Search...

FreeBSD Ports: xfce4-panel, libxfce4gui

2008-09-04T00:00:00

ID OPENVAS:60227
Type openvas
Reporter Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
Modified 2016-10-04T00:00:00

Description

The remote host is missing an update to the system as announced in the referenced advisory.

                                        
                                            #
#VID 024edd06-c933-11dc-810c-0016179b2dd5
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from vuxml or freebsd advisories
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "The following packages are affected:
   xfce4-panel
   libxfce4gui

CVE-2007-6531
Stack-based buffer overflow in the Panel (xfce4-panel) component in
Xfce before 4.4.2 might allow remote attackers to execute arbitrary
code via Launcher tooltips.  NOTE: a second buffer overflow
(over-read) in the xfce_mkdirhier function was also reported, but it
might not be exploitable for a crash or code execution, so it is not a
vulnerability.

CVE-2007-6532
Double-free vulnerability in the Widget Library (libxfcegui4) in Xfce
before 4.4.2 might allow remote attackers to execute arbitrary code
via unknown vectors related to the 'cliend id, program name and
working directory in session management.'";
tag_solution = "Update your system with the appropriate patches or
software upgrades.

http://www.xfce.org/documentation/changelogs/4.4.2
http://www.gentoo.org/security/en/glsa/glsa-200801-06.xml
http://www.vuxml.org/freebsd/024edd06-c933-11dc-810c-0016179b2dd5.html";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory.";


if(description)
{
 script_id(60227);
 script_version("$Revision: 4203 $");
 script_tag(name:"last_modification", value:"$Date: 2016-10-04 07:30:30 +0200 (Tue, 04 Oct 2016) $");
 script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
 script_cve_id("CVE-2007-6531", "CVE-2007-6532");
 script_tag(name:"cvss_base", value:"10.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_name("FreeBSD Ports: xfce4-panel, libxfce4gui");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
 script_family("FreeBSD Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/freebsdrel", "login/SSH/success");
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-bsd.inc");

txt = "";
vuln = 0;
bver = portver(pkg:"xfce4-panel");
if(!isnull(bver) && revcomp(a:bver, b:"4.4.1_1")&gt;0) {
    txt += 'Package xfce4-panel version ' + bver + ' is installed which is known to be vulnerable.\n';
    vuln = 1;
}
bver = portver(pkg:"libxfce4gui");
if(!isnull(bver) && revcomp(a:bver, b:"4.4.1_1")&gt;0) {
    txt += 'Package libxfce4gui version ' + bver + ' is installed which is known to be vulnerable.\n';
    vuln = 1;
}

if(vuln) {
    security_message(data:string(txt));
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"href": "http://plugins.openvas.org/nasl.php?oid=60227", "history": [], "naslFamily": "FreeBSD Local Security Checks", "id": "OPENVAS:60227", "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "title": "FreeBSD Ports: xfce4-panel, libxfce4gui", "bulletinFamily": "scanner", "type": "openvas", "sourceData": "#\n#VID 024edd06-c933-11dc-810c-0016179b2dd5\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n xfce4-panel\n libxfce4gui\n\nCVE-2007-6531\nStack-based buffer overflow in the Panel (xfce4-panel) component in\nXfce before 4.4.2 might allow remote attackers to execute arbitrary\ncode via Launcher tooltips. NOTE: a second buffer overflow\n(over-read) in the xfce_mkdirhier function was also reported, but it\nmight not be exploitable for a crash or code execution, so it is not a\nvulnerability.\n\nCVE-2007-6532\nDouble-free vulnerability in the Widget Library (libxfcegui4) in Xfce\nbefore 4.4.2 might allow remote attackers to execute arbitrary code\nvia unknown vectors related to the 'cliend id, program name and\nworking directory in session management.'\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.xfce.org/documentation/changelogs/4.4.2\nhttp://www.gentoo.org/security/en/glsa/glsa-200801-06.xml\nhttp://www.vuxml.org/freebsd/024edd06-c933-11dc-810c-0016179b2dd5.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60227);\n script_version(\"$Revision: 4203 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-10-04 07:30:30 +0200 (Tue, 04 Oct 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-6531\", \"CVE-2007-6532\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: xfce4-panel, libxfce4gui\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"xfce4-panel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.4.1_1\")>0) {\n txt += 'Package xfce4-panel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"libxfce4gui\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.4.1_1\")>0) {\n txt += 'Package libxfce4gui version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "pluginID": "60227", "hash": "942ff43f1018eb320e18706ec34851fca9b2cddbbec1dcaf9d570c1d586590a5", "references": [], "edition": 1, "cvelist": ["CVE-2007-6532", "CVE-2007-6531"], "lastseen": "2017-07-02T21:10:13", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-6532", "CVE-2007-6531"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_024EDD06C93311DC810C0016179B2DD5.NASL", "GENTOO_GLSA-200801-06.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18835", "SECURITYVULNS:VULN:8553"]}, {"type": "openvas", "idList": ["OPENVAS:60141"]}, {"type": "gentoo", "idList": ["GLSA-200801-06"]}, {"type": "freebsd", "idList": ["024EDD06-C933-11DC-810C-0016179B2DD5"]}], "modified": "2017-07-02T21:10:13"}, "vulnersScore": 7.5}, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "12fe384f3248c0c80d4739a34e18bfbb"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "b61b488598bc075b85e0c3d5f67ea70d"}, {"key": "href", "hash": "79ff090efbf520e7747c3ded4a060bf3"}, {"key": "modified", "hash": "874bc1e4a5cb164285fb16be0c74e311"}, {"key": "naslFamily", "hash": "fe45aa727b58c1249bf04cfb7b4e6ae0"}, {"key": "pluginID", "hash": "da4064fde1f9d43d8e2c723d78f91abe"}, {"key": "published", "hash": "3279d6bcb2694afed9a239160294bca1"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "244cbbd9c3f044aa5d0644924a7459d1"}, {"key": "sourceData", "hash": "7b98c7f5cbee7192f96cf64e0a45cd80"}, {"key": "title", "hash": "e080a12e03ca6b108b1f5fdcaf377788"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "objectVersion": "1.3", "modified": "2016-10-04T00:00:00"}

{"cve": [{"lastseen": "2016-09-03T09:54:04", "bulletinFamily": "NVD", "description": "Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.", "modified": "2011-03-07T22:03:07", "published": "2008-01-09T18:46:00", "id": "CVE-2007-6531", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6531", "type": "cve", "title": "CVE-2007-6531", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-03T09:54:04", "bulletinFamily": "NVD", "description": "Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the \"cliend id, program name and working directory in session management.\"", "modified": "2011-03-07T22:03:07", "published": "2008-01-09T18:46:00", "id": "CVE-2007-6532", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6532", "type": "cve", "title": "CVE-2007-6532", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:10:43", "bulletinFamily": "scanner", "description": "Gentoo reports :\n\nA remote attacker could entice a user to install a specially crafted 'rc' file to execute arbitrary code via long strings in the 'Name' and 'Comment' fields or via unspecified vectors involving the second vulnerability.", "modified": "2018-12-19T00:00:00", "id": "FREEBSD_PKG_024EDD06C93311DC810C0016179B2DD5.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31081", "published": "2008-02-14T00:00:00", "title": "FreeBSD : xfce -- multiple vulnerabilities (024edd06-c933-11dc-810c-0016179b2dd5)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31081);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/12/19 13:21:18\");\n\n script_cve_id(\"CVE-2007-6531\", \"CVE-2007-6532\");\n\n script_name(english:\"FreeBSD : xfce -- multiple vulnerabilities (024edd06-c933-11dc-810c-0016179b2dd5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gentoo reports :\n\nA remote attacker could entice a user to install a specially crafted\n'rc' file to execute arbitrary code via long strings in the 'Name' and\n'Comment' fields or via unspecified vectors involving the second\nvulnerability.\"\n );\n # http://www.xfce.org/documentation/changelogs/4.4.2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.xfce.org/\"\n );\n # http://www.gentoo.org/security/en/glsa/glsa-200801-06.xml\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200801-06\"\n );\n # https://vuxml.freebsd.org/freebsd/024edd06-c933-11dc-810c-0016179b2dd5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?40c797b0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxfce4gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:xfce4-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"xfce4-panel<4.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxfce4gui<4.4.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:10:37", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200801-06 (Xfce: Multiple vulnerabilities)\n\n Gregory Andersen reported that the Xfce4 panel does not correctly calculate memory boundaries, leading to a stack-based buffer overflow in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi Kawahata reported libxfcegui4 did not copy provided values when creating 'SessionClient' structs, possibly leading to access of freed memory areas (CVE-2007-6532).\n Impact :\n\n A remote attacker could entice a user to install a specially crafted 'rc' file to execute arbitrary code via long strings in the 'Name' and 'Comment' fields or via unspecified vectors involving the second vulnerability.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-08-10T00:00:00", "id": "GENTOO_GLSA-200801-06.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29910", "published": "2008-01-10T00:00:00", "title": "GLSA-200801-06 : Xfce: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200801-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29910);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2007-6531\", \"CVE-2007-6532\");\n script_xref(name:\"GLSA\", value:\"200801-06\");\n\n script_name(english:\"GLSA-200801-06 : Xfce: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200801-06\n(Xfce: Multiple vulnerabilities)\n\n Gregory Andersen reported that the Xfce4 panel does not correctly\n calculate memory boundaries, leading to a stack-based buffer overflow\n in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi\n Kawahata reported libxfcegui4 did not copy provided values when\n creating 'SessionClient' structs, possibly leading to access of freed\n memory areas (CVE-2007-6532).\n \nImpact :\n\n A remote attacker could entice a user to install a specially crafted\n 'rc' file to execute arbitrary code via long strings in the 'Name' and\n 'Comment' fields or via unspecified vectors involving the second\n vulnerability.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200801-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Xfce4 panel users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=xfce-base/xfce4-panel-4.4.2'\n All libxfcegui4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=xfce-base/libxfcegui4-4.4.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libxfcegui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xfce4-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"xfce-base/libxfcegui4\", unaffected:make_list(\"ge 4.4.2\"), vulnerable:make_list(\"lt 4.4.2\"))) flag++;\nif (qpkg_check(package:\"xfce-base/xfce4-panel\", unaffected:make_list(\"ge 4.4.2\"), vulnerable:make_list(\"lt 4.4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xfce\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:36", "bulletinFamily": "unix", "description": "\nGentoo reports:\n\nA remote attacker could entice a user to install a specially\n\t crafted \"rc\" file to execute arbitrary code via long strings\n\t in the \"Name\" and \"Comment\" fields or via unspecified vectors\n\t involving the second vulnerability.\n\n", "modified": "2008-02-13T00:00:00", "published": "2008-01-09T00:00:00", "id": "024EDD06-C933-11DC-810C-0016179B2DD5", "href": "https://vuxml.freebsd.org/freebsd/024edd06-c933-11dc-810c-0016179b2dd5.html", "title": "xfce -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:19", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200801-06.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60141", "id": "OPENVAS:60141", "title": "Gentoo Security Advisory GLSA 200801-06 (xfce4-panel libxfcegui4)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Xfce might allow user-assisted attackers to\nexecute arbitrary code.\";\ntag_solution = \"All Xfce4 panel users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=xfce-base/xfce4-panel-4.4.2'\n\nAll libxfcegui4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=xfce-base/libxfcegui4-4.4.2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200801-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=201292\nhttp://bugs.gentoo.org/show_bug.cgi?id=201293\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200801-06.\";\n\n \n\nif(description)\n{\n script_id(60141);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-6531\", \"CVE-2007-6532\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200801-06 (xfce4-panel libxfcegui4)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"xfce-base/xfce4-panel\", unaffected: make_list(\"ge 4.4.2\"), vulnerable: make_list(\"lt 4.4.2\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"xfce-base/libxfcegui4\", unaffected: make_list(\"ge 4.4.2\"), vulnerable: make_list(\"lt 4.4.2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:47", "bulletinFamily": "unix", "description": "### Background\n\nXfce is a GTK+ 2 based desktop environment that allows to run a modern desktop environment on modest hardware. \n\n### Description\n\nGregory Andersen reported that the Xfce4 panel does not correctly calculate memory boundaries, leading to a stack-based buffer overflow in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi Kawahata reported libxfcegui4 did not copy provided values when creating \"SessionClient\" structs, possibly leading to access of freed memory areas (CVE-2007-6532). \n\n### Impact\n\nA remote attacker could entice a user to install a specially crafted \"rc\" file to execute arbitrary code via long strings in the \"Name\" and \"Comment\" fields or via unspecified vectors involving the second vulnerability. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Xfce4 panel users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=xfce-base/xfce4-panel-4.4.2\"\n\nAll libxfcegui4 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=xfce-base/libxfcegui4-4.4.2\"", "modified": "2008-01-10T00:00:00", "published": "2008-01-09T00:00:00", "id": "GLSA-200801-06", "href": "https://security.gentoo.org/glsa/200801-06", "type": "gentoo", "title": "Xfce: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200801-06:02\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Xfce: Multiple vulnerabilities\r\n Date: January 09, 2008\r\n Updated: January 09, 2008\r\n Bugs: #201292, #201293\r\n ID: 200801-06:02\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nMultiple vulnerabilities in Xfce might allow user-assisted attackers to\r\nexecute arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nXfce is a GTK+ 2 based desktop environment that allows to run a modern\r\ndesktop environment on modest hardware.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 xfce-base/xfce4-panel < 4.4.2 >= 4.4.2\r\n 2 xfce-base/libxfcegui4 < 4.4.2 >= 4.4.2\r\n -------------------------------------------------------------------\r\n 2 affected packages on all of their supported architectures.\r\n -------------------------------------------------------------------\r\n\r\nDescription\r\n===========\r\n\r\nGregory Andersen reported that the Xfce4 panel does not correctly\r\ncalculate memory boundaries, leading to a stack-based buffer overflow\r\nin the launcher_update_panel_entry() function (CVE-2007-6531). Daichi\r\nKawahata reported libxfcegui4 did not copy provided values when\r\ncreating "SessionClient" structs, possibly leading to access of freed\r\nmemory areas (CVE-2007-6532).\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker could entice a user to install a specially crafted\r\n"rc" file to execute arbitrary code via long strings in the "Name" and\r\n"Comment" fields or via unspecified vectors involving the second\r\nvulnerability.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Xfce4 panel users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=xfce-base/xfce4-panel-4.4.2"\r\n\r\nAll libxfcegui4 users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=xfce-base/libxfcegui4-4.4.2"\r\n\r\nPlease refer to the Upgrading section of the Xfce Configuration Guide\r\nin case you are upgrading from Xfce 4.2.\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2007-6531\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6531\r\n [ 2 ] CVE-2007-6532\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6532\r\n [ 3 ] Xfce Configuration Guide\r\n http://www.gentoo.org/doc/en/xfce-config.xml\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200801-06.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2008 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5", "modified": "2008-01-10T00:00:00", "published": "2008-01-10T00:00:00", "id": "SECURITYVULNS:DOC:18835", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18835", "title": "[ GLSA 200801-06 ] Xfce: Multiple vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "description": "Buffer overflow, access to free()'d memory.", "modified": "2008-01-10T00:00:00", "published": "2008-01-10T00:00:00", "id": "SECURITYVULNS:VULN:8553", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8553", "title": "XFCS multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}