-01-30 17:28:00
debiancve
debiancve
CVE-2007-0455
2007-01-30 17:28:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:15:21
fedora
fedora
[SECURITY] Fedora Core 5 Update: gd-2.0.33-7.fc5
2007-02-12 17:28:03
[SECURITY] Fedora Core 6 Update: gd-2.0.33-10.fc6
2007-02-12 17:26:55
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.5.fc6
2007-04-17 12:45:17
gentoo
gentoo
teTeX: Multiple buffer overflows
2007-09-27 00:00:00
ubuntu
ubuntu
libgd2 vulnerabilities
2007-06-12 00:00:00
debian
debian
[SECURITY] [DSA 1936-1] New libgd2 packages fix several vulnerabilities
2009-11-17 20:52:01
osv
osv
libgd2 - several vulnerabilities
2009-11-17 00:00:00
redhat
redhat
(RHSA-2007:0153) Moderate: php security update
2007-04-20 00:00:00
(RHSA-2007:0162) Moderate: php security update
2007-04-16 00:00:00
(RHSA-2007:0155) Important: php security update
2007-04-16 00:00:00
centos
centos
php security update
2007-04-21 13:47:06
gd security update
2008-02-28 19:35:25
php security update
2007-04-16 16:16:21
oraclelinux
oraclelinux
Important: php security update
2007-04-16 00:00:00
Moderate: gd security update
2008-02-28 00:00:00
Important: php security update
2007-06-26 00:00:00
f5
f5
K7859 : Multiple PHP vulnerabilities
2013-03-19 00:00:00
SOL7859 - Multiple PHP vulnerabilities
2007-09-16 00:00:00
amazon
amazon
Important: libwmf
2015-10-27 13:51:00
freebsd
freebsd
libwmf -- multiple vulnerabilities
2004-10-12 00:00:00
archlinux
archlinux
[ASA-201701-1] libwmf: multiple issues
2017-01-01 00:00:00
slackware
slackware
[slackware-security] libwmf
2018-05-01 01:19:49
kitploit
kitploit
arch-audit - An utility like pkg-audit for Arch Linux
2016-10-15 14:30:00

EPSS

0.065

Percentile

93.7%

JSON
Related for OPENVAS:1361412562310830125
openvas37nessus30redhatcve1prion2nvd2securityvulns2cvelist2ubuntucve2cve2debiancve1veracode1fedora5gentoo1ubuntu1debian1osv1redhat4centos3oraclelinux3f52amazon1freebsd1archlinux1slackware1kitploit1