Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310831349
HistoryMar 15, 2011 - 12:00 a.m.

Mandriva Update for libtiff MDVSA-2011:043 (libtiff)

2011-03-1500:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
13

7.5 High

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

92.9%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.mandriva.com/security-announce/2011-03/msg00005.php");
  script_oid("1.3.6.1.4.1.25623.1.0.831349");
  script_version("2023-07-14T16:09:26+0000");
  script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
  script_tag(name:"creation_date", value:"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_xref(name:"MDVSA", value:"2011:043");
  script_cve_id("CVE-2011-0192", "CVE-2009-2347", "CVE-2010-2065");
  script_name("Mandriva Update for libtiff MDVSA-2011:043 (libtiff)");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'libtiff'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(mes5|2010\.1|2010\.0|2009\.0)");
  script_tag(name:"affected", value:"libtiff on Mandriva Linux 2009.0,
  Mandriva Linux 2009.0/X86_64,
  Mandriva Linux 2010.0,
  Mandriva Linux 2010.0/X86_64,
  Mandriva Linux 2010.1,
  Mandriva Linux 2010.1/X86_64,
  Mandriva Enterprise Server 5,
  Mandriva Enterprise Server 5/X86_64");
  script_tag(name:"insight", value:"A buffer overflow was discovered in libtiff which allows remote
  attackers to execute arbitrary code or cause a denial of service
  (application crash) via a crafted TIFF image with CCITT Group 4
  encoding (CVE-2011-0192).

  Additionally it was discovered that the fixes for CVE-2009-2347 and
  CVE-2010-2065 were incomplete for Mandriva Linux 2010.0 and 2010.2
  and being resolved as well.

  Packages for 2009.0 are provided as of the Extended Maintenance
  Program. The updated packages have been patched to correct these issues.");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"http://store.mandriva.com/product_info.php?cPath=149&products_id=490");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "MNDK_mes5")
{

  if ((res = isrpmvuln(pkg:"libtiff3", rpm:"libtiff3~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff3-devel", rpm:"libtiff3-devel~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff3-static-devel", rpm:"libtiff3-static-devel~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-progs", rpm:"libtiff-progs~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff", rpm:"libtiff~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3", rpm:"lib64tiff3~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3-devel", rpm:"lib64tiff3-devel~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3-static-devel", rpm:"lib64tiff3-static-devel~3.8.2~12.4mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2010.1")
{

  if ((res = isrpmvuln(pkg:"libtiff3", rpm:"libtiff3~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-devel", rpm:"libtiff-devel~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-progs", rpm:"libtiff-progs~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-static-devel", rpm:"libtiff-static-devel~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff", rpm:"libtiff~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3", rpm:"lib64tiff3~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff-devel", rpm:"lib64tiff-devel~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff-static-devel", rpm:"lib64tiff-static-devel~3.9.2~2.3mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2010.0")
{

  if ((res = isrpmvuln(pkg:"libtiff3", rpm:"libtiff3~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-devel", rpm:"libtiff-devel~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-progs", rpm:"libtiff-progs~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-static-devel", rpm:"libtiff-static-devel~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff", rpm:"libtiff~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3", rpm:"lib64tiff3~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff-devel", rpm:"lib64tiff-devel~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff-static-devel", rpm:"lib64tiff-static-devel~3.9.1~4.3mdv2010.0", rls:"MNDK_2010.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2009.0")
{

  if ((res = isrpmvuln(pkg:"libtiff3", rpm:"libtiff3~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff3-devel", rpm:"libtiff3-devel~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff3-static-devel", rpm:"libtiff3-static-devel~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff-progs", rpm:"libtiff-progs~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libtiff", rpm:"libtiff~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3", rpm:"lib64tiff3~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3-devel", rpm:"lib64tiff3-devel~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64tiff3-static-devel", rpm:"lib64tiff3-static-devel~3.8.2~12.4mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

openvas 83
nessus 55
altlinux 5
cvelist 3
ubuntucve 4
prion 3
cve 3
fedora 11
securityvulns 6
seebug 1
debiancve 3
freebsd 1
ubuntu 2
veracode 2
oraclelinux 3
centos 2
redhat 2
gentoo 2
debian 4
osv 2
slackware 2
openvas
openvas
Mandriva Update for libtiff MDVSA-2011:043 (libtiff)
2011-03-15 00:00:00
Fedora Update for libtiff FEDORA-2010-10359
2010-06-25 00:00:00
Fedora Update for libtiff FEDORA-2010-10359
2010-06-25 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : libtiff (MDVSA-2011:043)
2011-03-09 00:00:00
FreeBSD : tiff -- Multiple integer overflows (8816bf3a-7929-11df-bcce-0018f3e2eb82)
2010-06-17 00:00:00
SuSE9 Security Update : libtiff (YOU Patch Number 12470)
2009-09-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package libtiff version 3.8.2-alt5
2009-07-15 00:00:00
Security fix for the ALT Linux 10 package libtiff version 3.8.2-alt5
2009-07-15 00:00:00
Security fix for the ALT Linux 10 package libtiff version 3.9.4-alt5
2011-03-09 00:00:00
cvelist
cvelist
CVE-2009-2347
2009-07-14 20:16:00
CVE-2010-2065
2010-06-23 18:00:00
CVE-2011-0192
2011-03-03 19:00:00
ubuntucve
ubuntucve
CVE-2009-2347
2009-07-14 00:00:00
CVE-2010-2065
2010-06-13 00:00:00
CVE-2011-0192
2011-03-02 00:00:00
prion
prion
Integer overflow
2009-07-14 20:30:00
Integer overflow
2010-06-24 12:30:00
Buffer overflow
2011-03-03 20:00:00
cve
cve
CVE-2009-2347
2009-07-14 20:30:00
CVE-2010-2065
2010-06-24 12:30:00
CVE-2011-0192
2011-03-03 20:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: libtiff-3.9.4-4.fc13
2011-04-11 20:58:53
[SECURITY] Fedora 15 Update: libtiff-3.9.4-3.fc15
2011-03-12 04:41:24
[SECURITY] Fedora 14 Update: libtiff-3.9.4-3.fc14
2011-03-07 21:06:23
securityvulns
securityvulns
[oCERT-2009-012] libtiff tools integer overflows
2009-07-14 00:00:00
libtiff multiple security vulnerabilities
2009-07-14 00:00:00
libtiff multiple security vulnerabilities
2010-06-29 00:00:00
seebug
seebug
LibTIFF库tiff2rgba和rgb2ycbcr转换工具整数溢出漏洞
2009-07-14 00:00:00
debiancve
debiancve
CVE-2009-2347
2009-07-14 20:30:00
CVE-2010-2065
2010-06-24 12:30:00
CVE-2011-0192
2011-03-03 20:00:00
freebsd
freebsd
tiff -- Multiple integer overflows
2009-05-22 00:00:00
ubuntu
ubuntu
tiff vulnerability
2009-07-13 00:00:00
tiff vulnerabilities
2010-06-21 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:36:26
Arbitrary Code Execution
2020-04-10 00:55:01
oraclelinux
oraclelinux
libtiff security update
2011-03-03 00:00:00
libtiff security update
2009-07-16 00:00:00
libtiff security and bug fix update
2011-03-28 00:00:00
centos
centos
libtiff security update
2011-03-03 03:27:08
libtiff security update
2009-07-22 22:35:54
redhat
redhat
(RHSA-2011:0318) Important: libtiff security update
2011-03-02 00:00:00
(RHSA-2009:1159) Moderate: libtiff security update
2009-07-16 00:00:00
gentoo
gentoo
libTIFF: User-assisted execution of arbitrary code
2009-08-07 00:00:00
libTIFF: Multiple vulnerabilities
2012-09-23 00:00:00
debian
debian
[SECURITY] [DSA 1835-1] New tiff packages fix several vulnerabilities
2009-07-15 19:20:42
[SECURITY] [DSA-2210-2] tiff security update
2011-06-25 10:31:46
[SECURITY] [DSA-2210-2] tiff security update
2011-06-25 10:48:11
osv
osv
tiff - several vulnerabilities
2009-07-15 00:00:00
tiff - several
2011-04-03 00:00:00
slackware
slackware
[slackware-security] libtiff
2011-04-11 21:57:06
[slackware-security] libtiff
2010-06-30 06:40:02

7.5 High

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

92.9%

JSON
Related for OPENVAS:1361412562310831349
openvas83nessus55altlinux5cvelist3ubuntucve4prion3cve3fedora11securityvulns6seebug1debiancve3freebsd1ubuntu2veracode2oraclelinux3centos2redhat2gentoo2debian4osv2slackware2