ID OPENVAS:56791 Type openvas Reporter Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com Modified 2017-07-07T00:00:00
Description
The remote host is missing updates announced in
advisory GLSA 200605-14.
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from Gentoo's XML based advisory
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "libextractor is vulnerable to two heap overflow vulnerabilities which could
lead to the execution of arbitrary code.";
tag_solution = "All libextractor users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/libextractor-0.5.14'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200605-14
http://bugs.gentoo.org/show_bug.cgi?id=133570
http://aluigi.altervista.org/adv/libextho-adv.txt";
tag_summary = "The remote host is missing updates announced in
advisory GLSA 200605-14.";
if(description)
{
script_id(56791);
script_version("$Revision: 6596 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $");
script_tag(name:"creation_date", value:"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)");
script_bugtraq_id(18021);
script_cve_id("CVE-2006-2458");
script_tag(name:"cvss_base", value:"4.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:P/I:P/A:N");
script_name("Gentoo Security Advisory GLSA 200605-14 (libextractor)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-gentoo.inc");
res = "";
report = "";
if ((res = ispkgvuln(pkg:"media-libs/libextractor", unaffected: make_list("ge 0.5.14"), vulnerable: make_list("lt 0.5.14"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:56791", "type": "openvas", "bulletinFamily": "scanner", "title": "Gentoo Security Advisory GLSA 200605-14 (libextractor)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200605-14.", "published": "2008-09-24T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56791", "reporter": "Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2006-2458"], "lastseen": "2017-07-24T12:50:16", "viewCount": 0, "enchantments": {"score": {"value": 7.3, "vector": "NONE", "modified": "2017-07-24T12:50:16", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-2458"]}, {"type": "gentoo", "idList": ["GLSA-200605-14"]}, {"type": "nessus", "idList": ["SUSE_LIBEXTRACTOR-1426.NASL", "GENTOO_GLSA-200605-14.NASL", "DEBIAN_DSA-1081.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:1801"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1081-1:3D324"]}, {"type": "openvas", "idList": ["OPENVAS:56835"]}, {"type": "osvdb", "idList": ["OSVDB:25663", "OSVDB:25664"]}], "modified": "2017-07-24T12:50:16", "rev": 2}, "vulnersScore": 7.3}, "pluginID": "56791", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libextractor is vulnerable to two heap overflow vulnerabilities which could\nlead to the execution of arbitrary code.\";\ntag_solution = \"All libextractor users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libextractor-0.5.14'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200605-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=133570\nhttp://aluigi.altervista.org/adv/libextho-adv.txt\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200605-14.\";\n\n \n\nif(description)\n{\n script_id(56791);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(18021);\n script_cve_id(\"CVE-2006-2458\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200605-14 (libextractor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/libextractor\", unaffected: make_list(\"ge 0.5.14\"), vulnerable: make_list(\"lt 0.5.14\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Gentoo Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:48:15", "description": "Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).", "edition": 3, "cvss3": {}, "published": "2006-05-18T23:02:00", "title": "CVE-2006-2458", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2458"], "modified": "2018-10-18T16:40:00", "cpe": ["cpe:/a:libextractor:libextractor:0.5.13"], "id": "CVE-2006-2458", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2458", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:libextractor:libextractor:0.5.13:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:27", "bulletinFamily": "unix", "cvelist": ["CVE-2006-2458"], "edition": 1, "description": "### Background\n\nlibextractor is a library used to extract metadata from arbitrary files. \n\n### Description\n\nLuigi Auriemma has found two heap-based buffer overflows in libextractor 0.5.13 and earlier: one of them occurs in the asf_read_header function in the ASF plugin, and the other occurs in the parse_trak_atom function in the Qt plugin. \n\n### Impact\n\nBy enticing a user to open a malformed file using an application that employs libextractor and its ASF or Qt plugins, an attacker could execute arbitrary code in the context of the application running the affected library. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll libextractor users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libextractor-0.5.14\"", "modified": "2006-05-21T00:00:00", "published": "2006-05-21T00:00:00", "id": "GLSA-200605-14", "href": "https://security.gentoo.org/glsa/200605-14", "type": "gentoo", "title": "libextractor: Two heap-based buffer overflows", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "cvelist": ["CVE-2006-2458"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://gnunet.org/libextractor/\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200605-14.xml)\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2006-06-02.html)\n[Secunia Advisory ID:20150](https://secuniaresearch.flexerasoftware.com/advisories/20150/)\n[Secunia Advisory ID:20457](https://secuniaresearch.flexerasoftware.com/advisories/20457/)\n[Secunia Advisory ID:20326](https://secuniaresearch.flexerasoftware.com/advisories/20326/)\n[Secunia Advisory ID:20160](https://secuniaresearch.flexerasoftware.com/advisories/20160/)\n[Related OSVDB ID: 25664](https://vulners.com/osvdb/OSVDB:25664)\nOther Advisory URL: http://aluigi.altervista.org/adv/libextho-adv.txt\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1081\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0430.html\n[CVE-2006-2458](https://vulners.com/cve/CVE-2006-2458)\n", "modified": "2006-05-17T06:17:36", "published": "2006-05-17T06:17:36", "href": "https://vulners.com/osvdb/OSVDB:25663", "id": "OSVDB:25663", "title": "libextractor asfextractor asf_read_header() Function Overflow", "type": "osvdb", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "cvelist": ["CVE-2006-2458"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://gnunet.org/libextractor/\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200605-14.xml)\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2006-06-02.html)\n[Secunia Advisory ID:20150](https://secuniaresearch.flexerasoftware.com/advisories/20150/)\n[Secunia Advisory ID:20457](https://secuniaresearch.flexerasoftware.com/advisories/20457/)\n[Secunia Advisory ID:20326](https://secuniaresearch.flexerasoftware.com/advisories/20326/)\n[Secunia Advisory ID:20160](https://secuniaresearch.flexerasoftware.com/advisories/20160/)\n[Related OSVDB ID: 25663](https://vulners.com/osvdb/OSVDB:25663)\nOther Advisory URL: http://aluigi.altervista.org/adv/libextho-adv.txt\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1081\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0430.html\n[CVE-2006-2458](https://vulners.com/cve/CVE-2006-2458)\n", "modified": "2006-05-17T06:17:36", "published": "2006-05-17T06:17:36", "href": "https://vulners.com/osvdb/OSVDB:25664", "id": "OSVDB:25664", "title": "libextractor qtextractor parse_trak_atom() Function Overflow", "type": "osvdb", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-24T12:49:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2458"], "description": "The remote host is missing an update to libextractor\nannounced via advisory DSA 1081-1.\n\nLuigi Auriemma discovered a buffer overflow in the processing of ASF\nfiles in libextractor, a library to extract arbitrary meta-data from\nfiles., which can lead to the execution of arbitrary code.\n\nThe old stable distribution (woody) is not affected by this problem.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56835", "href": "http://plugins.openvas.org/nasl.php?oid=56835", "type": "openvas", "title": "Debian Security Advisory DSA 1081-1 (libextractor)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1081_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1081-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 0.4.2-2sarge5.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.5.14-1.\n\nWe recommend that you upgrade your libextractor packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201081-1\";\ntag_summary = \"The remote host is missing an update to libextractor\nannounced via advisory DSA 1081-1.\n\nLuigi Auriemma discovered a buffer overflow in the processing of ASF\nfiles in libextractor, a library to extract arbitrary meta-data from\nfiles., which can lead to the execution of arbitrary code.\n\nThe old stable distribution (woody) is not affected by this problem.\";\n\n\nif(description)\n{\n script_id(56835);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:09:45 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-2458\");\n script_bugtraq_id(18021);\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 1081-1 (libextractor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"extract\", ver:\"0.4.2-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libextractor1\", ver:\"0.4.2-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libextractor1-dev\", ver:\"0.4.2-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "exploitdb": [{"lastseen": "2016-01-31T14:54:43", "description": "libextractor. CVE-2006-2458. Dos exploits for multiple platform", "published": "2006-05-17T00:00:00", "type": "exploitdb", "title": "libextractor <= 0.5.13 - Multiple Heap Overflow PoC Exploits", "bulletinFamily": "exploit", "cvelist": ["CVE-2006-2458"], "modified": "2006-05-17T00:00:00", "id": "EDB-ID:1801", "href": "https://www.exploit-db.com/exploits/1801/", "sourceData": "# libextractor <= 0.5.13 Multiple Heap Overflow PoC Exploits\r\n\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/1801.zip (05172006-libextho.zip)\r\n\r\n# milw0rm.com [2006-05-17]\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/1801/"}], "debian": [{"lastseen": "2020-11-11T13:21:43", "bulletinFamily": "unix", "cvelist": ["CVE-2006-2458"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1081-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMay 29th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libextractor\nVulnerability : buffer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2006-2458\nBugTraq ID : 18021\n\nLuigi Auriemma discovered a buffer overflow in the processing of ASF\nfiles in libextractor, a library to extract arbitrary meta-data from\nfiles., which can lead to the execution of arbitrary code.\n\nThe old stable distribution (woody) is not affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.4.2-2sarge5.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.5.14-1.\n\nWe recommend that you upgrade your libextractor packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge5.dsc\n Size/MD5 checksum: 778 c3215a74f69c129ed235db8b5fe178e6\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge5.diff.gz\n Size/MD5 checksum: 7079 d2037e9f74bef85bf4a73f852ddfafad\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2.orig.tar.gz\n Size/MD5 checksum: 5887095 d99e1b13a017d39700e376a0edbf7ba2\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_alpha.deb\n Size/MD5 checksum: 19598 815bb87bcc9d5e143513c8adff67b338\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_alpha.deb\n Size/MD5 checksum: 5804952 22c415c2aee20ed8007a2d0662bebad6\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_alpha.deb\n Size/MD5 checksum: 19384 2f3a45d22e6a52721ed57543f199313f\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_amd64.deb\n Size/MD5 checksum: 18270 1a47010ad219b069f264a8024fd72aed\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_amd64.deb\n Size/MD5 checksum: 5641542 efb4ac008ec794d8d17d1eb214ad3542\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_amd64.deb\n Size/MD5 checksum: 17548 d6763b38aca5065486aa3c45f49dd2e0\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_arm.deb\n Size/MD5 checksum: 17648 7e52bda1ca202ea165cf305092d063f7\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_arm.deb\n Size/MD5 checksum: 5710838 71d5589d4a0c3815a0b24474fb44af68\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_arm.deb\n Size/MD5 checksum: 16964 0bc00d8fa937e1958c4db72f01566732\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_i386.deb\n Size/MD5 checksum: 17788 09bb0f12aa606fb48b7574305ccd8abc\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_i386.deb\n Size/MD5 checksum: 5713332 234c03f92ed071fdc69844e04523514c\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_i386.deb\n Size/MD5 checksum: 16706 5c5744dc49991cf0789a33f8a43557e1\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_ia64.deb\n Size/MD5 checksum: 20578 ade1344228270f2a2faede7e2507913c\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_ia64.deb\n Size/MD5 checksum: 5905588 d1d4a949aecc95d5a3715a5e1bcc4b70\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_ia64.deb\n Size/MD5 checksum: 19328 6aa6ab7c949e0dd8771b8961f97fbe4b\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_hppa.deb\n Size/MD5 checksum: 18728 fbd85db9bf81bd503cd9101d782e7610\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_hppa.deb\n Size/MD5 checksum: 5687480 0ead195a721a06e0361b33da33e2cb6c\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_hppa.deb\n Size/MD5 checksum: 17880 9cd7927dece9ba96f162cb4a3e94b62c\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_m68k.deb\n Size/MD5 checksum: 17366 c5b4f3d26088cd7e20bddf43607ad460\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_m68k.deb\n Size/MD5 checksum: 5708448 2be9420e48bda34ee4b7ca60a08007d3\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_m68k.deb\n Size/MD5 checksum: 16574 5ef21edcb2b7be36a3e5bb13355a60bf\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_mips.deb\n Size/MD5 checksum: 18586 d024ee53f3337ec967a0b660c2a8d781\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_mips.deb\n Size/MD5 checksum: 5729374 80e33bbc9f3347e296d34bdfce142a90\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_mips.deb\n Size/MD5 checksum: 17882 563942bd2a628afbc5a2475d5e9de5ec\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_mipsel.deb\n Size/MD5 checksum: 18640 acb9a3bca9d8ded8a1a58762be94d1b6\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_mipsel.deb\n Size/MD5 checksum: 5727126 0e0346025b7ab811d9157fe5b6742499\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_mipsel.deb\n Size/MD5 checksum: 17918 61e23eb764acadc7af516a77451e0fb9\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_powerpc.deb\n Size/MD5 checksum: 19770 7acbd573f6316a70ae546ea67aa90d96\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_powerpc.deb\n Size/MD5 checksum: 5678108 1837c793ee66dd1808b2fa45e97c5a5a\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_powerpc.deb\n Size/MD5 checksum: 17740 4977aa16ee70428ed20b8bca1822c7d4\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_s390.deb\n Size/MD5 checksum: 18154 6aa5dffe5d0e7ad9c7b0393e58317756\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_s390.deb\n Size/MD5 checksum: 5768262 83c28645ee0719728be1436d5d61e697\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_s390.deb\n Size/MD5 checksum: 18100 181d2897f6e9b3c058ac78c8b5ae82a1\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge5_sparc.deb\n Size/MD5 checksum: 17660 3c84b9981ee26f04e2a77d9b338c78b1\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge5_sparc.deb\n Size/MD5 checksum: 5752372 f24a5dcbd614ee91b7c8951586be1c7b\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge5_sparc.deb\n Size/MD5 checksum: 16872 e12a3b7c42006fce3418ceafb9ea3618\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2006-05-29T00:00:00", "published": "2006-05-29T00:00:00", "id": "DEBIAN:DSA-1081-1:3D324", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00167.html", "title": "[SECURITY] [DSA 1081-1] New libextractor packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-07T10:52:03", "description": "The remote host is affected by the vulnerability described in GLSA-200605-14\n(libextractor: Two heap-based buffer overflows)\n\n Luigi Auriemma has found two heap-based buffer overflows in\n libextractor 0.5.13 and earlier: one of them occurs in the\n asf_read_header function in the ASF plugin, and the other occurs in the\n parse_trak_atom function in the Qt plugin.\n \nImpact :\n\n By enticing a user to open a malformed file using an application\n that employs libextractor and its ASF or Qt plugins, an attacker could\n execute arbitrary code in the context of the application running the\n affected library.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2006-05-22T00:00:00", "title": "GLSA-200605-14 : libextractor: Two heap-based buffer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2458"], "modified": "2006-05-22T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:libextractor"], "id": "GENTOO_GLSA-200605-14.NASL", "href": "https://www.tenable.com/plugins/nessus/21578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200605-14.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21578);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2458\");\n script_xref(name:\"GLSA\", value:\"200605-14\");\n\n script_name(english:\"GLSA-200605-14 : libextractor: Two heap-based buffer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200605-14\n(libextractor: Two heap-based buffer overflows)\n\n Luigi Auriemma has found two heap-based buffer overflows in\n libextractor 0.5.13 and earlier: one of them occurs in the\n asf_read_header function in the ASF plugin, and the other occurs in the\n parse_trak_atom function in the Qt plugin.\n \nImpact :\n\n By enticing a user to open a malformed file using an application\n that employs libextractor and its ASF or Qt plugins, an attacker could\n execute arbitrary code in the context of the application running the\n affected library.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aluigi.altervista.org/adv/libextho-adv.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200605-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libextractor users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libextractor-0.5.14'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libextractor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/22\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/libextractor\", unaffected:make_list(\"ge 0.5.14\"), vulnerable:make_list(\"lt 0.5.14\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libextractor\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-17T14:46:23", "description": "Fix heap overflow in the asf plugin (CVE-2006-2458) [# 176280]. Fix\nheap overflow in the qt plugin (CVE-2006-2458) [# 176280].", "edition": 24, "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : libextractor (libextractor-1426)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2458"], "modified": "2007-10-17T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:libextractor"], "id": "SUSE_LIBEXTRACTOR-1426.NASL", "href": "https://www.tenable.com/plugins/nessus/27321", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libextractor-1426.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27321);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2458\");\n\n script_name(english:\"openSUSE 10 Security Update : libextractor (libextractor-1426)\");\n script_summary(english:\"Check for the libextractor-1426 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix heap overflow in the asf plugin (CVE-2006-2458) [# 176280]. Fix\nheap overflow in the qt plugin (CVE-2006-2458) [# 176280].\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libextractor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libextractor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libextractor-0.5.10-12.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libextractor\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-06T09:44:37", "description": "Luigi Auriemma discovered a buffer overflow in the processing of ASF\nfiles in libextractor, a library to extract arbitrary meta-data from\nfiles, which can lead to the execution of arbitrary code.", "edition": 26, "published": "2006-10-14T00:00:00", "title": "Debian DSA-1081-1 : libextractor - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-2458"], "modified": "2006-10-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:libextractor"], "id": "DEBIAN_DSA-1081.NASL", "href": "https://www.tenable.com/plugins/nessus/22623", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1081. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22623);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-2458\");\n script_bugtraq_id(18021);\n script_xref(name:\"DSA\", value:\"1081\");\n\n script_name(english:\"Debian DSA-1081-1 : libextractor - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Luigi Auriemma discovered a buffer overflow in the processing of ASF\nfiles in libextractor, a library to extract arbitrary meta-data from\nfiles, which can lead to the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1081\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libextractor packages.\n\nThe old stable distribution (woody) is not affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.4.2-2sarge5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libextractor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"extract\", reference:\"0.4.2-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libextractor1\", reference:\"0.4.2-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libextractor1-dev\", reference:\"0.4.2-2sarge5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}]}
