ID OPENVAS:52263 Type openvas Reporter Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com Modified 2016-10-05T00:00:00
Description
The remote host is missing an update to the system
as announced in the referenced advisory.
#
#VID e3e266e9-5473-11d9-a9e7-0001020eed82
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from vuxml or freebsd advisories
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "The following packages are affected:
xpdf
kdegraphics
gpdf
teTeX-base
cups-base
koffice
pdftohtml
CVE-2004-1125
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00,
and other products that share code such as tetex-bin and kpdf in KDE
3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted PDF file that causes the boundaries of a maskColors
array to be exceeded.";
tag_solution = "Update your system with the appropriate patches or
software upgrades.
http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
http://www.vuxml.org/freebsd/e3e266e9-5473-11d9-a9e7-0001020eed82.html";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory.";
if(description)
{
script_id(52263);
script_version("$Revision: 4218 $");
script_tag(name:"last_modification", value:"$Date: 2016-10-05 16:20:48 +0200 (Wed, 05 Oct 2016) $");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2004-1125");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("FreeBSD Ports: xpdf");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsdrel", "login/SSH/success");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-bsd.inc");
txt = "";
vuln = 0;
bver = portver(pkg:"xpdf");
if(!isnull(bver) && revcomp(a:bver, b:"3.00_5")<0) {
txt += 'Package xpdf version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
bver = portver(pkg:"kdegraphics");
if(!isnull(bver) && revcomp(a:bver, b:"3.3.2_1")<0) {
txt += 'Package kdegraphics version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
bver = portver(pkg:"gpdf");
if(!isnull(bver) && revcomp(a:bver, b:"2.8.1")<=0) {
txt += 'Package gpdf version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
bver = portver(pkg:"teTeX-base");
if(!isnull(bver) && revcomp(a:bver, b:"2.0.2_6")<=0) {
txt += 'Package teTeX-base version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
bver = portver(pkg:"cups-base");
if(!isnull(bver) && revcomp(a:bver, b:"1.1.22.0")<=0) {
txt += 'Package cups-base version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
bver = portver(pkg:"koffice");
if(!isnull(bver) && revcomp(a:bver, b:"1.3.5,1")<=0) {
txt += 'Package koffice version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
bver = portver(pkg:"pdftohtml");
if(!isnull(bver) && revcomp(a:bver, b:"0.36_1")<0) {
txt += 'Package pdftohtml version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
if(vuln) {
security_message(data:string(txt));
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:52263", "type": "openvas", "bulletinFamily": "scanner", "title": "FreeBSD Ports: xpdf", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "modified": "2016-10-05T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=52263", "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2004-1125"], "lastseen": "2017-07-02T21:10:28", "viewCount": 0, "enchantments": {"score": {"value": 6.8, "vector": "NONE", "modified": "2017-07-02T21:10:28", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-1125"]}, {"type": "openvas", "idList": ["OPENVAS:54783", "OPENVAS:136141256231065483", "OPENVAS:54803", "OPENVAS:53458", "OPENVAS:53459", "OPENVAS:54817", "OPENVAS:65483", "OPENVAS:54799", "OPENVAS:54784"]}, {"type": "redhat", "idList": ["RHSA-2005:057", "RHSA-2005:018", "RHSA-2005:026", "RHSA-2005:013", "RHSA-2005:354", "RHSA-2005:053", "RHSA-2005:066", "RHSA-2005:034"]}, {"type": "gentoo", "idList": ["GLSA-200501-17", "GLSA-200412-25", "GLSA-200501-31", "GLSA-200412-24", "GLSA-200501-13"]}, {"type": "freebsd", "idList": ["E3E266E9-5473-11D9-A9E7-0001020EED82"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:7467", "SECURITYVULNS:DOC:7401", "SECURITYVULNS:DOC:7678"]}, {"type": "ubuntu", "idList": ["USN-50-1", "USN-48-1"]}, {"type": "osvdb", "idList": ["OSVDB:12554"]}, {"type": "nessus", "idList": ["FEDORA_2004-574.NASL", "MANDRAKE_MDKSA-2004-164.NASL", "MANDRAKE_MDKSA-2004-161.NASL", "MANDRAKE_MDKSA-2004-163.NASL", "FEDORA_2004-575.NASL", "FEDORA_2004-584.NASL", "FEDORA_2004-572.NASL", "FEDORA_2004-573.NASL", "DEBIAN_DSA-619.NASL", "UBUNTU_USN-48-1.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-621-1:90EDD", "DEBIAN:DSA-619-1:47B26"]}, {"type": "centos", "idList": ["CESA-2005:354"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0262"]}], "modified": "2017-07-02T21:10:28", "rev": 2}, "vulnersScore": 6.8}, "pluginID": "52263", "sourceData": "#\n#VID e3e266e9-5473-11d9-a9e7-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n xpdf\n kdegraphics\n gpdf\n teTeX-base\n cups-base\n koffice\n pdftohtml\n\nCVE-2004-1125\nBuffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00,\nand other products that share code such as tetex-bin and kpdf in KDE\n3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a\ndenial of service (application crash) and possibly execute arbitrary\ncode via a crafted PDF file that causes the boundaries of a maskColors\narray to be exceeded.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.idefense.com/application/poi/display?id=172&type=vulnerabilities\nhttp://www.vuxml.org/freebsd/e3e266e9-5473-11d9-a9e7-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52263);\n script_version(\"$Revision: 4218 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-10-05 16:20:48 +0200 (Wed, 05 Oct 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: xpdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"xpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.00_5\")<0) {\n txt += 'Package xpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"kdegraphics\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.3.2_1\")<0) {\n txt += 'Package kdegraphics version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"gpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.8.1\")<=0) {\n txt += 'Package gpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"teTeX-base\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.2_6\")<=0) {\n txt += 'Package teTeX-base version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"cups-base\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.22.0\")<=0) {\n txt += 'Package cups-base version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"koffice\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.5,1\")<=0) {\n txt += 'Package koffice version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"pdftohtml\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.36_1\")<0) {\n txt += 'Package pdftohtml version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "FreeBSD Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:33:40", "description": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.", "edition": 3, "cvss3": {}, "published": "2005-01-10T05:00:00", "title": "CVE-2004-1125", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-1125"], "modified": "2018-10-03T21:29:00", "cpe": ["cpe:/o:kde:kde:3.3.2", "cpe:/a:xpdf:xpdf:3.0", "cpe:/a:easy_software_products:cups:1.1.20", "cpe:/o:kde:kde:3.2.3"], "id": "CVE-2004-1125", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1125", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:50:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "description": "The remote host is missing an update to xpdf\nannounced via advisory DSA 619-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53458", "href": "http://plugins.openvas.org/nasl.php?oid=53458", "type": "openvas", "title": "Debian Security Advisory DSA 619-1 (xpdf)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_619_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 619-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An iDEFENSE security researcher discovered a buffer overflow in xpdf,\nthe portable document format (PDF) suite. A maliciously crafted PDF\nfile could exploit this problem, resulting in the execution of arbitrary\ncode.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.00-3.3.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 3.00-11.\n\nWe recommend that you upgrade your xdpf package immediately.\";\ntag_summary = \"The remote host is missing an update to xpdf\nannounced via advisory DSA 619-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20619-1\";\n\nif(description)\n{\n script_id(53458);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:56:38 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 619-1 (xpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"xpdf-common\", ver:\"1.00-3.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf\", ver:\"1.00-3.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-reader\", ver:\"1.00-3.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-utils\", ver:\"1.00-3.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "description": "The remote host is missing an update to cupsys\nannounced via advisory DSA 621-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53459", "href": "http://plugins.openvas.org/nasl.php?oid=53459", "type": "openvas", "title": "Debian Security Advisory DSA 621-1 (cupsys)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_621_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 621-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An iDEFENSE security researcher discovered a buffer overflow in xpdf,\nthe Portable Document Format (PDF) suite. Similar code is present in\nthe PDF processing part of CUPS. A maliciously crafted PDF file could\nexploit this problem, leading to the execution of arbitrary code.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.1.14-5woody11.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.1.22-2.\n\nWe recommend that you upgrade your cupsys packages.\";\ntag_summary = \"The remote host is missing an update to cupsys\nannounced via advisory DSA 621-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20621-1\";\n\nif(description)\n{\n script_id(53459);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:56:38 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 621-1 (cupsys)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.1.14-5woody11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.1.14-5woody11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.1.14-5woody11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-pstoraster\", ver:\"1.1.14-5woody11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.1.14-5woody11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.1.14-5woody11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200501-13.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54799", "href": "http://plugins.openvas.org/nasl.php?oid=54799", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200501-13 (pdftohtml)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"pdftohtml includes vulnerable Xpdf code to handle PDF files, making it\nvulnerable to execution of arbitrary code upon converting a malicious PDF\nfile.\";\ntag_solution = \"All pdftohtml users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/pdftohtml-0.36-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200501-13\nhttp://bugs.gentoo.org/show_bug.cgi?id=75200\nhttp://www.gentoo.org/security/en/glsa/glsa-200410-20.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200501-13.\";\n\n \n\nif(description)\n{\n script_id(54799);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200501-13 (pdftohtml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/pdftohtml\", unaffected: make_list(\"ge 0.36-r2\"), vulnerable: make_list(\"lt 0.36-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200412-24.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54783", "href": "http://plugins.openvas.org/nasl.php?oid=54783", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200412-24 (Xpdf)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New integer overflows were discovered in Xpdf, potentially resulting in the\nexecution of arbitrary code. GPdf includes Xpdf code and therefore is\nvulnerable to the same issues.\";\ntag_solution = \"All Xpdf users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/xpdf-3.00-r7'\n\nAll GPdf users should also upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/gpdf-2.8.1-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200412-24\nhttp://bugs.gentoo.org/show_bug.cgi?id=75191\nhttp://bugs.gentoo.org/show_bug.cgi?id=75201\nhttp://www.idefense.com/application/poi/display?id=172&type=vulnerabilities&flashstatus=true\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200412-24.\";\n\n \n\nif(description)\n{\n script_id(54783);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200412-24 (Xpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/xpdf\", unaffected: make_list(\"ge 3.00-r7\"), vulnerable: make_list(\"le 3.00-r6\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/gpdf\", unaffected: make_list(\"ge 2.8.1-r1\"), vulnerable: make_list(\"le 2.8.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200501-17.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54803", "href": "http://plugins.openvas.org/nasl.php?oid=54803", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200501-17 (kpdf, koffice)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"KPdf and KOffice both include vulnerable Xpdf code to handle PDF files,\nmaking them vulnerable to the execution of arbitrary code if a user is\nenticed to view a malicious PDF file.\";\ntag_solution = \"All KPdf users should upgrade to the latest version of kdegraphics:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose kde-base/kdegraphics\n\nAll KOffice users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose app-office/koffice\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200501-17\nhttp://bugs.gentoo.org/show_bug.cgi?id=75203\nhttp://bugs.gentoo.org/show_bug.cgi?id=75204\nhttp://www.gentoo.org/security/en/glsa/glsa-200412-24.xml\nhttp://kde.org/info/security/advisory-20041223-1.txt\nhttp://koffice.kde.org/security/2004_xpdf_integer_overflow_2.php\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200501-17.\";\n\n \n\nif(description)\n{\n script_id(54803);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-1125\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200501-17 (kpdf, koffice)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-office/koffice\", unaffected: make_list(\"ge 1.3.5-r1\"), vulnerable: make_list(\"lt 1.3.5-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"kde-base/kdegraphics\", unaffected: make_list(\"ge 3.3.2-r1\", \"rge 3.2.3-r3\"), vulnerable: make_list(\"lt 3.3.2-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0064", "CVE-2004-1125", "CVE-2004-0888", "CVE-2004-0889"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200501-31.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54817", "href": "http://plugins.openvas.org/nasl.php?oid=54817", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200501-31 (teTeX)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"teTeX, pTeX and CSTeX make use of vulnerable Xpdf code which may allow the\nremote execution of arbitrary code. Furthermore, the xdvizilla script is\nvulnerable to temporary file handling issues.\";\ntag_solution = \"All teTeX users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/tetex-2.0.2-r5'\n\nAll CSTeX users should also upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/cstetex-2.0.2-r1'\n\nFinally, all pTeX users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/ptex-3.1.4-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200501-31\nhttp://bugs.gentoo.org/show_bug.cgi?id=75801\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200501-31.\";\n\n \n\nif(description)\n{\n script_id(54817);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-0888\", \"CVE-2004-0889\", \"CVE-2004-1125\", \"CVE-2005-0064\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200501-31 (teTeX)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/tetex\", unaffected: make_list(\"ge 2.0.2-r5\"), vulnerable: make_list(\"lt 2.0.2-r5\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/cstetex\", unaffected: make_list(\"ge 2.0.2-r1\"), vulnerable: make_list(\"lt 2.0.2-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-text/ptex\", unaffected: make_list(\"ge 3.1.4-r2\"), vulnerable: make_list(\"lt 3.1.4-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0064", "CVE-2004-1125", "CVE-2004-1267", "CVE-2004-1268"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-libs\n cups-devel\n cups-client\n cups\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020714 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65483", "href": "http://plugins.openvas.org/nasl.php?oid=65483", "type": "openvas", "title": "SLES9: Security update for Cups", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5020714.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Cups\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-libs\n cups-devel\n cups-client\n cups\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020714 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65483);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0064\", \"CVE-2004-1125\", \"CVE-2004-1268\", \"CVE-2004-1267\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Cups\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.20~108.22\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0064", "CVE-2004-1125", "CVE-2004-1267", "CVE-2004-1268"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-libs\n cups-devel\n cups-client\n cups\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020714 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065483", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065483", "type": "openvas", "title": "SLES9: Security update for Cups", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5020714.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Cups\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-libs\n cups-devel\n cups-client\n cups\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020714 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65483\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0064\", \"CVE-2004-1125\", \"CVE-2004-1268\", \"CVE-2004-1267\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Cups\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.20~108.22\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1269", "CVE-2004-1125", "CVE-2004-1270", "CVE-2004-1267", "CVE-2004-1268"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200412-25.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54784", "href": "http://plugins.openvas.org/nasl.php?oid=54784", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200412-25 (CUPS)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in CUPS, ranging from local Denial\nof Service attacks to the remote execution of arbitrary code.\";\ntag_solution = \"All CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-print/cups-1.1.23'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200412-25\nhttp://bugs.gentoo.org/show_bug.cgi?id=74479\nhttp://bugs.gentoo.org/show_bug.cgi?id=75197\nhttp://bugs.gentoo.org/show_bug.cgi?id=77023\nhttp://tigger.uic.edu/~jlongs2/holes/cups.txt\nhttp://tigger.uic.edu/~jlongs2/holes/cups2.txt\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200412-25.\";\n\n \n\nif(description)\n{\n script_id(54784);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-1125\", \"CVE-2004-1267\", \"CVE-2004-1268\", \"CVE-2004-1269\", \"CVE-2004-1270\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200412-25 (CUPS)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-print/cups\", unaffected: make_list(\"ge 1.1.23\"), vulnerable: make_list(\"lt 1.1.23\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-05-29T14:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nA buffer overflow flaw was found in the Gfx::doImage function of Xpdf. An\nattacker could construct a carefully crafted PDF file that could cause Xpdf\nto crash or possibly execute arbitrary code when opened. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-1125 to this issue.\n\nRed Hat believes that the Exec-Shield technology (enabled by default since\nUpdate 3) will block attempts to exploit this vulnerability on x86\narchitectures.\n\nAll users of the Xpdf packages should upgrade to these updated packages,\nwhich resolve these issues.", "modified": "2017-07-29T20:29:52", "published": "2005-01-12T05:00:00", "id": "RHSA-2005:018", "href": "https://access.redhat.com/errata/RHSA-2005:018", "type": "redhat", "title": "(RHSA-2005:018) xpdf security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:02", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125", "CVE-2005-0064"], "description": "The tetex packages (teTeX) contain an implementation of TeX for Linux or\nUNIX systems. \n\nA buffer overflow flaw was found in the Gfx::doImage function of Xpdf which\nalso affects teTeX due to a shared codebase. An attacker could construct a\ncarefully crafted PDF file that could cause teTeX to crash or possibly\nexecute arbitrary code when opened. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-1125 to\nthis issue.\n\nA buffer overflow flaw was found in the Decrypt::makeFileKey2 function of\nXpdf which also affects teTeX due to a shared codebase. An attacker could\nconstruct a carefully crafted PDF file that could cause teTeX to crash or\npossibly execute arbitrary code when opened. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to\nthis issue.\n\nUsers should update to these erratum packages which contain backported\npatches to correct these issues.", "modified": "2017-09-08T12:06:44", "published": "2005-03-16T05:00:00", "id": "RHSA-2005:026", "href": "https://access.redhat.com/errata/RHSA-2005:026", "type": "redhat", "title": "(RHSA-2005:026) tetex security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:49", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0888", "CVE-2004-1125", "CVE-2005-0064"], "description": "The kdegraphics packages contain applications for the K Desktop Environment\nincluding kpdf, a pdf file viewer. \n\nA buffer overflow flaw was found in the Gfx::doImage function of Xpdf that\nalso affects kpdf due to a shared codebase. An attacker could construct a\ncarefully crafted PDF file that could cause kpdf to crash or possibly\nexecute arbitrary code when opened. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-1125 to\nthis issue.\n\nA buffer overflow flaw was found in the Decrypt::makeFileKey2 function of\nXpdf which also affects kpdf due to a shared codebase. An attacker could\nconstruct a carefully crafted PDF file that could cause kpdf to crash or\npossibly execute arbitrary code when opened. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to\nthis issue.\n\nDuring a source code audit, Chris Evans and others discovered a number of\ninteger overflow bugs that affected all versions of Xpdf which also affects\nkpdf due to a shared codebase. An attacker could construct a carefully\ncrafted PDF file that could cause kpdf to crash or possibly execute\narbitrary code when opened. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CAN-2004-0888 to this issue.\n\nUsers should update to these erratum packages which contain backported\npatches to correct these issues.", "modified": "2017-09-08T12:06:37", "published": "2005-02-15T05:00:00", "id": "RHSA-2005:066", "href": "https://access.redhat.com/errata/RHSA-2005:066", "type": "redhat", "title": "(RHSA-2005:066) kdegraphics security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:51", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0888", "CVE-2004-1125", "CVE-2005-0064", "CVE-2005-0206"], "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nA buffer overflow flaw was found in the Gfx::doImage function of Xpdf. An\nattacker could construct a carefully crafted PDF file that could cause Xpdf\nto crash or possibly execute arbitrary code when opened. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-1125 to this issue.\n\nA buffer overflow flaw was found in the Decrypt::makeFileKey2 function of\nXpdf. An attacker could construct a carefully crafted PDF file that could\ncause Xpdf to crash or possibly execute arbitrary code when opened. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2005-0064 to this issue.\n\nDuring a source code audit, Chris Evans and others discovered a number of\ninteger overflow bugs that affected all versions of Xpdf. An attacker could\nconstruct a carefully crafted PDF file that could cause Xpdf to crash or\npossibly execute arbitrary code when opened. This issue was assigned the\nname CAN-2004-0888 by The Common Vulnerabilities and Exposures project\n(cve.mitre.org). Red Hat Enterprise Linux 4 contained a fix for this\nissue, but it was found to be incomplete and left 64-bit architectures\nvulnerable. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-0206 to this issue.\n\nAll users of Xpdf should upgrade to this updated package, which contains\nbackported patches to resolve these issues.", "modified": "2017-09-08T12:10:59", "published": "2005-02-15T05:00:00", "id": "RHSA-2005:034", "href": "https://access.redhat.com/errata/RHSA-2005:034", "type": "redhat", "title": "(RHSA-2005:034) xpdf security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:42", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0888", "CVE-2004-1125", "CVE-2005-0064", "CVE-2005-0206"], "description": "GPdf is a viewer for Portable Document Format (PDF) files for GNOME. \n\nA buffer overflow flaw was found in the Gfx::doImage function of Xpdf which\nalso affects GPdf due to a shared codebase. An attacker could construct a\ncarefully crafted PDF file that could cause GPdf to crash or possibly\nexecute arbitrary code when opened. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-1125 to\nthis issue.\n\nA buffer overflow flaw was found in the Decrypt::makeFileKey2 function of\nXpdf which also affects GPdf due to a shared codebase. An attacker could\nconstruct a carefully crafted PDF file that could cause GPdf to crash or\npossibly execute arbitrary code when opened. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to\nthis issue.\n\nDuring a source code audit, Chris Evans and others discovered a number of\ninteger overflow bugs that affected all versions of Xpdf, which also\naffects GPdf due to a shared codebase. An attacker could construct a\ncarefully crafted PDF file that could cause GPdf to crash or possibly\nexecute arbitrary code when opened. This issue was assigned the name\nCAN-2004-0888 by The Common Vulnerabilities and Exposures project\n(cve.mitre.org). Red Hat Enterprise Linux 4 contained a fix for this issue,\nbut it was found to be incomplete and left 64-bit architectures vulnerable.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2005-0206 to this issue.\n\nUsers should update to this erratum package which contains backported\npatches to correct these issues.", "modified": "2017-09-08T11:50:13", "published": "2005-02-15T05:00:00", "id": "RHSA-2005:057", "href": "https://access.redhat.com/errata/RHSA-2005:057", "type": "redhat", "title": "(RHSA-2005:057) gpdf security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:02", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0803", "CVE-2004-0804", "CVE-2004-0886", "CVE-2004-0888", "CVE-2004-1125"], "description": "TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes\na text file and a set of formatting commands as input and creates a\ntypesetter-independent .dvi (DeVice Independent) file as output.\n\nA number of security flaws have been found affecting libraries used\ninternally within teTeX. An attacker who has the ability to trick a user\ninto processing a malicious file with teTeX could cause teTeX to crash or\npossibly execute arbitrary code. \n\nA number of integer overflow bugs that affect Xpdf were discovered. The\nteTeX package contains a copy of the Xpdf code used for parsing PDF files\nand is therefore affected by these bugs. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the names CAN-2004-0888 and\nCAN-2004-1125 to these issues.\n\nA number of integer overflow bugs that affect libtiff were discovered. The\nteTeX package contains an internal copy of libtiff used for parsing TIFF\nimage files and is therefore affected by these bugs. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nnames CAN-2004-0803, CAN-2004-0804 and CAN-2004-0886 to these issues.\n\nAlso latex2html is added to package tetex-latex for 64bit platforms.\n\nUsers of teTeX should upgrade to these updated packages, which contain\nbackported patches and are not vulnerable to these issues.", "modified": "2019-03-22T23:43:25", "published": "2005-04-01T05:00:00", "id": "RHSA-2005:354", "href": "https://access.redhat.com/errata/RHSA-2005:354", "type": "redhat", "title": "(RHSA-2005:354) tetex security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:36", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125", "CVE-2004-1267", "CVE-2004-1268", "CVE-2004-1269", "CVE-2004-1270"], "description": "The Common UNIX Printing System provides a portable printing layer for\nUNIX(R) operating systems.\n\nA buffer overflow was found in the CUPS pdftops filter, which uses code\nfrom the Xpdf package. An attacker who has the ability to send a malicious\nPDF file to a printer could possibly execute arbitrary code as the \"lp\"\nuser. The Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2004-1125 to this issue.\n\nA buffer overflow was found in the ParseCommand function in the hpgltops\nprogram. An attacker who has the ability to send a malicious HPGL file to a\nprinter could possibly execute arbitrary code as the \"lp\" user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-1267 to this issue.\n\nRed Hat believes that the Exec-Shield technology (enabled by default since\nUpdate 3) will block attempts to exploit these buffer overflow\nvulnerabilities on x86 architectures.\n\nThe lppasswd utility ignores write errors when modifying the CUPS passwd\nfile. A local user who is able to fill the associated file system could\ncorrupt the CUPS password file or prevent future uses of lppasswd. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe names CAN-2004-1268 and CAN-2004-1269 to these issues.\n\nThe lppasswd utility does not verify that the passwd.new file is different\nfrom STDERR, which could allow local users to control output to passwd.new\nvia certain user input that triggers an error message. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-1270 to this issue.\n\nIn addition to these security issues, two other problems not relating\nto security have been fixed:\n\nResuming a job with \"lp -H resume\", which had previously been held with \"lp\n-H hold\" could cause the scheduler to stop. This has been fixed in later\nversions of CUPS, and has been backported in these updated packages.\n\nThe cancel-cups(1) man page is a symbolic link to another man page. The\ntarget of this link has been corrected.\n\nAll users of cups should upgrade to these updated packages, which resolve\nthese issues.", "modified": "2017-07-29T20:26:34", "published": "2005-01-12T05:00:00", "id": "RHSA-2005:013", "href": "https://access.redhat.com/errata/RHSA-2005:013", "type": "redhat", "title": "(RHSA-2005:013) cups security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:44", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0888", "CVE-2004-1125", "CVE-2004-1267", "CVE-2004-1268", "CVE-2004-1269", "CVE-2004-1270", "CVE-2005-0064", "CVE-2005-0206"], "description": "The Common UNIX Printing System provides a portable printing layer for\nUNIX(R) operating systems.\n\nDuring a source code audit, Chris Evans and others discovered a number of\ninteger overflow bugs that affected all versions of Xpdf, which also\naffects CUPS due to a shared codebase. An attacker could construct a\ncarefully crafted PDF file that could cause CUPS to crash or possibly\nexecute arbitrary code when opened. This issue was assigned the name\nCAN-2004-0888 by The Common Vulnerabilities and Exposures project\n(cve.mitre.org). Red Hat Enterprise Linux 4 contained a fix for this issue,\nbut it was found to be incomplete and left 64-bit architectures vulnerable.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2005-0206 to this issue.\n\nA buffer overflow flaw was found in the Gfx::doImage function of Xpdf which\nalso affects the CUPS pdftops filter due to a shared codebase. An attacker\nwho has the ability to send a malicious PDF file to a printer could\npossibly execute arbitrary code as the \"lp\" user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-1125 to this issue.\n\nA buffer overflow flaw was found in the ParseCommand function in the\nhpgltops program. An attacker who has the ability to send a malicious HPGL\nfile to a printer could possibly execute arbitrary code as the \"lp\" user.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2004-1267 to this issue.\n\nA buffer overflow flaw was found in the Decrypt::makeFileKey2 function of\nXpdf which also affects the CUPS pdftops filter due to a shared codebase.\nAn attacker who has the ability to send a malicious PDF file to a printer\ncould possibly execute arbitrary code as the \"lp\" user. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0064 to this issue.\n\nThe lppasswd utility was found to ignore write errors when modifying the\nCUPS passwd file. A local user who is able to fill the associated file\nsystem could corrupt the CUPS password file or prevent future uses of\nlppasswd. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the names CAN-2004-1268 and CAN-2004-1269 to these issues.\n\nThe lppasswd utility was found to not verify that the passwd.new file is\ndifferent from STDERR, which could allow local users to control output to\npasswd.new via certain user input that triggers an error message. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-1270 to this issue.\n\nAll users of cups should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "modified": "2017-09-08T12:08:27", "published": "2005-02-15T05:00:00", "id": "RHSA-2005:053", "href": "https://access.redhat.com/errata/RHSA-2005:053", "type": "redhat", "title": "(RHSA-2005:053) CUPS security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:14", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "### Background\n\nKPdf is a KDE-based PDF viewer included in the kdegraphics package. KOffice is an integrated office suite for KDE. \n\n### Description\n\nKPdf and KOffice both include Xpdf code to handle PDF files. Xpdf is vulnerable to multiple new integer overflows, as described in GLSA 200412-24. \n\n### Impact\n\nAn attacker could entice a user to open a specially-crafted PDF file, potentially resulting in the execution of arbitrary code with the rights of the user running the affected utility. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll KPdf users should upgrade to the latest version of kdegraphics: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose kde-base/kdegraphics\n\nAll KOffice users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose app-office/koffice", "edition": 1, "modified": "2005-01-12T00:00:00", "published": "2005-01-11T00:00:00", "id": "GLSA-200501-17", "href": "https://security.gentoo.org/glsa/200501-17", "type": "gentoo", "title": "KPdf, KOffice: More vulnerabilities in included Xpdf", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:58", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "### Background\n\nXpdf is an open source viewer for Portable Document Format (PDF) files. GPdf is a Gnome-based PDF viewer that includes some Xpdf code. \n\n### Description\n\nA new integer overflow issue was discovered in Xpdf's Gfx::doImage() function. \n\n### Impact\n\nAn attacker could entice an user to open a specially-crafted PDF file, potentially resulting in execution of arbitrary code with the rights of the user running Xpdf or GPdf. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Xpdf users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/xpdf-3.00-r7\"\n\nAll GPdf users should also upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/gpdf-2.8.1-r1\"", "edition": 1, "modified": "2004-12-28T00:00:00", "published": "2004-12-28T00:00:00", "id": "GLSA-200412-24", "href": "https://security.gentoo.org/glsa/200412-24", "type": "gentoo", "title": "Xpdf, GPdf: New integer overflows", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:29", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "edition": 1, "description": "### Background\n\npdftohtml is a utility to convert PDF files to HTML or XML formats. It makes use of Xpdf code to decode PDF files. \n\n### Description\n\nXpdf is vulnerable to integer overflows, as described in GLSA 200412-24. \n\n### Impact\n\nAn attacker could entice a user to convert a specially-crafted PDF file, potentially resulting in the execution of arbitrary code with the rights of the user running pdftohtml. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll pdftohtml users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/pdftohtml-0.36-r2\"", "modified": "2005-01-10T00:00:00", "published": "2005-01-10T00:00:00", "id": "GLSA-200501-13", "href": "https://security.gentoo.org/glsa/200501-13", "type": "gentoo", "title": "pdftohtml: Vulnerabilities in included Xpdf", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:21", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0064", "CVE-2004-1125", "CVE-2004-0888", "CVE-2004-0889"], "edition": 1, "description": "### Background\n\nteTeX is a complete and open source TeX distribution. CSTeX is another TeX distribution including Czech and Slovak support. pTeX is another alternative that allows Japanese publishing with TeX. xdvizilla is an auxiliary script used to integrate DVI file viewing in Mozilla-based browsers. \n\n### Description\n\nteTeX, pTeX and CSTeX all make use of Xpdf code and may therefore be vulnerable to the various overflows that were discovered in Xpdf code (CAN-2004-0888, CAN-2004-0889, CAN-2004-1125 and CAN-2005-0064). Furthermore, Javier Fernandez-Sanguino Pena discovered that the xdvizilla script does not handle temporary files correctly. \n\n### Impact\n\nAn attacker could design a malicious input file which, when processed using one of the TeX distributions, could lead to the execution of arbitrary code. Furthermore, a local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When xdvizilla is called, this would result in the file being overwritten with the rights of the user running the script. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll teTeX users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/tetex-2.0.2-r5\"\n\nAll CSTeX users should also upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/cstetex-2.0.2-r1\"\n\nFinally, all pTeX users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/ptex-3.1.4-r2\"", "modified": "2005-01-23T00:00:00", "published": "2005-01-23T00:00:00", "id": "GLSA-200501-31", "href": "https://security.gentoo.org/glsa/200501-31", "type": "gentoo", "title": "teTeX, pTeX, CSTeX: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:01", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1269", "CVE-2004-1125", "CVE-2004-1270", "CVE-2004-1267", "CVE-2004-1268"], "description": "### Background\n\nThe Common UNIX Printing System (CUPS) is a cross-platform print spooler, hpgltops is a CUPS filter handling printing of HPGL files and lppasswd is a program used locally to manage spooler passwords. \n\n### Description\n\nCUPS makes use of vulnerable Xpdf code to handle PDF files (CAN-2004-1125). Furthermore, Ariel Berkman discovered a buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program (CAN-2004-1267). Finally, Bartlomiej Sieka discovered several problems in the lppasswd program: it ignores some write errors (CAN-2004-1268), it can leave the passwd.new file in place (CAN-2004-1269) and it does not verify that passwd.new file is different from STDERR (CAN-2004-1270). \n\n### Impact\n\nThe Xpdf and hpgltops vulnerabilities may be exploited by a remote attacker to execute arbitrary code by sending specific print jobs to a CUPS spooler. The lppasswd vulnerabilities may be exploited by a local attacker to write data to the CUPS password file or deny further password modifications. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll CUPS users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-print/cups-1.1.23\"", "edition": 1, "modified": "2005-01-12T00:00:00", "published": "2004-12-28T00:00:00", "id": "GLSA-200412-25", "href": "https://security.gentoo.org/glsa/200412-25", "type": "gentoo", "title": "CUPS: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:07", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "\nAn iDEFENSE Security Advisory reports:\n\nRemote exploitation of a buffer overflow vulnerability in\n\t the xpdf PDF viewer, as included in multiple Linux\n\t distributions, could allow attackers to execute arbitrary\n\t code as the user viewing a PDF file. The offending code\n\t can be found in the Gfx::doImage() function in the source\n\t file xpdf/Gfx.cc.\n\n", "edition": 4, "modified": "2005-01-13T00:00:00", "published": "2004-11-23T00:00:00", "id": "E3E266E9-5473-11D9-A9E7-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/e3e266e9-5473-11d9-a9e7-0001020eed82.html", "title": "xpdf -- buffer overflow vulnerability", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:11", "bulletinFamily": "software", "cvelist": ["CVE-2004-1125"], "description": "Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability \r\n\r\niDEFENSE Security Advisory 12.21.04\r\nwww.idefense.com/application/poi/display?id=172&type=vulnerabilities\r\nDecember 21, 2004\r\n\r\nI. BACKGROUND\r\n\r\nXpdf is an open-source viewer for Portable Document Format (PDF) files.\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of a buffer overflow vulnerability in the xpdf PDF \r\nviewer, as included in multiple Linux distributions, could allow \r\nattackers to execute arbitrary code as the user viewing a PDF file. The \r\noffending code can be found in the Gfx::doImage() function in the source\r\n\r\nfile xpdf/Gfx.cc. \r\n\r\nvoid Gfx::doImage(Object *ref, Stream *str, GBool inlineImg) {\r\n Dict *dict;\r\n int width, height;\r\n int bits;\r\n GBool mask;\r\n GBool invert;\r\n GfxColorSpace *colorSpace;\r\n GfxImageColorMap *colorMap;\r\n Object maskObj;\r\n GBool haveMask;\r\n int maskColors[2*gfxColorMaxComps];\r\n Object obj1, obj2;\r\n int i;\r\n\r\n ...\r\n // get the mask\r\n haveMask = gFalse;\r\n dict->lookup("Mask", &maskObj);\r\n if (maskObj.isArray()) {\r\n for (i = 0; i < maskObj.arrayGetLength(); ++i) {\r\n maskObj.arrayGet(i, &obj1);\r\n[!] maskColors[i] = obj1.getInt();\r\n obj1.free();\r\n }\r\n haveMask = gTrue;\r\n }\r\n ...\r\n} \r\n\r\n\r\nDue to the fact that the loop boundaries are not less than the storage \r\narea, the maskColors array is eventually filled up. After that, local \r\nvariables and other stack memory is overwritten. This ultimately leads \r\nto control of program flow and arbitrary code execution.\r\n\r\nIII. ANALYSIS\r\n\r\nThe severity of this issue is mitigated by the fact that several of the \r\nlocal overwritten variables in doImage() are referenced prior to EIP \r\nbeing restored; therefore, before the attack gains control of the target\r\n\r\nprocess. However, an attacker with knowledge of the remote operating \r\nsystem can construct and validate a malicious payload before attempting \r\nexploitation, thus increasing the chances of success. An attacker must \r\nconvince a target user to open the malicious file to exploit this \r\nvulnerability.\r\n\r\nIV. DETECTION\r\n\r\niDEFENSE has confirmed the existence of this vulnerability in version \r\n3.00 of xpdf. It is suspected previous versions are also vulnerable. \r\n\r\nThe follwing vendors included vulnerable xpdf packages:\r\n\r\n Novell SUSE \r\n Red Hat, Inc. \r\n Fedora Project \r\n Debian Project \r\n Gentoo Foundation \r\n FreeBSD Project (ports) \r\n OpenBSD \r\n\r\nV. WORKAROUND\r\n\r\nOnly open PDF files from trusted individuals.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nA patch to address this vulnerability is available from:\r\n\r\n ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch\r\n\r\nUpdated binaries (version 3.00pl2) are available from:\r\n\r\n http://www.foolabs.com/xpdf/download.html\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nnames CAN-2004-1125 to these issues. This is a candidate for inclusion\r\nin the CVE list (http://cve.mitre.org), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n11/23/2004 Initial vendor notification\r\n11/29/2004 Initial vendor response\r\n12/21/2004 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThe discoverer of this vulnerability wishes to remain anonymous.\r\n\r\nGet paid for vulnerability research\r\nhttp://www.idefense.com/poi/teams/vcp.jsp\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright (c) 2004 iDEFENSE, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically, please\r\nemail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.", "edition": 1, "modified": "2004-12-22T00:00:00", "published": "2004-12-22T00:00:00", "id": "SECURITYVULNS:DOC:7401", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:7401", "title": "iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:11", "bulletinFamily": "software", "cvelist": ["CVE-2004-1125"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nKDE Security Advisory: kpdf Buffer Overflow Vulnerability\r\nOriginal Release Date: 2004-12-23\r\nURL: http://www.kde.org/info/security/advisory-20041223-1.txt\r\n\r\n0. References\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125\r\n http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities\r\n\r\n\r\n1. Systems affected:\r\n\r\n KDE 3.2 up to including KDE 3.2.3.\r\n KDE 3.3 up to including KDE 3.3.2.\r\n\r\n\r\n2. Overview:\r\n\r\n kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains\r\n a buffer overflow that can be triggered by a specially \r\n crafted PDF file.\r\n\r\n\r\n3. Impact:\r\n\r\n Remotely supplied pdf files can be used to execute arbitrary\r\n code on the client machine.\r\n\r\n\r\n4. Solution:\r\n\r\n Source code patches have been made available which fix these\r\n vulnerabilities. Contact your OS vendor / binary package provider\r\n for information about how to obtain updated binary packages.\r\n\r\n\r\n5. Patch:\r\n\r\n Patch for KDE 3.2.3 is available from \r\n ftp://ftp.kde.org/pub/kde/security_patches :\r\n\r\n 6f345c4b89f0bc27522f5d62bfd941cd post-3.2.3-kdegraphics-2.diff\r\n\r\n Patch for KDE 3.3.2 is available from \r\n ftp://ftp.kde.org/pub/kde/security_patches :\r\n\r\n 0ac92868d3b84284e54877e32cde521f post-3.3.2-kdegraphics.diff\r\n\r\n\r\n6. Time line and credits:\r\n\r\n 21/12/2004 KDE Security Team alerted by Matthias Geerdsen\r\n 22/12/2004 Patch from xpdf 3.00pl2 applied to KDE CVS and patches\r\n prepared.\r\n 23/12/2004 Public disclosure.\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.5 (GNU/Linux)\r\n\r\niD8DBQFBymz5vsXr+iuy1UoRAgtzAJ9XJZax9tSD29d2ax2kfZ7AOUVNVgCg1GmS\r\n1KHQE843oYavbPBPXVNPJFM=\r\n=BiPb\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-12-30T00:00:00", "published": "2004-12-30T00:00:00", "id": "SECURITYVULNS:DOC:7467", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:7467", "title": "KDE Security Advisory: kpdf Buffer Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:11", "bulletinFamily": "software", "cvelist": ["CVE-2005-0064", "CVE-2004-1125", "CVE-2004-0888", "CVE-2004-0889"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200501-31\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: teTeX, pTeX, CSTeX: Multiple vulnerabilities\r\n Date: January 23, 2005\r\n Bugs: #75801\r\n ID: 200501-31\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nteTeX, pTeX and CSTeX make use of vulnerable Xpdf code which may allow\r\nthe remote execution of arbitrary code. Furthermore, the xdvizilla\r\nscript is vulnerable to temporary file handling issues.\r\n\r\nBackground\r\n==========\r\n\r\nteTeX is a complete and open source TeX distribution. CSTeX is another\r\nTeX distribution including Czech and Slovak support. pTeX is another\r\nalternative that allows Japanese publishing with TeX. xdvizilla is an\r\nauxiliary script used to integrate DVI file viewing in Mozilla-based\r\nbrowsers.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 app-text/tetex < 2.0.2-r5 >= 2.0.2-r5\r\n 2 app-text/cstetex < 2.0.2-r1 >= 2.0.2-r1\r\n 3 app-text/ptex < 3.1.4-r2 >= 3.1.4-r2\r\n -------------------------------------------------------------------\r\n 3 affected packages on all of their supported architectures.\r\n -------------------------------------------------------------------\r\n\r\nDescription\r\n===========\r\n\r\nteTeX, pTeX and CSTeX all make use of Xpdf code and may therefore be\r\nvulnerable to the various overflows that were discovered in Xpdf code\r\n(CAN-2004-0888, CAN-2004-0889, CAN-2004-1125 and CAN-2005-0064).\r\nFurthermore, Javier Fernandez-Sanguino Pena discovered that the\r\nxdvizilla script does not handle temporary files correctly.\r\n\r\nImpact\r\n======\r\n\r\nAn attacker could design a malicious input file which, when processed\r\nusing one of the TeX distributions, could lead to the execution of\r\narbitrary code. Furthermore, a local attacker could create symbolic\r\nlinks in the temporary files directory, pointing to a valid file\r\nsomewhere on the filesystem. When xdvizilla is called, this would\r\nresult in the file being overwritten with the rights of the user\r\nrunning the script.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll teTeX users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-text/tetex-2.0.2-r5"\r\n\r\nAll CSTeX users should also upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-text/cstetex-2.0.2-r1"\r\n\r\nFinally, all pTeX users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-text/ptex-3.1.4-r2"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CAN-2004-0888\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888\r\n [ 2 ] CAN-2004-0889\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889\r\n [ 3 ] CAN-2004-1125\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125\r\n [ 4 ] CAN-2005-0064\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200501-31.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2005 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.0\r\n", "edition": 1, "modified": "2005-01-26T00:00:00", "published": "2005-01-26T00:00:00", "id": "SECURITYVULNS:DOC:7678", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:7678", "title": "[ GLSA 200501-31 ] teTeX, pTeX, CSTeX: Multiple vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T17:38:09", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "A potential buffer overflow has been found in the xpdf viewer. An \ninsufficient input validation could be exploited by an attacker \nproviding a specially crafted PDF file which, when processed by xpdf, \ncould result in abnormal program termination or the execution of \nattacker supplied program code with the user's privileges.\n\nThe tetex-bin package contains the affected xpdf code to generate PDF \noutput and process included PDF files, thus is vulnerable as well.", "edition": 5, "modified": "2004-12-23T00:00:00", "published": "2004-12-23T00:00:00", "id": "USN-48-1", "href": "https://ubuntu.com/security/notices/USN-48-1", "title": "xpdf, tetex-bin vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T19:41:18", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1269", "CVE-2004-1125", "CVE-2004-1270", "CVE-2004-1267", "CVE-2004-1268"], "description": "CAN-2004-1125:\n\nThe recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS \ncontains xpdf code to convert incoming PDF files to the PostScript \nformat, this vulnerability applies to cups as well.\n\nIn this case it could even lead to privilege escalation: if an \nattacker submitted a malicious PDF file for printing, he could be \nable to execute arbitrary commands with the privileges of the \nCUPS server.\n\nPlease note that the Ubuntu version of CUPS runs as a minimally \nprivileged user 'cupsys' by default, so there is no possibility of \nroot privilege escalation. The privileges of the 'cupsys' user are \nconfined to modifying printer configurations, altering print jobs, \nand controlling printers.\n\nCAN-2004-1267:\n\nAriel Berkman discovered a buffer overflow in the ParseCommand() \nfunction of the HPGL input driver. If an attacker printed a \nmalicious HPGL file, they could exploit this to execute arbitrary \ncommands with the privileges of the CUPS server.\n\nCAN-2004-1268, CAN-2004-1269, CAN-2004-1270:\n\nBartlomiej Sieka discovered three flaws in lppasswd. These allowed \nusers to corrupt the new password file by filling up the disk, \nsending certain signals, or closing the standard output and/or error \nstreams.", "edition": 5, "modified": "2004-12-23T00:00:00", "published": "2004-12-23T00:00:00", "id": "USN-50-1", "href": "https://ubuntu.com/security/notices/USN-50-1", "title": "CUPS vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:08", "bulletinFamily": "software", "cvelist": ["CVE-2004-1125"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.foolabs.com/xpdf/\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt)\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2005_01_sr.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200501-31.xml)\nSecurity Tracker: 1012646\n[Secunia Advisory ID:13628](https://secuniaresearch.flexerasoftware.com/advisories/13628/)\n[Secunia Advisory ID:13705](https://secuniaresearch.flexerasoftware.com/advisories/13705/)\n[Secunia Advisory ID:13692](https://secuniaresearch.flexerasoftware.com/advisories/13692/)\n[Secunia Advisory ID:13681](https://secuniaresearch.flexerasoftware.com/advisories/13681/)\n[Secunia Advisory ID:13686](https://secuniaresearch.flexerasoftware.com/advisories/13686/)\n[Secunia Advisory ID:13775](https://secuniaresearch.flexerasoftware.com/advisories/13775/)\n[Secunia Advisory ID:13974](https://secuniaresearch.flexerasoftware.com/advisories/13974/)\n[Secunia Advisory ID:14014](https://secuniaresearch.flexerasoftware.com/advisories/14014/)\n[Secunia Advisory ID:14791](https://secuniaresearch.flexerasoftware.com/advisories/14791/)\n[Secunia Advisory ID:13602](https://secuniaresearch.flexerasoftware.com/advisories/13602/)\n[Secunia Advisory ID:13668](https://secuniaresearch.flexerasoftware.com/advisories/13668/)\n[Secunia Advisory ID:13691](https://secuniaresearch.flexerasoftware.com/advisories/13691/)\n[Secunia Advisory ID:13689](https://secuniaresearch.flexerasoftware.com/advisories/13689/)\n[Secunia Advisory ID:13690](https://secuniaresearch.flexerasoftware.com/advisories/13690/)\n[Secunia Advisory ID:13707](https://secuniaresearch.flexerasoftware.com/advisories/13707/)\n[Secunia Advisory ID:13755](https://secuniaresearch.flexerasoftware.com/advisories/13755/)\n[Secunia Advisory ID:13778](https://secuniaresearch.flexerasoftware.com/advisories/13778/)\n[Secunia Advisory ID:14020](https://secuniaresearch.flexerasoftware.com/advisories/14020/)\n[Secunia Advisory ID:14623](https://secuniaresearch.flexerasoftware.com/advisories/14623/)\n[Secunia Advisory ID:14819](https://secuniaresearch.flexerasoftware.com/advisories/14819/)\n[Secunia Advisory ID:13636](https://secuniaresearch.flexerasoftware.com/advisories/13636/)\n[Secunia Advisory ID:13669](https://secuniaresearch.flexerasoftware.com/advisories/13669/)\n[Secunia Advisory ID:13646](https://secuniaresearch.flexerasoftware.com/advisories/13646/)\n[Secunia Advisory ID:13685](https://secuniaresearch.flexerasoftware.com/advisories/13685/)\n[Secunia Advisory ID:13799](https://secuniaresearch.flexerasoftware.com/advisories/13799/)\n[Secunia Advisory ID:13840](https://secuniaresearch.flexerasoftware.com/advisories/13840/)\n[Secunia Advisory ID:13839](https://secuniaresearch.flexerasoftware.com/advisories/13839/)\n[Secunia Advisory ID:17277](https://secuniaresearch.flexerasoftware.com/advisories/17277/)\nRedHat RHSA: RHSA-2005:026\nRedHat RHSA: RHSA-2005:018\nRedHat RHSA: RHSA-2005:013\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200412-24.xml\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:163\nOther Advisory URL: http://www.debian.org/security/2004/dsa-619\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200501-31.xml\nOther Advisory URL: http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:162\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:166\nOther Advisory URL: http://www.kde.org/info/security/advisory-20041223-1.txt\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:165\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:161\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:164\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200501-13.xml\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200501-17.xml\nOther Advisory URL: http://distro.conectiva.com.br/a...ndex.php?id=a&anuncio=000921\nOther Advisory URL: http://www.debian.org/security/2004/dsa-621\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-354.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0291.html\nISS X-Force ID: 18641\n[CVE-2004-1125](https://vulners.com/cve/CVE-2004-1125)\n", "modified": "2004-12-21T06:01:48", "published": "2004-12-21T06:01:48", "href": "https://vulners.com/osvdb/OSVDB:12554", "id": "OSVDB:12554", "type": "osvdb", "title": "Multiple Vendor pdf Gfx::doImage() Function Overflow", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:27:01", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 621-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nDecember 31st, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : cupsys\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-1125\nDebian Bug : 286988\n\nAn iDEFENSE security researcher discovered a buffer overflow in xpdf,\nthe Portable Document Format (PDF) suite. Similar code is present in\nthe PDF processing part of CUPS. A maliciously crafted PDF file could\nexploit this problem, leading to the execution of arbitrary code.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.1.14-5woody11.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.1.22-2.\n\nWe recommend that you upgrade your cupsys packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11.dsc\n Size/MD5 checksum: 712 36c1ad1b8e3ca13ce224dcd02af6c457\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11.diff.gz\n Size/MD5 checksum: 40453 572e74a87693b9a0d5d25fdca857421d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz\n Size/MD5 checksum: 6150756 0dfa41f29fa73e7744903b2471d2ca2f\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_alpha.deb\n Size/MD5 checksum: 1900962 ae4ead9371d72d9675220ea8bf6dde5a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_alpha.deb\n Size/MD5 checksum: 74470 52a5765021edc2245abba1678eadc16e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_alpha.deb\n Size/MD5 checksum: 93108 d5ad1daa7e342d72f1b85a3bf447644e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_alpha.deb\n Size/MD5 checksum: 2445962 84df479d2c34973b8845ddde551b0832\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_alpha.deb\n Size/MD5 checksum: 138132 e75229e07334405e39c2122d5f182b8a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_alpha.deb\n Size/MD5 checksum: 181074 8c6c0197183ea9f967b227ff0359525b\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_arm.deb\n Size/MD5 checksum: 1821818 b02266b5eb1ebd724b437a3454608ae5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_arm.deb\n Size/MD5 checksum: 68616 e0445a53ef0f4a63ac10f7ac8dbc377e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_arm.deb\n Size/MD5 checksum: 85808 e8783ccafa104df8bb946db2b3e77ee9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_arm.deb\n Size/MD5 checksum: 2345990 b2805712c86db428364e94750371aa8d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_arm.deb\n Size/MD5 checksum: 113116 5159b84df81bd3ab80cfb0480fcf062a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_arm.deb\n Size/MD5 checksum: 150536 62d37d7a77f955b3762e20c13968b2b1\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_i386.deb\n Size/MD5 checksum: 1788680 a8d28505c2be6704046e9739da722739\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_i386.deb\n Size/MD5 checksum: 68110 3fb9f6a80c1b148eabf9d69b3c12c0ae\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_i386.deb\n Size/MD5 checksum: 84258 01a2aa1faa22d6e05e39bcbcad894504\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_i386.deb\n Size/MD5 checksum: 2312088 2a43eb9485486f805e10ec85c6f1e6c3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_i386.deb\n Size/MD5 checksum: 111130 1e40af8a219ef8214dd6111c113cbf3b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_i386.deb\n Size/MD5 checksum: 136682 b4d67c3bc46dc0ea24e9a807dacba453\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_ia64.deb\n Size/MD5 checksum: 2008310 e838b18cea6bed90a98ce0ebfa8fa35b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_ia64.deb\n Size/MD5 checksum: 77526 cd0d9607e08b755daaa06a3da3461347\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_ia64.deb\n Size/MD5 checksum: 97272 38611af12903fe50808a33a3363011e3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_ia64.deb\n Size/MD5 checksum: 2656902 d84965ad127a5f7ae28673f121fae619\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_ia64.deb\n Size/MD5 checksum: 156132 ce94309b7ca0334818ec42214c3c04b9\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_ia64.deb\n Size/MD5 checksum: 183084 debdcc7c71fc0eb6ccb82b18900ed59e\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_hppa.deb\n Size/MD5 checksum: 1881934 b14ee79ee0e976f23b952a97962e8eb6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_hppa.deb\n Size/MD5 checksum: 70930 9a35a2560a8aad7204da2ff833cc3665\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_hppa.deb\n Size/MD5 checksum: 89946 30ef6b0f257f517ac219662757e2cb09\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_hppa.deb\n Size/MD5 checksum: 2456176 ee3fa95cfdb4758c3f285469b966440e\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_hppa.deb\n Size/MD5 checksum: 126592 3f2d5ad0711e413120a89b24eac34e35\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_hppa.deb\n Size/MD5 checksum: 159698 45b22c917e37b466620fb20fb86d8a67\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_m68k.deb\n Size/MD5 checksum: 1755486 847efaf709316b9fb874ce461bb33ef6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_m68k.deb\n Size/MD5 checksum: 66400 bdf23f96b7ebe08bcdafb4e9494b2381\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_m68k.deb\n Size/MD5 checksum: 81514 64828d4117e13f33b2b90308e9b35f70\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_m68k.deb\n Size/MD5 checksum: 2261524 72fd5e8872799f8ce2ab43b7cdba52f2\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_m68k.deb\n Size/MD5 checksum: 106366 3f7ee4d1c83f37e377ca40531e2c831d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_m68k.deb\n Size/MD5 checksum: 128904 0d181897375f946b5240161b41f8a48a\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_mips.deb\n Size/MD5 checksum: 1811826 d0e65ccf6d8a3efd77a81330b8866b44\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_mips.deb\n Size/MD5 checksum: 68032 6f54b25808c848ca195264fd98e85468\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_mips.deb\n Size/MD5 checksum: 81478 faf15b34c52bd0e075d3896dd0f69847\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_mips.deb\n Size/MD5 checksum: 2404736 8fe6cefc37909c70cd88719e85560785\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_mips.deb\n Size/MD5 checksum: 112904 bf3e765abe7579cd8846e9ffdd848417\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_mips.deb\n Size/MD5 checksum: 151346 047db6220803e0dc3fe36cf350bb35c0\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_mipsel.deb\n Size/MD5 checksum: 1812632 69d3c2a738df99e38e942d140b4fc6ad\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_mipsel.deb\n Size/MD5 checksum: 68050 a1e6ddeea90b72ee3387d67ad3b8b8f7\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_mipsel.deb\n Size/MD5 checksum: 81528 bb4fbc2fa16ae8f796736b6e4d096b85\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_mipsel.deb\n Size/MD5 checksum: 2407112 f27b427492621222222a65f77b3272bb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_mipsel.deb\n Size/MD5 checksum: 112666 361ce853b1859705944bba0eab0865a7\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_mipsel.deb\n Size/MD5 checksum: 151184 df1d7a81b8b50098f9451f4711f2fba4\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_powerpc.deb\n Size/MD5 checksum: 1800736 f79c661e338e91371342e53ba9533e39\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_powerpc.deb\n Size/MD5 checksum: 68026 7d0a82a69f1f255eb7aa4f75732988bd\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_powerpc.deb\n Size/MD5 checksum: 83598 04db1554c7dc2206fd33d14053661a38\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_powerpc.deb\n Size/MD5 checksum: 2359936 a22788b22d08f24da6c97b76d7d98920\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_powerpc.deb\n Size/MD5 checksum: 116920 adc546d061b3bbe89444d6689d3dadb7\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_powerpc.deb\n Size/MD5 checksum: 145346 fd6559661e0ec8b0d0827b08a045d41b\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_s390.deb\n Size/MD5 checksum: 1795862 9e343601e2e359ffb9f211db51ed609b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_s390.deb\n Size/MD5 checksum: 69418 2b266df1c4dd112dcb9f0e49328055ba\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_s390.deb\n Size/MD5 checksum: 86140 e2e7619001d31c05f0ca8cbb26e9af21\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_s390.deb\n Size/MD5 checksum: 2337772 2b74d08dca533f0cb555e5971c0054c8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_s390.deb\n Size/MD5 checksum: 115452 d13efb115003026ebab3620c5658e335\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_s390.deb\n Size/MD5 checksum: 140984 9eb13829bd76271aa7f86b75d2aa6bb1\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody11_sparc.deb\n Size/MD5 checksum: 1845566 176e1915ef80f8cac0b5a781a4a08bb7\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody11_sparc.deb\n Size/MD5 checksum: 70996 f4c3713b00256c4ca795f82718d76f06\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody11_sparc.deb\n Size/MD5 checksum: 84428 4aa288e4ac4d110941b38a24453bff53\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody11_sparc.deb\n Size/MD5 checksum: 2354830 e34c5709176d68e85c705d9dfe1878b7\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody11_sparc.deb\n Size/MD5 checksum: 120600 cf84669e82d385f479c6f7f7fcb53eb5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody11_sparc.deb\n Size/MD5 checksum: 146894 4f9d1a379ea842cb88510a19486d569b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2004-12-31T00:00:00", "published": "2004-12-31T00:00:00", "id": "DEBIAN:DSA-621-1:90EDD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00230.html", "title": "[SECURITY] [DSA 621-1] New CUPS packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:27:27", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1125"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 619-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nDecember 30th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xpdf\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-1125\nDebian Bug : 286742 286983\n\nAn iDEFENSE security researcher discovered a buffer overflow in xpdf,\nthe portable document format (PDF) suite. A maliciously crafted PDF\nfile could exploit this problem, resulting in the execution of arbitrary\ncode.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.00-3.3.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 3.00-11.\n\nWe recommend that you upgrade your xdpf package immediately.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00-3.3.dsc\n Size/MD5 checksum: 706 23700a27ce16f5eb689c506202d2765b\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00-3.3.diff.gz\n Size/MD5 checksum: 10380 e2848faffb3f2e31dd5537455e7080da\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00.orig.tar.gz\n Size/MD5 checksum: 397750 81f3c381cef729e4b6f4ce21cf5bbf3c\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_1.00-3.3_all.deb\n Size/MD5 checksum: 38564 3569649f520138653c83d1c4f1d3fdb0\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_1.00-3.3_all.deb\n Size/MD5 checksum: 1296 7ec48e5bb253faf7213c77f9e94281a4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_alpha.deb\n Size/MD5 checksum: 570750 4fd37ec019d8a5f2b862e657d90f502d\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_alpha.deb\n Size/MD5 checksum: 1045440 55b96bad26e97470e55301131e0d4283\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_arm.deb\n Size/MD5 checksum: 487142 658bb5215595409c9c9ff4a6fa30da69\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_arm.deb\n Size/MD5 checksum: 886356 5d594800ed30fcc9615c903b623d221a\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_i386.deb\n Size/MD5 checksum: 449334 a1e4f95151abc321e9edce25f1f6d1e3\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_i386.deb\n Size/MD5 checksum: 827848 a073ca6d6525d6859e74a845c0c5e962\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_ia64.deb\n Size/MD5 checksum: 682282 05312ad7277b07e8a26b54e481d53e4a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_ia64.deb\n Size/MD5 checksum: 1228062 57b770f8890a2669413b2e33ed7452da\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_hppa.deb\n Size/MD5 checksum: 563810 ea6257a1a8f31847102753686cebae35\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_hppa.deb\n Size/MD5 checksum: 1032614 eb968fd52646d9479eaf4c34de1b6c74\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_m68k.deb\n Size/MD5 checksum: 427442 dfcde4d3216e845b68fe5abe59921d0a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_m68k.deb\n Size/MD5 checksum: 794446 51638d6101cb515a36d3f63e33a696d9\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_mips.deb\n Size/MD5 checksum: 555190 81dc69c860ae38220a35a21d39240fdd\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_mips.deb\n Size/MD5 checksum: 1016470 05be0bc2aa13bd8566075340e0db2aa1\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_mipsel.deb\n Size/MD5 checksum: 546214 f24fb28580495f080e9fdccc0378ee2c\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_mipsel.deb\n Size/MD5 checksum: 998576 5c94bf2ef4fdf7d3156d1d8e9fcfb5c6\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_powerpc.deb\n Size/MD5 checksum: 470170 fd90900d3dedd0e42019e6476cb93674\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_powerpc.deb\n Size/MD5 checksum: 859656 0972961f54cb80f388b7dca2b6dac610\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_s390.deb\n Size/MD5 checksum: 429946 d43c003a4e4ce16f23accbb62749eb59\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_s390.deb\n Size/MD5 checksum: 785632 e162795ddcc181a782d94931f104a096\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_1.00-3.3_sparc.deb\n Size/MD5 checksum: 443708 98e0ec7909718388fb43f92a13ab6d1a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_1.00-3.3_sparc.deb\n Size/MD5 checksum: 809718 46099f510035036de7473fa7f905d3b4\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2004-12-30T00:00:00", "published": "2004-12-30T00:00:00", "id": "DEBIAN:DSA-619-1:47B26", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00228.html", "title": "[SECURITY] [DSA 619-1] New xpdf packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T11:51:24", "description": "iDefense reported a buffer overflow vulnerability, which affects\nversions of xpdf <= xpdf-3.0. An attacker could construct a malicious\npayload file which could enable arbitrary code execution on the target\nsystem.\n\nThe updated packages are patched to protect against these\nvulnerabilities.", "edition": 24, "published": "2005-01-02T00:00:00", "title": "Mandrake Linux Security Advisory : xpdf (MDKSA-2004:161)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-01-02T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:xpdf"], "id": "MANDRAKE_MDKSA-2004-161.NASL", "href": "https://www.tenable.com/plugins/nessus/16078", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:161. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16078);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"MDKSA\", value:\"2004:161\");\n\n script_name(english:\"Mandrake Linux Security Advisory : xpdf (MDKSA-2004:161)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"iDefense reported a buffer overflow vulnerability, which affects\nversions of xpdf <= xpdf-3.0. An attacker could construct a malicious\npayload file which could enable arbitrary code execution on the target\nsystem.\n\nThe updated packages are patched to protect against these\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"xpdf-3.00-5.3.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"xpdf-3.00-7.2.101mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:24", "description": "iDefense reported a buffer overflow vulnerability, which affects\nversions of xpdf <= xpdf-3.0 and several programs, like cups, which\nuse embedded xpdf code. An attacker could construct a malicious\npayload file which could enable arbitrary code execution on the target\nsystem.\n\nThe updated packages are patched to protect against these\nvulnerabilities.", "edition": 24, "published": "2005-01-02T00:00:00", "title": "Mandrake Linux Security Advisory : cups (MDKSA-2004:164)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-01-02T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64cups2", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:cups-serial", "cpe:/o:mandrakesoft:mandrake_linux:9.2", "p-cpe:/a:mandriva:linux:libcups2", "p-cpe:/a:mandriva:linux:lib64cups2-devel", "p-cpe:/a:mandriva:linux:cups", "p-cpe:/a:mandriva:linux:libcups2-devel", "p-cpe:/a:mandriva:linux:cups-common"], "id": "MANDRAKE_MDKSA-2004-164.NASL", "href": "https://www.tenable.com/plugins/nessus/16081", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:164. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16081);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"MDKSA\", value:\"2004:164\");\n\n script_name(english:\"Mandrake Linux Security Advisory : cups (MDKSA-2004:164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"iDefense reported a buffer overflow vulnerability, which affects\nversions of xpdf <= xpdf-3.0 and several programs, like cups, which\nuse embedded xpdf code. An attacker could construct a malicious\npayload file which could enable arbitrary code execution on the target\nsystem.\n\nThe updated packages are patched to protect against these\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-serial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"cups-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"cups-common-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"cups-serial-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64cups2-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64cups2-devel-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libcups2-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libcups2-devel-1.1.20-5.4.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"cups-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"cups-common-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"cups-serial-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64cups2-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libcups2-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libcups2-devel-1.1.21-0.rc1.7.2.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"cups-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"cups-common-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"cups-serial-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64cups2-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64cups2-devel-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libcups2-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libcups2-devel-1.1.19-10.4.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T10:03:10", "description": "An iDEFENSE security researcher discovered a buffer overflow in xpdf,\nthe portable document format (PDF) suite. A maliciously crafted PDF\nfile could exploit this problem, resulting in the execution of\narbitrary code.", "edition": 25, "published": "2005-01-02T00:00:00", "title": "Debian DSA-619-1 : xpdf - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-01-02T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:xpdf"], "id": "DEBIAN_DSA-619.NASL", "href": "https://www.tenable.com/plugins/nessus/16072", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-619. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16072);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"DSA\", value:\"619\");\n\n script_name(english:\"Debian DSA-619-1 : xpdf - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An iDEFENSE security researcher discovered a buffer overflow in xpdf,\nthe portable document format (PDF) suite. A maliciously crafted PDF\nfile could exploit this problem, resulting in the execution of\narbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-619\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xpdf package immediately.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.00-3.3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/02\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"xpdf\", reference:\"1.00-3.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xpdf-common\", reference:\"1.00-3.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xpdf-reader\", reference:\"1.00-3.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xpdf-utils\", reference:\"1.00-3.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:44", "description": "This package fixes a buffer overflow which may possibly allow\nattackers to execute arbitrary code as the 'lp' user. The Common\nVulnerabilities and Exposures projects (cve.mitre.org) has assigned\nthe name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2004-12-27T00:00:00", "title": "Fedora Core 2 : cups-1.1.20-11.8 (2004-574)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2004-12-27T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:cups-debuginfo", "p-cpe:/a:fedoraproject:fedora:cups", "p-cpe:/a:fedoraproject:fedora:cups-libs", "p-cpe:/a:fedoraproject:fedora:cups-devel"], "id": "FEDORA_2004-574.NASL", "href": "https://www.tenable.com/plugins/nessus/16055", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-574.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16055);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"FEDORA\", value:\"2004-574\");\n\n script_name(english:\"Fedora Core 2 : cups-1.1.20-11.8 (2004-574)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This package fixes a buffer overflow which may possibly allow\nattackers to execute arbitrary code as the 'lp' user. The Common\nVulnerabilities and Exposures projects (cve.mitre.org) has assigned\nthe name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-December/000536.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?705ea179\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"cups-1.1.20-11.8\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"cups-debuginfo-1.1.20-11.8\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"cups-devel-1.1.20-11.8\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"cups-libs-1.1.20-11.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:44", "description": "This package fixes a buffer overflow which allows attackers to cause\nthe xpdf application to crash, and possibly to execute arbitrary code.\nThe Common Vulnerabilities and Exposures projects (cve.mitre.org) has\nassigned the name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-12-27T00:00:00", "title": "Fedora Core 3 : xpdf-3.00-10.1 (2004-573)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2004-12-27T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:3", "p-cpe:/a:fedoraproject:fedora:xpdf", "p-cpe:/a:fedoraproject:fedora:xpdf-debuginfo"], "id": "FEDORA_2004-573.NASL", "href": "https://www.tenable.com/plugins/nessus/16051", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-573.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16051);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"FEDORA\", value:\"2004-573\");\n\n script_name(english:\"Fedora Core 3 : xpdf-3.00-10.1 (2004-573)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This package fixes a buffer overflow which allows attackers to cause\nthe xpdf application to crash, and possibly to execute arbitrary code.\nThe Common Vulnerabilities and Exposures projects (cve.mitre.org) has\nassigned the name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-December/000535.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e0783a7e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xpdf and / or xpdf-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xpdf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"xpdf-3.00-10.1\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xpdf-debuginfo-3.00-10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-debuginfo\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:44", "description": "The remote Fedora Core host is missing one or more security updates :\n\ntetex-2.0.2-14FC2.1 :\n\nThe updated tetex package fixes a buffer overflow which allows\nattackers to cause the internal xpdf library used by applications in\ntetex to crash, and possibly to execute arbitrary code. The Common\nVulnerabilities and Exposures projects (cve.mitre.org) has assigned\nthe name CVE-2004-1125 to this issue.\n\ntetex-2.0.2-14FC2.1 - with correct md5sums :\n\nThe updated tetex package fixes a buffer overflow which allows\nattackers to cause the internal xpdf library used by applications in\ntetex to crash, and possibly to execute arbitrary code. The Common\nVulnerabilities and Exposures projects (cve.mitre.org) has assigned\nthe name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2005-01-04T00:00:00", "title": "Fedora Core 2 : tetex-2.0.2-14FC2.1 / tetex-2.0.2-14FC2.1 (2004-584)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-01-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:tetex-doc", "p-cpe:/a:fedoraproject:fedora:tetex-dvips", "p-cpe:/a:fedoraproject:fedora:tetex-fonts", "p-cpe:/a:fedoraproject:fedora:tetex-debuginfo", "p-cpe:/a:fedoraproject:fedora:tetex-afm", "p-cpe:/a:fedoraproject:fedora:tetex-xdvi", "p-cpe:/a:fedoraproject:fedora:tetex", "p-cpe:/a:fedoraproject:fedora:tetex-latex"], "id": "FEDORA_2004-584.NASL", "href": "https://www.tenable.com/plugins/nessus/16098", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-584.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16098);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"FEDORA\", value:\"2004-584\");\n\n script_name(english:\"Fedora Core 2 : tetex-2.0.2-14FC2.1 / tetex-2.0.2-14FC2.1 (2004-584)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Fedora Core host is missing one or more security updates :\n\ntetex-2.0.2-14FC2.1 :\n\nThe updated tetex package fixes a buffer overflow which allows\nattackers to cause the internal xpdf library used by applications in\ntetex to crash, and possibly to execute arbitrary code. The Common\nVulnerabilities and Exposures projects (cve.mitre.org) has assigned\nthe name CVE-2004-1125 to this issue.\n\ntetex-2.0.2-14FC2.1 - with correct md5sums :\n\nThe updated tetex package fixes a buffer overflow which allows\nattackers to cause the internal xpdf library used by applications in\ntetex to crash, and possibly to execute arbitrary code. The Common\nVulnerabilities and Exposures projects (cve.mitre.org) has assigned\nthe name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-January/000540.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?658f0f52\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-January/000550.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3528743b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"tetex-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-afm-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-debuginfo-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-doc-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-dvips-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-fonts-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-latex-2.0.2-14FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"tetex-xdvi-2.0.2-14FC2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tetex / tetex-afm / tetex-debuginfo / tetex-doc / tetex-dvips / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:24", "description": "iDefense reported a buffer overflow vulnerability, which affects\nversions of xpdf <= xpdf-3.0 and several programs, like kdegraphics,\nwhich use embedded xpdf code. An attacker could construct a malicious\npayload file which could enable arbitrary code execution on the target\nsystem.\n\nThe updated packages are patched to protect against these\nvulnerabilities.", "edition": 24, "published": "2005-01-02T00:00:00", "title": "Mandrake Linux Security Advisory : kdegraphics (MDKSA-2004:163)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-01-02T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libkdegraphics0-mrmlsearch", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-common", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpaint", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka", "p-cpe:/a:mandriva:linux:kdegraphics-kuickshow", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpdf", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-mrmlsearch", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview", "p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kiconedit", "p-cpe:/a:mandriva:linux:kdegraphics-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:kdegraphics-kooka", "p-cpe:/a:mandriva:linux:kdegraphics", "p-cpe:/a:mandriva:linux:kdegraphics-ksvg", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-kruler", "p-cpe:/a:mandriva:linux:libkdegraphics0-kuickshow", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kuickshow", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot", "p-cpe:/a:mandriva:linux:kdegraphics-kfax", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kdvi", "p-cpe:/a:mandriva:linux:kdegraphics-kview"], "id": "MANDRAKE_MDKSA-2004-163.NASL", "href": "https://www.tenable.com/plugins/nessus/16080", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:163. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16080);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"MDKSA\", value:\"2004:163\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kdegraphics (MDKSA-2004:163)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"iDefense reported a buffer overflow vulnerability, which affects\nversions of xpdf <= xpdf-3.0 and several programs, like kdegraphics,\nwhich use embedded xpdf code. An attacker could construct a malicious\npayload file which could enable arbitrary code execution on the target\nsystem.\n\nThe updated packages are patched to protect against these\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kiconedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpaint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kruler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-common-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kdvi-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kfax-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kghostview-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kiconedit-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kooka-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kpaint-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kpdf-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kpovmodeler-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kruler-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-ksnapshot-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-ksvg-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kuickshow-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-kview-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdegraphics-mrmlsearch-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-common-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-common-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kooka-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kooka-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kpovmodeler-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kpovmodeler-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-ksvg-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-ksvg-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kuickshow-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kview-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-kview-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdegraphics0-mrmlsearch-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kuickshow-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-devel-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdegraphics0-mrmlsearch-3.2-15.4.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-common-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kdvi-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kfax-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kghostview-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kiconedit-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kooka-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kpaint-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kpdf-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kpovmodeler-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kruler-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-ksnapshot-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-ksvg-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kuickshow-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-kview-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdegraphics-mrmlsearch-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kuickshow-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-mrmlsearch-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-common-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-common-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kuickshow-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kview-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-kview-devel-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdegraphics0-mrmlsearch-3.2.3-17.3.101mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:44", "description": "This package fixes a buffer overflow which allows attackers to cause\nthe xpdf application to crash, and possibly to execute arbitrary code.\nThe Common Vulnerabilities and Exposures projects (cve.mitre.org) has\nassigned the name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2004-12-27T00:00:00", "title": "Fedora Core 2 : xpdf-3.00-3.6 (2004-572)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2004-12-27T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:xpdf", "p-cpe:/a:fedoraproject:fedora:xpdf-debuginfo"], "id": "FEDORA_2004-572.NASL", "href": "https://www.tenable.com/plugins/nessus/16050", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-572.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16050);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"FEDORA\", value:\"2004-572\");\n\n script_name(english:\"Fedora Core 2 : xpdf-3.00-3.6 (2004-572)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This package fixes a buffer overflow which allows attackers to cause\nthe xpdf application to crash, and possibly to execute arbitrary code.\nThe Common Vulnerabilities and Exposures projects (cve.mitre.org) has\nassigned the name CVE-2004-1125 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-December/000534.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ac76ca42\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xpdf and / or xpdf-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xpdf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"xpdf-3.00-3.6\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xpdf-debuginfo-3.00-3.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-debuginfo\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:50:57", "description": "An iDEFENSE Security Advisory reports :\n\nRemote exploitation of a buffer overflow vulnerability in the xpdf PDF\nviewer, as included in multiple Linux distributions, could allow\nattackers to execute arbitrary code as the user viewing a PDF file.\nThe offending code can be found in the Gfx::doImage() function in the\nsource file xpdf/Gfx.cc.", "edition": 24, "published": "2005-07-13T00:00:00", "title": "FreeBSD : xpdf -- buffer overflow vulnerability (e3e266e9-5473-11d9-a9e7-0001020eed82)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-07-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:teTeX-base", "p-cpe:/a:freebsd:freebsd:cups-base", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gpdf", "p-cpe:/a:freebsd:freebsd:pdftohtml", "p-cpe:/a:freebsd:freebsd:koffice", "p-cpe:/a:freebsd:freebsd:xpdf", "p-cpe:/a:freebsd:freebsd:kdegraphics"], "id": "FREEBSD_PKG_E3E266E9547311D9A9E70001020EED82.NASL", "href": "https://www.tenable.com/plugins/nessus/19147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19147);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-1125\");\n\n script_name(english:\"FreeBSD : xpdf -- buffer overflow vulnerability (e3e266e9-5473-11d9-a9e7-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An iDEFENSE Security Advisory reports :\n\nRemote exploitation of a buffer overflow vulnerability in the xpdf PDF\nviewer, as included in multiple Linux distributions, could allow\nattackers to execute arbitrary code as the user viewing a PDF file.\nThe offending code can be found in the Gfx::doImage() function in the\nsource file xpdf/Gfx.cc.\"\n );\n # http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?89673295\"\n );\n # https://vuxml.freebsd.org/freebsd/e3e266e9-5473-11d9-a9e7-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e27596b3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:cups-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:koffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:pdftohtml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:teTeX-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"xpdf<3.00_5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"kdegraphics<3.3.2_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gpdf<=2.8.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"teTeX-base<=2.0.2_6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"cups-base<=1.1.22.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"koffice<=1.3.5,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"pdftohtml<0.36_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:51:54", "description": "The remote host is affected by the vulnerability described in GLSA-200501-13\n(pdftohtml: Vulnerabilities in included Xpdf)\n\n Xpdf is vulnerable to integer overflows, as described in GLSA\n 200412-24.\n \nImpact :\n\n An attacker could entice a user to convert a specially crafted PDF\n file, potentially resulting in the execution of arbitrary code with the\n rights of the user running pdftohtml.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 27, "published": "2005-02-14T00:00:00", "title": "GLSA-200501-13 : pdftohtml: Vulnerabilities in included Xpdf", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1125"], "modified": "2005-02-14T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:pdftohtml", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200501-13.NASL", "href": "https://www.tenable.com/plugins/nessus/16404", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200501-13.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16404);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-1125\");\n script_xref(name:\"GLSA\", value:\"200501-13\");\n\n script_name(english:\"GLSA-200501-13 : pdftohtml: Vulnerabilities in included Xpdf\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200501-13\n(pdftohtml: Vulnerabilities in included Xpdf)\n\n Xpdf is vulnerable to integer overflows, as described in GLSA\n 200412-24.\n \nImpact :\n\n An attacker could entice a user to convert a specially crafted PDF\n file, potentially resulting in the execution of arbitrary code with the\n rights of the user running pdftohtml.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200410-20\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200501-13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All pdftohtml users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/pdftohtml-0.36-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pdftohtml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/pdftohtml\", unaffected:make_list(\"ge 0.36-r2\"), vulnerable:make_list(\"lt 0.36-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdftohtml\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:25:27", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0804", "CVE-2004-0803", "CVE-2004-1125", "CVE-2004-0888", "CVE-2004-0886"], "description": "**CentOS Errata and Security Advisory** CESA-2005:354\n\n\nTeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes\na text file and a set of formatting commands as input and creates a\ntypesetter-independent .dvi (DeVice Independent) file as output.\n\nA number of security flaws have been found affecting libraries used\ninternally within teTeX. An attacker who has the ability to trick a user\ninto processing a malicious file with teTeX could cause teTeX to crash or\npossibly execute arbitrary code. \n\nA number of integer overflow bugs that affect Xpdf were discovered. The\nteTeX package contains a copy of the Xpdf code used for parsing PDF files\nand is therefore affected by these bugs. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the names CAN-2004-0888 and\nCAN-2004-1125 to these issues.\n\nA number of integer overflow bugs that affect libtiff were discovered. The\nteTeX package contains an internal copy of libtiff used for parsing TIFF\nimage files and is therefore affected by these bugs. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nnames CAN-2004-0803, CAN-2004-0804 and CAN-2004-0886 to these issues.\n\nAlso latex2html is added to package tetex-latex for 64bit platforms.\n\nUsers of teTeX should upgrade to these updated packages, which contain\nbackported patches and are not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023558.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023561.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023562.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023565.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2005-354.html", "edition": 4, "modified": "2005-04-02T05:59:36", "published": "2005-04-01T21:29:55", "href": "http://lists.centos.org/pipermail/centos-announce/2005-April/023558.html", "id": "CESA-2005:354", "title": "tetex security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:20", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2097", "CVE-2006-0301", "CVE-2006-0746", "CVE-2005-0064", "CVE-2004-1125", "CVE-2005-3193", "CVE-2004-0888"], "description": "[7:3.3.1-3.9 ]\n- apply xpdf-splash-overflow-CVE-2006-0301-fix.diff to fix CVE-2006-0301 (#184307)\n[7:3.3.1-3.8]\n- apply xpdf-splash-overflow-CVE-2006-0301-fix.diff to fix CVE-2006-0301 (#179055)\n[7:3.3.1-3.7]\n- apply patch to fix buffer overflow issue in the xpdf codebase\n when handling splash images CVE-2006-0301 (#179055)\n[7:3.3.1-3.6]\n- better fix for CAN-2005-3193\n[7:3.3.1-3.5]\n- add BuildRequires: libieee1284-devel #168356\n- backport patch to fix CAN-2005-3193, #175105\n[7:3.3.1-3.4]\n- apply patch to fix kpdf DoS CAN-2005-2097, #163925\n[7:3.3.1-3.3]\n- More fixing of CAN-2004-0888 patch (bug #135393)\n[3.3.1-3.2]\n- Applied patch to fix CAN-2005-0064\n[7:3.3.1-3.1]\n- Applied patch to fix CAN-2004-1125\n[7:3.3.1-2]\n- fix kfax to use system libtiff\n[7:3.3.1-1]\n- update to 3.3.1\n[7:3.3.0-3]\n- fix typo in buildrequires #135007\n[7:3.3.0-2]\n- only show kcmkmrml in KDE\n- set variables before use\n[3.3.0-1]\n- update to 3.3.0\n[3.3.0-0.1.rc2]\n- update to 3.3.0 rc2\n[7:3.2.3-1]\n- update to 3.2.3\n[7:3.2.2-1]\n- update to 3.2.2\n[7:3.2.1-1]\n- 3.2.1 release\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[7:3.2.0-1.4]\n- fix typo bug, _smp_mflags instead smp_mflags\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[7:3.2.0-0.3]\n- 3.2.0 release\n- built against qt 3.3.0\n- add prereq /sbin/ldconfig\n[7:3.1.95-0.1]\n- KDE 3.2 RC1\n[7:3.1.94-0.1]\n- KDE 3.2 Beta2\n[7:3.1.93-0.2]\n- get rid of rpath\n[7:3.1.93-0.1]\n- KDE 3.2 Beta1\n- cleanup\n[7:3.1.4-1]\n- 3.1.4\n[7:3.1.3-4]\n- disable kpovmodeler temporary. waiting for freeglut\n[7:3.1.3-3]\n- fixed build problem with new gcc\n[7:3.1.3-2]\n- rebuilt\n[7:3.1.3-1]\n- 3.1.3\n[3.1.2-4]\n- disable kpovmodeler temporary. waiting for freeglut\n- built with gcc-3.3-12\n- remove excludearch s390/s390x\n[7:3.1.2-3.1]\n- added epoch for versioned requires where needed\n- built for RHEL\n* Wed Jun 04 2003 Elliot Lee \n- rebuilt\n[3.1.2-2]\n- 3.1.2\n[3.1.1-2]\n- PS/PDF file handling vulnerability\n[3.1.1-1]\n- 3.1.1\n* Mon Feb 24 2003 Elliot Lee \n- debuginfo rebuild\n[3.1-3]\n- get rid of gcc path from dependency_libs\n* Wed Feb 19 2003 Elliot Lee \n- BuildRequires: glut-devel if kpovmodeler\n[3.1-1]\n- 3.1 release\n- remove excludearch ia64\n- remove some unneeded macros\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[3.1-0.3]\n- rc6\n- exclude ia64\n[3.1-0.2]\n- fix desktop file issues\n- get rid of su packages\n[3.1-0.1]\n- update to 3.1 rc4\n[3.0.5-1]\n- update to 3.0.5\n[3.0.4-1]\n- 3.0.4\n* Sun Aug 25 2002 Florian La Roche \n- compile on mainframe\n* Wed Aug 14 2002 Florian La Roche \n- change spec file to work for more archs\n[3.0.3-1]\n- 3.0.3\n- build using gcc-3.2-0.3\n[3.0.2-4]\n- desktop files issues (bug #71018)\n[3.0.2-3]\n- build using gcc-3.2-0.1\n[3.0.2-2]\n- fix desktop files issue\n[3.0.2-1]\n- 3.0.2\n- use desktop-file-install\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[3.0.1-1]\n- 3.0.1\n[3.0.0-5]\n- rename libraries\n[3.0.0-4]\n- Fix libkviewpart.* duplication (kview and kviewshell, #62749)\n- Shut up rpmlint\n[3.0.0-3]\n- Obsolete the old monolithic package\n- Fix build with gcc 3.1\n[3.0.0-2]\n- fix deps problem\n[3.0.0-1]\n- 3.0.0 final\n[3.0.0-0.cvs20020321.1]\n- Add docs for kooka and kuickshow and kfile PostScript plugin\n[3.0.0-0.cvs20020306.1]\n- Update\n- Rename subpackages\n- Dont build kamera on alpha\n[3.0.0-0.cvs20011226.1]\n- Update\n- Reorganize package\n[2.2-0.cvs20010726.1]\n- The -devel package has kscan-related files -n only. Since kscan isnt built\n on s390/s390x, dont build the devel package there.\n[2.2-0.cvs20010724.1]\n- Add more build dependencies (#48970)\n- Remove ia64 workarounds, no longer needed\n- Update\n[2.2-0.cvs20010723.1]\n- Restore -devel package, got lost during the update\n- Fix build on s390/s390x\n- Update\n[2.2-0.cvs20010722.2]\n- Make symlinks relative\n- Update\n* Wed Feb 21 2001 Bernhard Rosenkraenzer \n- 2.1-respin\n* Tue Feb 20 2001 Bernhard Rosenkraenzer \n- 2.1\n* Fri Feb 16 2001 Than Ngo \n- fix to build against glibc\n* Tue Feb 06 2001 Bernhard Rosenkraenzer \n- Get rid of libkdefakes.so.0 dependency\n* Mon Jan 22 2001 Bernhard Rosenkraenzer \n- Update\n* Mon Jan 01 2001 Bernhard Rosenkraenzer \n- Update\n* Wed Dec 20 2000 Bernhard Rosenkraenzer \n- Update\n- Stop excluding ia64\n* Wed Nov 15 2000 Bernhard Rosenkraenzer \n- Update to HEAD\n* Fri Nov 03 2000 Bernhard Rosenkraenzer \n- Update to KDE_2_0_BRANCH\n* Mon Oct 23 2000 Bernhard Rosenkraenzer \n- 2.0 final\n* Thu Aug 24 2000 Than Ngo \n- update to kdegraphics-1.93\n* Sun Aug 20 2000 Than Ngo \n- add missing kdegraphic2 package\n* Mon Aug 07 2000 Bernhard Rosenkraenzer \n- new version\n* Tue Jul 25 2000 Bernhard Rosenkraenzer \n- new snapshot\n- work around compiler bug by disabling kcoloredit for now, FIXME\n* Fri Jul 21 2000 Bernhard Rosenkraenzer \n- new snapshot\n- SMPify build\n* Sun Jul 16 2000 Than Ngo \n- use gcc 2.96\n- new snapshot\n- fix docdir\n* Fri Jun 23 2000 Bernhard Rosenkraenzer \n- Add Epoch - for some reason, rpm thinks 1.1.2 > 1.92.20000623.\n* Tue Jun 20 2000 Bernhard Rosenkraenzer \n- new snapshot\n- ExcludeArch ia64 for now\n* Sat Mar 18 2000 Bernhard Rosenkraenzer \n- new snapshot\n- move it to /usr, where it belongs\n* Sun Oct 24 1999 Bernhard Rosenkraenzer \n- Fix compilation\n* Fri Oct 22 1999 Bernhard Rosenkraenzer \n- 2.0 CVS\n* Fri Sep 24 1999 Preston Brown \n- mark doc files as such\n* Wed Sep 08 1999 Preston Brown \n- upgraded to 1.1.2 release\n* Fri Jun 11 1999 Preston Brown \n- snapshot, includes kde 1.1.1 + fixes\n* Mon Apr 19 1999 Preston Brown \n- last snapshot before release\n* Mon Apr 12 1999 Preston Brown \n- latest stable snapshot\n* Wed Feb 24 1999 Preston Brown \n- Injected new description and group.\n* Mon Feb 08 1999 Preston Brown \n- upgraded to KDE 1.1 final.\n* Sat Feb 06 1999 Preston Brown \n- updates to new libstdc++ and rpm standards.\n* Wed Jan 06 1999 Preston Brown \n- re-merged in updates from Duncan Haldane", "edition": 5, "modified": "2006-11-30T00:00:00", "published": "2006-11-30T00:00:00", "id": "ELSA-2006-0262", "href": "http://linux.oracle.com/errata/ELSA-2006-0262.html", "title": "kdegraphics security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
