ID OPENVAS:63375 Type openvas Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com Modified 2017-07-10T00:00:00
Description
The remote host is missing an update to libcdaudio
announced via advisory FEDORA-2008-11956.
# OpenVAS Vulnerability Test
# $Id: fcore_2008_11956.nasl 6624 2017-07-10 06:11:55Z cfischer $
# Description: Auto-generated from advisory FEDORA-2008-11956 (libcdaudio)
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "libcdaudio is a library designed to provide functions to control
operation of a CD-ROM when playing audio CDs. It also contains
functions for CDDB and CD Index lookup.
Update Information:
This update fixes a potential buffer overflow caused by large amount of CDDB
replies (CVE-2005-0706).
ChangeLog:
* Sat Dec 27 2008 Axel Thimm - 0.99.12p2-11
- Fix CVE-2005-0706.
* Wed May 21 2008 Tom spot Callaway - 0.99.12p2-10
- took COPYING out of doc (it is simply wrong)
- fixed license tag";
tag_solution = "Apply the appropriate updates.
This update can be installed with the yum update program. Use
su -c 'yum update libcdaudio' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-11956";
tag_summary = "The remote host is missing an update to libcdaudio
announced via advisory FEDORA-2008-11956.";
if(description)
{
script_id(63375);
script_version("$Revision: 6624 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)");
script_cve_id("CVE-2005-0706");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Fedora Core 9 FEDORA-2008-11956 (libcdaudio)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name : "URL" , value : "https://bugzilla.redhat.com/show_bug.cgi?id=470552");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"libcdaudio", rpm:"libcdaudio~0.99.12p2~11.fc9", rls:"FC9")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"libcdaudio-devel", rpm:"libcdaudio-devel~0.99.12p2~11.fc9", rls:"FC9")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"libcdaudio-debuginfo", rpm:"libcdaudio-debuginfo~0.99.12p2~11.fc9", rls:"FC9")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:63375", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 9 FEDORA-2008-11956 (libcdaudio)", "description": "The remote host is missing an update to libcdaudio\nannounced via advisory FEDORA-2008-11956.", "published": "2009-02-13T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63375", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=470552"], "cvelist": ["CVE-2005-0706"], "lastseen": "2017-07-25T10:56:04", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2017-07-25T10:56:04", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-0706"]}, {"type": "gentoo", "idList": ["GLSA-200503-21", "GLSA-200504-07"]}, {"type": "osvdb", "idList": ["OSVDB:14643"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0005"]}, {"type": "redhat", "idList": ["RHSA-2005:304", "RHSA-2009:0005"]}, {"type": "centos", "idList": ["CESA-2009:0005-01", "CESA-2009:0005"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:8267"]}, {"type": "nessus", "idList": ["MANDRAKE_MDKSA-2005-074.NASL", "MANDRAKE_MDKSA-2005-066.NASL", "GENTOO_GLSA-200504-07.NASL", "REDHAT-RHSA-2005-304.NASL", "ORACLELINUX_ELSA-2009-0005.NASL", "FEDORA_2008-11848.NASL", "CENTOS_RHSA-2009-0005.NASL", "REDHAT-RHSA-2009-0005.NASL", "SL_20090107_GNOME_VFS2_ON_SL3_X.NASL", "FEDORA_2008-10126.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:63347", "OPENVAS:880735", "OPENVAS:860720", "OPENVAS:1361412562310880735", "OPENVAS:54886", "OPENVAS:63329", "OPENVAS:63185", "OPENVAS:1361412562310880919", "OPENVAS:136141256231063110", "OPENVAS:860941"]}, {"type": "freebsd", "idList": ["BD730827-DFE0-11DD-A765-0030843D3802", "BCF27002-94C3-11D9-A9E0-0001020EED82"]}, {"type": "fedora", "idList": ["FEDORA:C6E3D20874B", "FEDORA:1F1E0208E45", "FEDORA:7B281208E0D", "FEDORA:7F488208D56", "FEDORA:62EF0208E0E"]}], "modified": "2017-07-25T10:56:04", "rev": 2}, "vulnersScore": 7.5}, "pluginID": "63375", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2008_11956.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2008-11956 (libcdaudio)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libcdaudio is a library designed to provide functions to control\noperation of a CD-ROM when playing audio CDs. It also contains\nfunctions for CDDB and CD Index lookup.\n\nUpdate Information:\n\nThis update fixes a potential buffer overflow caused by large amount of CDDB\nreplies (CVE-2005-0706).\n\nChangeLog:\n\n* Sat Dec 27 2008 Axel Thimm - 0.99.12p2-11\n- Fix CVE-2005-0706.\n* Wed May 21 2008 Tom spot Callaway - 0.99.12p2-10\n- took COPYING out of doc (it is simply wrong)\n- fixed license tag\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libcdaudio' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-11956\";\ntag_summary = \"The remote host is missing an update to libcdaudio\nannounced via advisory FEDORA-2008-11956.\";\n\n\n\nif(description)\n{\n script_id(63375);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)\");\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2008-11956 (libcdaudio)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=470552\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libcdaudio\", rpm:\"libcdaudio~0.99.12p2~11.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcdaudio-devel\", rpm:\"libcdaudio-devel~0.99.12p2~11.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcdaudio-debuginfo\", rpm:\"libcdaudio-debuginfo~0.99.12p2~11.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:34:53", "description": "Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.", "edition": 3, "cvss3": {}, "published": "2005-05-02T04:00:00", "title": "CVE-2005-0706", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-0706"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:grip:grip:3.1.4", "cpe:/a:grip:grip:2.9.6", "cpe:/a:grip:grip:3.1.2", "cpe:/a:grip:grip:3.2.0"], "id": "CVE-2005-0706", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0706", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:grip:grip:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:grip:grip:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:grip:grip:2.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:grip:grip:3.1.4:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:56", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "### Background\n\nGnomeVFS is a filesystem abstraction library for the GNOME desktop environment. libcdaudio is a multi-platform CD player development library. They both include code to query CDDB servers to get Audio CD track titles. \n\n### Description\n\nJoseph VanAndel has discovered a buffer overflow in Grip when processing large CDDB results (see GLSA 200503-21). The same overflow is present in GnomeVFS and libcdaudio code. \n\n### Impact\n\nA malicious CDDB server could cause applications making use of GnomeVFS or libcdaudio libraries to crash, potentially allowing the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll GnomeVFS users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose gnome-base/gnome-vfs\n\nAll libcdaudio users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libcdaudio-0.99.10-r1\"", "edition": 1, "modified": "2005-04-13T00:00:00", "published": "2005-04-08T00:00:00", "id": "GLSA-200504-07", "href": "https://security.gentoo.org/glsa/200504-07", "type": "gentoo", "title": "GnomeVFS, libcdaudio: CDDB response overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:56", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "### Background\n\nGrip is a GTK+ based audio CD player/ripper. \n\n### Description\n\nJoseph VanAndel has discovered a buffer overflow in Grip when processing large CDDB results. \n\n### Impact\n\nA malicious CDDB server could cause Grip to crash by returning more then 16 matches, potentially allowing the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nDisable automatic CDDB queries, but we highly encourage users to upgrade to 3.3.0. \n\n### Resolution\n\nAll Grip users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-sound/grip-3.3.0\"", "edition": 1, "modified": "2005-03-17T00:00:00", "published": "2005-03-17T00:00:00", "id": "GLSA-200503-21", "href": "https://security.gentoo.org/glsa/200503-21", "type": "gentoo", "title": "Grip: CDDB response overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:10", "bulletinFamily": "software", "cvelist": ["CVE-2005-0706"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://nostatic.org/grip\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200503-21.xml)\n[Secunia Advisory ID:14441](https://secuniaresearch.flexerasoftware.com/advisories/14441/)\n[Secunia Advisory ID:14758](https://secuniaresearch.flexerasoftware.com/advisories/14758/)\n[Secunia Advisory ID:14529](https://secuniaresearch.flexerasoftware.com/advisories/14529/)\n[Secunia Advisory ID:14900](https://secuniaresearch.flexerasoftware.com/advisories/14900/)\n[Secunia Advisory ID:15046](https://secuniaresearch.flexerasoftware.com/advisories/15046/)\n[Secunia Advisory ID:14803](https://secuniaresearch.flexerasoftware.com/advisories/14803/)\n[Secunia Advisory ID:14877](https://secuniaresearch.flexerasoftware.com/advisories/14877/)\n[Secunia Advisory ID:15048](https://secuniaresearch.flexerasoftware.com/advisories/15048/)\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-304.html\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:075\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:074\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:066\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_10_sr.html\nOther Advisory URL: http://sourceforge.net/tracker/?group_id=3714&atid=103714&func=detail&aid=834724\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-07.xml\n[CVE-2005-0706](https://vulners.com/cve/CVE-2005-0706)\n", "modified": "2003-11-02T05:32:34", "published": "2003-11-02T05:32:34", "href": "https://vulners.com/osvdb/OSVDB:14643", "id": "OSVDB:14643", "type": "osvdb", "title": "grip CDDB Multiple Matches Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:02", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "gnome-vfs2\n[2.8.2-8.7.EL4_7.2]\n- Fix Requires to ensure subpackages match the parent package\n[2.8.2-8.7.EL4_7.1]\n- CVE-2005-0706: buffer overflow caused by large amount of CDDB replies\n- Resolves: #471051\nsamba\n[3.0.28-0.0.2.el4.9]\n- Remove samba-oracle.patch as the gnome-vfs2 build issue is fixed", "edition": 4, "modified": "2009-01-07T00:00:00", "published": "2009-01-07T00:00:00", "id": "ELSA-2009-0005", "href": "http://linux.oracle.com/errata/ELSA-2009-0005.html", "title": "gnome-vfs, gnome-vfs2 security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:26", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and\ncdda2wav) and Ogg Vorbis encoders.\n\nDean Brettle discovered a buffer overflow bug in the way grip handles data\nreturned by CDDB servers. It is possible that if a user connects to a\nmalicious CDDB server, an attacker could execute arbitrary code on the\nvictim's machine. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-0706 to this issue.\n\nUsers of grip should upgrade to this updated package, which\ncontains a backported patch, and is not vulnerable to this issue.", "modified": "2018-03-14T19:26:36", "published": "2005-03-28T05:00:00", "id": "RHSA-2005:304", "href": "https://access.redhat.com/errata/RHSA-2005:304", "type": "redhat", "title": "(RHSA-2005:304) grip security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:44:46", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "GNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system when\nhandling data returned by CDDB servers. If a user connected to a malicious\nCDDB server, an attacker could use this flaw to execute arbitrary code on\nthe victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue. All\nrunning GNOME sessions must be restarted for the update to take effect.", "modified": "2019-03-22T23:42:59", "published": "2009-01-07T05:00:00", "id": "RHSA-2009:0005", "href": "https://access.redhat.com/errata/RHSA-2009:0005", "type": "redhat", "title": "(RHSA-2009:0005) Moderate: gnome-vfs, gnome-vfs2 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:26:16", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0005\n\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system when\nhandling data returned by CDDB servers. If a user connected to a malicious\nCDDB server, an attacker could use this flaw to execute arbitrary code on\nthe victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue. All\nrunning GNOME sessions must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027621.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027623.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027629.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027631.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027556.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027557.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027588.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027589.html\n\n**Affected packages:**\ngnome-vfs2\ngnome-vfs2-devel\ngnome-vfs2-smb\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0005.html", "edition": 4, "modified": "2009-02-04T18:13:20", "published": "2009-01-07T22:22:23", "href": "http://lists.centos.org/pipermail/centos-announce/2009-January/027556.html", "id": "CESA-2009:0005", "title": "gnome security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:26:24", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0005-01\n\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system when\nhandling data returned by CDDB servers. If a user connected to a malicious\nCDDB server, an attacker could use this flaw to execute arbitrary code on\nthe victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue. All\nrunning GNOME sessions must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027611.html\n\n**Affected packages:**\ngnome-vfs\ngnome-vfs-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2009-02-02T23:27:51", "published": "2009-02-02T23:27:51", "href": "http://lists.centos.org/pipermail/centos-announce/2009-February/027611.html", "id": "CESA-2009:0005-01", "title": "gnome security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:12", "bulletinFamily": "software", "cvelist": ["CVE-2005-0706"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200504-07\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: GnomeVFS, libcdaudio: CDDB response overflow\r\n Date: April 08, 2005\r\n Bugs: #84936\r\n ID: 200504-07\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nThe GnomeVFS and libcdaudio libraries contain a buffer overflow that\r\ncan be triggered by a large CDDB response, potentially allowing the\r\nexecution of arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nGnomeVFS is a filesystem abstraction library for the GNOME desktop\r\nenvironment. libcdaudio is a multi-platform CD player development\r\nlibrary. They both include code to query CDDB servers to get Audio CD\r\ntrack titles.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 gnome-base/gnome-vfs < 2.8.4-r1 >= 2.8.4-r1\r\n 2 media-libs/libcdaudio < 0.99.10-r1 >= 0.99.10-r1\r\n -------------------------------------------------------------------\r\n 2 affected packages on all of their supported architectures.\r\n -------------------------------------------------------------------\r\n\r\nDescription\r\n===========\r\n\r\nJoseph VanAndel has discovered a buffer overflow in Grip when\r\nprocessing large CDDB results (see GLSA 200503-21). The same overflow\r\nis present in GnomeVFS and libcdaudio code.\r\n\r\nImpact\r\n======\r\n\r\nA malicious CDDB server could cause applications making use of GnomeVFS\r\nor libcdaudio libraries to crash, potentially allowing the execution of\r\narbitrary code with the privileges of the user running the application.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll GnomeVFS users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=gnome-base/gnome-vfs-2.8.4-r1"\r\n\r\nAll libcdaudio users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=media-libs/libcdaudio-0.99.10-r1"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CAN-2005-0706\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706\r\n [ 2 ] GLSA 200503-21\r\n http://www.gentoo.org/security/en/glsa/glsa-200503-21.xml\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200504-07.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2005 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.0\r\n", "edition": 1, "modified": "2005-04-09T00:00:00", "published": "2005-04-09T00:00:00", "id": "SECURITYVULNS:DOC:8267", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:8267", "title": "[Full-disclosure] [ GLSA 200504-07 ] GnomeVFS, libcdaudio: CDDB response overflow", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:01", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "\nJoseph VanAndel reports that grip is vulnerability to a\n\t buffer overflow vulnerability when receiving more than 16\n\t CDDB responses. This could lead to a crash in grip and\n\t potentially execution arbitrary code.\nA workaround is to disable CDDB lookups.\n", "edition": 4, "modified": "2005-03-18T00:00:00", "published": "2003-11-02T00:00:00", "id": "BCF27002-94C3-11D9-A9E0-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/bcf27002-94c3-11d9-a9e0-0001020eed82.html", "title": "grip -- CDDB response multiple matches buffer overflow vulnerability", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:19", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706", "CVE-2008-5030"], "description": "\nsecurityfocus reports:\n\nThe 'libcdaudio' library is prone to a remote heap code in the\n\t context of an application that uses the library. Failed attacks will\n\t cause denial-of-service conditions.\n\n\nA buffer-overflow in Grip occurs when the software processes a\n\t response to a CDDB query that has more than 16 matches.\nTo exploit this issue, an attacker must be able to influence the\n\t response to a CDDB query, either by controlling a malicious CDDB\n\t server or through some other means. Successful exploits will allow\n\t arbitrary code to run.\n\n", "edition": 4, "modified": "2008-11-05T00:00:00", "published": "2008-11-05T00:00:00", "id": "BD730827-DFE0-11DD-A765-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/bd730827-dfe0-11dd-a765-0030843d3802.html", "title": "libcdaudio -- remote buffer overflow and code execution", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "libcdaudio is a library designed to provide functions to control operation of a CD-ROM when playing audio CDs. It also contains functions for CDDB and CD Index lookup. ", "modified": "2009-02-05T02:14:34", "published": "2009-02-05T02:14:34", "id": "FEDORA:1F1E0208E45", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: libcdaudio-0.99.12p2-11.fc10", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or just a section of a track. Grip supports the CDDB protocol for accessing track information on disc database servers. ", "modified": "2008-12-03T01:31:18", "published": "2008-12-03T01:31:18", "id": "FEDORA:62EF0208E0E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: grip-3.2.0-24.fc10", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or just a section of a track. Grip supports the CDDB protocol for accessing track information on disc database servers. ", "modified": "2008-11-19T14:45:30", "published": "2008-11-19T14:45:30", "id": "FEDORA:C6E3D20874B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: grip-3.2.0-24.fc9", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "libcdaudio is a library designed to provide functions to control operation of a CD-ROM when playing audio CDs. It also contains functions for CDDB and CD Index lookup. ", "modified": "2009-02-05T02:22:51", "published": "2009-02-05T02:22:51", "id": "FEDORA:7B281208E0D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libcdaudio-0.99.12p2-11.fc9", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0706"], "description": "Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or just a section of a track. Grip supports the CDDB protocol for accessing track information on disc database servers. ", "modified": "2008-11-19T14:52:50", "published": "2008-11-19T14:52:50", "id": "FEDORA:7F488208D56", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: grip-3.2.0-24.fc8", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:50:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200504-07.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54909", "href": "http://plugins.openvas.org/nasl.php?oid=54909", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200504-07 (GnomeVFS)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The GnomeVFS and libcdaudio libraries contain a buffer overflow that can be\ntriggered by a large CDDB response, potentially allowing the execution of\narbitrary code.\";\ntag_solution = \"All GnomeVFS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose gnome-base/gnome-vfs\n\nAll libcdaudio users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=media-libs/libcdaudio-0.99.10-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200504-07\nhttp://bugs.gentoo.org/show_bug.cgi?id=84936\nhttp://www.gentoo.org/security/en/glsa/glsa-200503-21.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200504-07.\";\n\n \n\nif(description)\n{\n script_id(54909);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(12770);\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200504-07 (GnomeVFS)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"gnome-base/gnome-vfs\", unaffected: make_list(\"ge 2.8.4-r1\", \"rge 1.0.5-r4\"), vulnerable: make_list(\"lt 2.8.4-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"media-libs/libcdaudio\", unaffected: make_list(\"ge 0.99.10-r1\"), vulnerable: make_list(\"lt 0.99.10-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "Check for the Version of grip", "modified": "2017-07-10T00:00:00", "published": "2009-02-16T00:00:00", "id": "OPENVAS:860753", "href": "http://plugins.openvas.org/nasl.php?oid=860753", "type": "openvas", "title": "Fedora Update for grip FEDORA-2008-10126", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for grip FEDORA-2008-10126\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"grip on Fedora 10\";\ntag_insight = \"Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and\n cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or\n just a section of a track. Grip supports the CDDB protocol for\n accessing track information on disc database servers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00183.html\");\n script_id(860753);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-10126\");\n script_cve_id(\"CVE-2005-0706\");\n script_name( \"Fedora Update for grip FEDORA-2008-10126\");\n\n script_summary(\"Check for the Version of grip\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC10\")\n{\n\n if ((res = isrpmvuln(pkg:\"grip\", rpm:\"grip~3.2.0~24.fc10\", rls:\"FC10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing updates to gnome-vfs announced in\nadvisory CESA-2009:0005-01.", "modified": "2017-07-10T00:00:00", "published": "2009-02-10T00:00:00", "id": "OPENVAS:63347", "href": "http://plugins.openvas.org/nasl.php?oid=63347", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0005-01 (gnome-vfs)", "sourceData": "#CESA-2009:0005-01 63349 1\n# $Id: ovcesa2009_0005_01.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0005-01 (gnome-vfs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0005-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0005\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to gnome-vfs announced in\nadvisory CESA-2009:0005-01.\";\n\n\n\nif(description)\n{\n script_id(63347);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0005-01 (gnome-vfs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gnome-vfs\", rpm:\"gnome-vfs~1.0.1~18.2\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-vfs-devel\", rpm:\"gnome-vfs-devel~1.0.1~18.2\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "Check for the Version of grip", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860720", "href": "http://plugins.openvas.org/nasl.php?oid=860720", "type": "openvas", "title": "Fedora Update for grip FEDORA-2008-9604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for grip FEDORA-2008-9604\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"grip on Fedora 9\";\ntag_insight = \"Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and\n cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or\n just a section of a track. Grip supports the CDDB protocol for\n accessing track information on disc database servers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00429.html\");\n script_id(860720);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-9604\");\n script_cve_id(\"CVE-2005-0706\");\n script_name( \"Fedora Update for grip FEDORA-2008-9604\");\n\n script_summary(\"Check for the Version of grip\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"grip\", rpm:\"grip~3.2.0~24.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200503-21.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54886", "href": "http://plugins.openvas.org/nasl.php?oid=54886", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200503-21 (grip)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Grip contains a buffer overflow that can be triggered by a large CDDB\nresponse, potentially allowing the execution of arbitrary code.\";\ntag_solution = \"All Grip users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-sound/grip-3.3.0'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-21\nhttp://bugs.gentoo.org/show_bug.cgi?id=84704\nhttp://sourceforge.net/tracker/?group_id=3714&atid=103714&func=detail&aid=834724\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200503-21.\";\n\n \n\nif(description)\n{\n script_id(54886);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(12770);\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200503-21 (grip)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-sound/grip\", unaffected: make_list(\"ge 3.3.0\"), vulnerable: make_list(\"lt 3.3.0\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing updates to gnome-vfs announced in\nadvisory CESA-2009:0005-01.", "modified": "2018-04-06T00:00:00", "published": "2009-02-10T00:00:00", "id": "OPENVAS:136141256231063347", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063347", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0005-01 (gnome-vfs)", "sourceData": "#CESA-2009:0005-01 63349 1\n# $Id: ovcesa2009_0005_01.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0005-01 (gnome-vfs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0005-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0005\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to gnome-vfs announced in\nadvisory CESA-2009:0005-01.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63347\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0005-01 (gnome-vfs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gnome-vfs\", rpm:\"gnome-vfs~1.0.1~18.2\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-vfs-devel\", rpm:\"gnome-vfs-devel~1.0.1~18.2\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-20T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52157", "href": "http://plugins.openvas.org/nasl.php?oid=52157", "type": "openvas", "title": "FreeBSD Ports: grip", "sourceData": "#\n#VID bcf27002-94c3-11d9-a9e0-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: grip\n\nCVE-2005-0706\nBuffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a\ndenial of service (crash) and possibly execute arbitrary code by\ncausing the cddb lookup to return more matches than expected.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714\nhttp://www.vuxml.org/freebsd/bcf27002-94c3-11d9-a9e0-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52157);\n script_version(\"$Revision: 4118 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-20 07:32:38 +0200 (Tue, 20 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-0706\");\n script_bugtraq_id(12770);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: grip\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"grip\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.0_7\")<0) {\n txt += 'Package grip version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing an update to libcdaudio\nannounced via advisory FEDORA-2008-11956.", "modified": "2018-04-06T00:00:00", "published": "2009-02-13T00:00:00", "id": "OPENVAS:136141256231063375", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063375", "type": "openvas", "title": "Fedora Core 9 FEDORA-2008-11956 (libcdaudio)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2008_11956.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2008-11956 (libcdaudio)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libcdaudio is a library designed to provide functions to control\noperation of a CD-ROM when playing audio CDs. It also contains\nfunctions for CDDB and CD Index lookup.\n\nUpdate Information:\n\nThis update fixes a potential buffer overflow caused by large amount of CDDB\nreplies (CVE-2005-0706).\n\nChangeLog:\n\n* Sat Dec 27 2008 Axel Thimm - 0.99.12p2-11\n- Fix CVE-2005-0706.\n* Wed May 21 2008 Tom spot Callaway - 0.99.12p2-10\n- took COPYING out of doc (it is simply wrong)\n- fixed license tag\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libcdaudio' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-11956\";\ntag_summary = \"The remote host is missing an update to libcdaudio\nannounced via advisory FEDORA-2008-11956.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63375\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)\");\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2008-11956 (libcdaudio)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=470552\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libcdaudio\", rpm:\"libcdaudio~0.99.12p2~11.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcdaudio-devel\", rpm:\"libcdaudio-devel~0.99.12p2~11.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcdaudio-debuginfo\", rpm:\"libcdaudio-debuginfo~0.99.12p2~11.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "The remote host is missing an update to libcdaudio\nannounced via advisory FEDORA-2008-11848.", "modified": "2018-04-06T00:00:00", "published": "2009-02-10T00:00:00", "id": "OPENVAS:136141256231063329", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063329", "type": "openvas", "title": "Fedora Core 10 FEDORA-2008-11848 (libcdaudio)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2008_11848.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2008-11848 (libcdaudio)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libcdaudio is a library designed to provide functions to control\noperation of a CD-ROM when playing audio CDs. It also contains\nfunctions for CDDB and CD Index lookup.\n\nUpdate Information:\n\nThis update fixes a potential buffer overflow caused by large amount of CDDB\nreplies (CVE-2005-0706).\n\nChangeLog:\n\n* Sat Dec 27 2008 Axel Thimm - 0.99.12p2-11\n- Fix CVE-2005-0706.\n* Wed May 21 2008 Tom spot Callaway - 0.99.12p2-10\n- took COPYING out of doc (it is simply wrong)\n- fixed license tag\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libcdaudio' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-11848\";\ntag_summary = \"The remote host is missing an update to libcdaudio\nannounced via advisory FEDORA-2008-11848.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63329\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2005-0706\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2008-11848 (libcdaudio)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=470552\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libcdaudio\", rpm:\"libcdaudio~0.99.12p2~11.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcdaudio-devel\", rpm:\"libcdaudio-devel~0.99.12p2~11.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcdaudio-debuginfo\", rpm:\"libcdaudio-debuginfo~0.99.12p2~11.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "description": "Check for the Version of gnome-vfs", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880939", "href": "http://plugins.openvas.org/nasl.php?oid=880939", "type": "openvas", "title": "CentOS Update for gnome-vfs CESA-2009:0005-01 centos2 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gnome-vfs CESA-2009:0005-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"GNOME VFS is the GNOME virtual file system. It provides a modular\n architecture and ships with several modules that implement support for\n various local and remote file systems as well as numerous protocols,\n including HTTP, FTP, and others.\n\n A buffer overflow flaw was discovered in the GNOME virtual file system when\n handling data returned by CDDB servers. If a user connected to a malicious\n CDDB server, an attacker could use this flaw to execute arbitrary code on\n the victim's machine. (CVE-2005-0706)\n \n Users of gnome-vfs and gnome-vfs2 are advised to upgrade to these updated\n packages, which contain a backported patch to correct this issue. All\n running GNOME sessions must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"gnome-vfs on CentOS 2\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-February/015573.html\");\n script_id(880939);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0005-01\");\n script_cve_id(\"CVE-2005-0706\");\n script_name(\"CentOS Update for gnome-vfs CESA-2009:0005-01 centos2 i386\");\n\n script_summary(\"Check for the Version of gnome-vfs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-vfs\", rpm:\"gnome-vfs~1.0.1~18.2\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-vfs-devel\", rpm:\"gnome-vfs-devel~1.0.1~18.2\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T11:51:26", "description": "A buffer overflow bug was found by Joseph VanAndel in the way that\ngrip handles data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could execute arbitrary code on the\nuser's machine.\n\nThe updated packages have been patched to correct these issues.", "edition": 25, "published": "2005-04-02T00:00:00", "title": "Mandrake Linux Security Advisory : grip (MDKSA-2005:066)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2005-04-02T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:grip"], "id": "MANDRAKE_MDKSA-2005-066.NASL", "href": "https://www.tenable.com/plugins/nessus/17678", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:066. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17678);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"MDKSA\", value:\"2005:066\");\n\n script_name(english:\"Mandrake Linux Security Advisory : grip (MDKSA-2005:066)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow bug was found by Joseph VanAndel in the way that\ngrip handles data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could execute arbitrary code on the\nuser's machine.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected grip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:grip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"grip-3.1.4-1.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"grip-3.2.0-3.1.101mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:23", "description": "This update fixes a potential buffer overflow caused by large amount\nof CDDB replies (CVE-2005-0706).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-04-23T00:00:00", "title": "Fedora 10 : libcdaudio-0.99.12p2-11.fc10 (2008-11848)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:libcdaudio"], "id": "FEDORA_2008-11848.NASL", "href": "https://www.tenable.com/plugins/nessus/37013", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11848.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37013);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"FEDORA\", value:\"2008-11848\");\n\n script_name(english:\"Fedora 10 : libcdaudio-0.99.12p2-11.fc10 (2008-11848)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a potential buffer overflow caused by large amount\nof CDDB replies (CVE-2005-0706).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=470552\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-February/019743.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?801ca24b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcdaudio package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libcdaudio\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"libcdaudio-0.99.12p2-11.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcdaudio\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:26", "description": "A new grip package is available that fixes a remote buffer overflow.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGrip is a GTK+ based front-end for CD rippers (such as cdparanoia and\ncdda2wav) and Ogg Vorbis encoders.\n\nDean Brettle discovered a buffer overflow bug in the way grip handles\ndata returned by CDDB servers. It is possible that if a user connects\nto a malicious CDDB server, an attacker could execute arbitrary code\non the victim's machine. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-0706 to this\nissue.\n\nUsers of grip should upgrade to this updated package, which contains a\nbackported patch, and is not vulnerable to this issue.", "edition": 28, "published": "2005-03-29T00:00:00", "title": "RHEL 2.1 : grip (RHSA-2005:304)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2005-03-29T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:grip"], "id": "REDHAT-RHSA-2005-304.NASL", "href": "https://www.tenable.com/plugins/nessus/17644", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:304. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17644);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"RHSA\", value:\"2005:304\");\n\n script_name(english:\"RHEL 2.1 : grip (RHSA-2005:304)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A new grip package is available that fixes a remote buffer overflow.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGrip is a GTK+ based front-end for CD rippers (such as cdparanoia and\ncdda2wav) and Ogg Vorbis encoders.\n\nDean Brettle discovered a buffer overflow bug in the way grip handles\ndata returned by CDDB servers. It is possible that if a user connects\nto a malicious CDDB server, an attacker could execute arbitrary code\non the victim's machine. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-0706 to this\nissue.\n\nUsers of grip should upgrade to this updated package, which contains a\nbackported patch, and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:304\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected grip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:304\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"grip-2.96-1.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grip\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:44:19", "description": "From Red Hat Security Advisory 2009:0005 :\n\nUpdated GNOME VFS packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 2.1, 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system\nwhen handling data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could use this flaw to execute\narbitrary code on the victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this\nissue. All running GNOME sessions must be restarted for the update to\ntake effect.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 : gnome-vfs / gnome-vfs2 (ELSA-2009-0005)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:samba-common", "p-cpe:/a:oracle:linux:gnome-vfs2", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:samba-client", "p-cpe:/a:oracle:linux:gnome-vfs2-devel", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:samba", "p-cpe:/a:oracle:linux:samba-swat", "p-cpe:/a:oracle:linux:gnome-vfs2-smb"], "id": "ORACLELINUX_ELSA-2009-0005.NASL", "href": "https://www.tenable.com/plugins/nessus/67784", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0005 and \n# Oracle Linux Security Advisory ELSA-2009-0005 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67784);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"RHSA\", value:\"2009:0005\");\n\n script_name(english:\"Oracle Linux 3 / 4 : gnome-vfs / gnome-vfs2 (ELSA-2009-0005)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0005 :\n\nUpdated GNOME VFS packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 2.1, 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system\nwhen handling data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could use this flaw to execute\narbitrary code on the victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this\nissue. All running GNOME sessions must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000853.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000854.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnome-vfs and / or gnome-vfs2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-vfs2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-vfs2-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:samba-swat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"gnome-vfs2-2.2.5-2E.3.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"gnome-vfs2-2.2.5-2E.3.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"gnome-vfs2-devel-2.2.5-2E.3.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"gnome-vfs2-devel-2.2.5-2E.3.3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"gnome-vfs2-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"gnome-vfs2-devel-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"gnome-vfs2-smb-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-3.0.28-0.0.2.el4.9\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-client-3.0.28-0.0.2.el4.9\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-common-3.0.28-0.0.2.el4.9\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"samba-swat-3.0.28-0.0.2.el4.9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnome-vfs2 / gnome-vfs2-devel / gnome-vfs2-smb / samba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:26", "description": "A buffer overflow bug was found by Joseph VanAndel in the way that\ngrip handles data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could execute arbitrary code on the\nuser's machine. This same vulnerability is present in the gnome-vfs2\ncode.\n\nThe updated packages have been patched to correct these issues.", "edition": 25, "published": "2005-04-21T00:00:00", "title": "Mandrake Linux Security Advisory : gnome-vfs2 (MDKSA-2005:074)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2005-04-21T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:libgnome-vfs2_0", "p-cpe:/a:mandriva:linux:gnome-vfs2", "p-cpe:/a:mandriva:linux:lib64gnome-vfs2_0-devel", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:lib64gnome-vfs2_0", "p-cpe:/a:mandriva:linux:libgnome-vfs2_0-devel"], "id": "MANDRAKE_MDKSA-2005-074.NASL", "href": "https://www.tenable.com/plugins/nessus/18104", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:074. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18104);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"MDKSA\", value:\"2005:074\");\n\n script_name(english:\"Mandrake Linux Security Advisory : gnome-vfs2 (MDKSA-2005:074)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow bug was found by Joseph VanAndel in the way that\ngrip handles data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could execute arbitrary code on the\nuser's machine. This same vulnerability is present in the gnome-vfs2\ncode.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gnome-vfs2_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gnome-vfs2_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgnome-vfs2_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgnome-vfs2_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"gnome-vfs2-2.6.2-7.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64gnome-vfs2_0-2.6.2-7.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64gnome-vfs2_0-devel-2.6.2-7.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libgnome-vfs2_0-2.6.2-7.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libgnome-vfs2_0-devel-2.6.2-7.1.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"gnome-vfs2-2.8.4-6.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64gnome-vfs2_0-2.8.4-6.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64gnome-vfs2_0-devel-2.8.4-6.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libgnome-vfs2_0-2.8.4-6.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libgnome-vfs2_0-devel-2.8.4-6.1.102mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:29", "description": "Updated GNOME VFS packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 2.1, 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system\nwhen handling data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could use this flaw to execute\narbitrary code on the victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this\nissue. All running GNOME sessions must be restarted for the update to\ntake effect.", "edition": 26, "published": "2009-01-08T00:00:00", "title": "CentOS 3 / 4 : gnome-vfs2 (CESA-2009:0005)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2009-01-08T00:00:00", "cpe": ["p-cpe:/a:centos:centos:gnome-vfs2", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:3", "p-cpe:/a:centos:centos:gnome-vfs2-devel", "p-cpe:/a:centos:centos:gnome-vfs2-smb"], "id": "CENTOS_RHSA-2009-0005.NASL", "href": "https://www.tenable.com/plugins/nessus/35311", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0005 and \n# CentOS Errata and Security Advisory 2009:0005 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35311);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"RHSA\", value:\"2009:0005\");\n\n script_name(english:\"CentOS 3 / 4 : gnome-vfs2 (CESA-2009:0005)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated GNOME VFS packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 2.1, 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system\nwhen handling data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could use this flaw to execute\narbitrary code on the victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this\nissue. All running GNOME sessions must be restarted for the update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015583.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?087419ea\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015585.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3f8793f4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015518.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49e7af3b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015519.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?820f714d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015550.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a93e6aec\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015551.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b3f218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnome-vfs2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-vfs2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-vfs2-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"gnome-vfs2-2.2.5-2E.3.3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"gnome-vfs2-devel-2.2.5-2E.3.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"gnome-vfs2-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"gnome-vfs2-2.8.2-8.7.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"gnome-vfs2-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"gnome-vfs2-devel-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"gnome-vfs2-devel-2.8.2-8.7.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"gnome-vfs2-devel-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"gnome-vfs2-smb-2.8.2-8.7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"gnome-vfs2-smb-2.8.2-8.7.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"gnome-vfs2-smb-2.8.2-8.7.el4_7.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnome-vfs2 / gnome-vfs2-devel / gnome-vfs2-smb\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:06:26", "description": "Updated GNOME VFS packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 2.1, 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system\nwhen handling data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could use this flaw to execute\narbitrary code on the victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this\nissue. All running GNOME sessions must be restarted for the update to\ntake effect.", "edition": 27, "published": "2009-01-07T00:00:00", "title": "RHEL 2.1 / 3 / 4 : gnome-vfs, gnome-vfs2 (RHSA-2009:0005)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2009-01-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:gnome-vfs2-smb", "p-cpe:/a:redhat:enterprise_linux:gnome-vfs", "p-cpe:/a:redhat:enterprise_linux:gnome-vfs2", "p-cpe:/a:redhat:enterprise_linux:gnome-vfs-devel", "p-cpe:/a:redhat:enterprise_linux:gnome-vfs2-devel", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0005.NASL", "href": "https://www.tenable.com/plugins/nessus/35301", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0005. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35301);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"RHSA\", value:\"2009:0005\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 : gnome-vfs, gnome-vfs2 (RHSA-2009:0005)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated GNOME VFS packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 2.1, 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGNOME VFS is the GNOME virtual file system. It provides a modular\narchitecture and ships with several modules that implement support for\nvarious local and remote file systems as well as numerous protocols,\nincluding HTTP, FTP, and others.\n\nA buffer overflow flaw was discovered in the GNOME virtual file system\nwhen handling data returned by CDDB servers. If a user connected to a\nmalicious CDDB server, an attacker could use this flaw to execute\narbitrary code on the victim's machine. (CVE-2005-0706)\n\nUsers of gnome-vfs and gnome-vfs2 are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this\nissue. All running GNOME sessions must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0005\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-vfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-vfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-vfs2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-vfs2-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0005\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"gnome-vfs-1.0.1-18.2\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"gnome-vfs-devel-1.0.1-18.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL3\", reference:\"gnome-vfs2-2.2.5-2E.3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"gnome-vfs2-devel-2.2.5-2E.3.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"gnome-vfs2-2.8.2-8.7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"gnome-vfs2-devel-2.8.2-8.7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"gnome-vfs2-smb-2.8.2-8.7.el4_7.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnome-vfs / gnome-vfs-devel / gnome-vfs2 / gnome-vfs2-devel / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:18", "description": " - Sun Nov 9 2008 Adrian Reber <adrian at lisas.de> -\n 1:3.2.0-24\n\n - fixed 'buffer overflow caused by large amount of CDDB\n replies' (#470552) (CVE-2005-0706)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2009-04-23T00:00:00", "title": "Fedora 10 : grip-3.2.0-24.fc10 (2008-10126)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:grip"], "id": "FEDORA_2008-10126.NASL", "href": "https://www.tenable.com/plugins/nessus/36704", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-10126.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36704);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"FEDORA\", value:\"2008-10126\");\n\n script_name(english:\"Fedora 10 : grip-3.2.0-24.fc10 (2008-10126)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Sun Nov 9 2008 Adrian Reber <adrian at lisas.de> -\n 1:3.2.0-24\n\n - fixed 'buffer overflow caused by large amount of CDDB\n replies' (#470552) (CVE-2005-0706)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=470552\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/017093.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0e6ba86\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected grip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:grip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"grip-3.2.0-24.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:24", "description": "This update fixes a potential buffer overflow caused by large amount\nof CDDB replies (CVE-2005-0706).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-02-05T00:00:00", "title": "Fedora 9 : libcdaudio-0.99.12p2-11.fc9 (2008-11956)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2009-02-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:9", "p-cpe:/a:fedoraproject:fedora:libcdaudio"], "id": "FEDORA_2008-11956.NASL", "href": "https://www.tenable.com/plugins/nessus/35592", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11956.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35592);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"FEDORA\", value:\"2008-11956\");\n\n script_name(english:\"Fedora 9 : libcdaudio-0.99.12p2-11.fc9 (2008-11956)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a potential buffer overflow caused by large amount\nof CDDB replies (CVE-2005-0706).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=470552\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-February/019828.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3987d82f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcdaudio package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libcdaudio\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"libcdaudio-0.99.12p2-11.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcdaudio\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:56", "description": "The remote host is affected by the vulnerability described in GLSA-200503-21\n(Grip: CDDB response overflow)\n\n Joseph VanAndel has discovered a buffer overflow in Grip when\n processing large CDDB results.\n \nImpact :\n\n A malicious CDDB server could cause Grip to crash by returning\n more then 16 matches, potentially allowing the execution of arbitrary\n code with the privileges of the user running the application.\n \nWorkaround :\n\n Disable automatic CDDB queries, but we highly encourage users to\n upgrade to 3.3.0.", "edition": 24, "published": "2005-03-17T00:00:00", "title": "GLSA-200503-21 : Grip: CDDB response overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0706"], "modified": "2005-03-17T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:grip", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200503-21.NASL", "href": "https://www.tenable.com/plugins/nessus/17353", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200503-21.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17353);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0706\");\n script_xref(name:\"GLSA\", value:\"200503-21\");\n\n script_name(english:\"GLSA-200503-21 : Grip: CDDB response overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200503-21\n(Grip: CDDB response overflow)\n\n Joseph VanAndel has discovered a buffer overflow in Grip when\n processing large CDDB results.\n \nImpact :\n\n A malicious CDDB server could cause Grip to crash by returning\n more then 16 matches, potentially allowing the execution of arbitrary\n code with the privileges of the user running the application.\n \nWorkaround :\n\n Disable automatic CDDB queries, but we highly encourage users to\n upgrade to 3.3.0.\"\n );\n # http://sourceforge.net/tracker/?group_id=3714&atid=103714&func=detail&aid=834724\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d837aaf3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200503-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Grip users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-sound/grip-3.3.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:grip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/17\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/11/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-sound/grip\", unaffected:make_list(\"ge 3.3.0\"), vulnerable:make_list(\"lt 3.3.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Grip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
