Debian Security Advisory DSA 1835-1 (tiff)

Debian Security Advisory DSA 1835-1 (TIFF) describes multiple vulnerabilities in the Tag Image File Format library, including crashes and execution of arbitrary code due to malformed images

Reporter	Title	Published	Views	Family All 179
Tenable Nessus	Mac OS X 10.6 < 10.6.2 Multiple Vulnerabilities	10 Nov 200900:00	–	nessus
Tenable Nessus	Apple iOS < 3.1.3 Multiple Vulnerabilities	12 Feb 201000:00	–	nessus
Tenable Nessus	Safari < 4.0.5 Multiple Vulnerabilities	11 Mar 201000:00	–	nessus
Tenable Nessus	iTunes < 9.1 Multiple Vulnerabilities	31 Mar 201000:00	–	nessus
Tenable Nessus	Mac OS X 10.6 < 10.6.2 Multiple Vulnerabilities	10 Nov 200900:00	–	nessus
Tenable Nessus	CentOS 3 / 5 : libtiff (CESA-2009:1159)	23 Jul 200900:00	–	nessus
Tenable Nessus	Debian DSA-1835-1 : tiff - several vulnerabilities	24 Feb 201000:00	–	nessus
Tenable Nessus	Fedora 9 : libtiff-3.8.2-13.fc9 (2009-7335)	6 Jul 200900:00	–	nessus
Tenable Nessus	Fedora 10 : libtiff-3.8.2-13.fc10 (2009-7358)	6 Jul 200900:00	–	nessus
Tenable Nessus	Fedora 11 : libtiff-3.8.2-13.fc11 (2009-7417)	6 Jul 200900:00	–	nessus

# OpenVAS Vulnerability Test
# $Id: deb_1835_1.nasl 6615 2017-07-07 12:09:52Z cfischer $
# Description: Auto-generated from advisory DSA 1835-1 (tiff)
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "Several vulnerabilities have been discovered in the library for the
Tag Image File Format (TIFF). The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-2285

It was discovered that malformed TIFF images can lead to a crash
in the decompression code, resulting in denial of service.

CVE-2009-2347

Andrea Barisani discovered several integer overflows, which
can lead to the execution of arbitrary code if malformed
images are passed to the rgb2ycbcr or tiff2rgba tools.

For the old stable distribution (etch), these problems have been fixed
in version 3.8.2-7+etch3.

For the stable distribution (lenny), these problems have been fixed in
version 3.8.2-11.2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your tiff packages.";
tag_summary = "The remote host is missing an update to tiff
announced via advisory DSA 1835-1.";

tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201835-1";


if(description)
{
 script_id(64422);
 script_version("$Revision: 6615 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)");
 script_cve_id("CVE-2009-2285", "CVE-2009-2347");
 script_tag(name:"cvss_base", value:"9.3");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_name("Debian Security Advisory DSA 1835-1 (tiff)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("Debian Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"libtiff4-dev", ver:"3.8.2-7+etch3", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.8.2-7+etch3", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff4", ver:"3.8.2-7+etch3", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff-tools", ver:"3.8.2-7+etch3", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff-opengl", ver:"3.8.2-7+etch3", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff-doc", ver:"3.8.2-11.2", rls:"DEB5.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff4", ver:"3.8.2-11.2", rls:"DEB5.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff4-dev", ver:"3.8.2-11.2", rls:"DEB5.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff-opengl", ver:"3.8.2-11.2", rls:"DEB5.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.8.2-11.2", rls:"DEB5.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libtiff-tools", ver:"3.8.2-11.2", rls:"DEB5.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

07 Jul 2017 00:00Current

0.9Low risk

Vulners AI Score0.9

EPSS0.16784