ID SUSE-SU-2017:1044-1 Type suse Reporter Suse Modified 2017-04-18T15:13:00
Description
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial
of service (heap-based buffer overflow) or possibly have unspecified
other impact via a crafted TIFF image, related to "WRITE of size 2048"
and libtiff/tif_next.c:64:9 (bsc#1031247).
- CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows remote
attackers to cause a denial of service (heap-based buffer over-read and
buffer overflow) or possibly have unspecified other impact via a crafted
TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13
(bsc#1031249).
- CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to cause a denial
of service (heap-based buffer over-read) or possibly have unspecified
other impact via a crafted TIFF image, related to "READ of size 8" and
libtiff/tif_read.c:523:22 (bsc#1031250).
- CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to cause a denial
of service (heap-based buffer over-read) or possibly have unspecified
other impact via a crafted TIFF image, related to "READ of size 512" and
libtiff/tif_unix.c:340:2 (bsc#1031254).
- CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers
to cause a denial of service (integer underflow and heap-based buffer
under-read) or possibly have unspecified other impact via a crafted TIFF
image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23
(bsc#1031255).
- CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to cause a denial
of service (divide-by-zero error and application crash) via a crafted
TIFF image, related to libtiff/tif_ojpeg.c:816:8 (bsc#1031262).
- CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to cause a denial
of service (divide-by-zero error and application crash) via a crafted
TIFF image, related to libtiff/tif_read.c:351:22. (bsc#1031263).
{"type": "suse", "published": "2017-04-18T15:13:00", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00019.html", "hashmap": [{"key": "affectedPackage", "hash": "72051cecd40493bf69a7ec5033083814"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "156e573cb3d6958203988cbe2b4e0273"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "2421e4f12cec9323ba67c09c5fcd2113"}, {"key": "href", "hash": "70893186d5ac005fd2e614d6b1fcdaf9"}, {"key": "modified", "hash": "d4dd7d5e48b657654f30763b8e7e90ee"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "d4dd7d5e48b657654f30763b8e7e90ee"}, {"key": "references", "hash": "0a34920c521b41ee1a8b1e523be20f6f"}, {"key": "reporter", "hash": "403f5d2e0d35fd03d5596c275ba99340"}, {"key": "title", "hash": "73698e15ff2e92807f7f3445b7803280"}, {"key": "type", "hash": "f9dc32aae2d2341a550dd89f78cc49b3"}], "bulletinFamily": "unix", "cvss": {"vector": "NONE", "score": 0.0}, "viewCount": 13, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "Suse", "title": "Security update for tiff (important)", "enchantments": {"score": {"value": 6.5, "vector": "NONE", "modified": "2017-04-18T13:18:34"}, "dependencies": {"references": [{"type": "nessus", "idList": ["SUSE_SU-2017-1044-1.NASL", "FEDORA_2017-AB3ACDDD21.NASL", "OPENSUSE-2017-515.NASL", "FEDORA_2017-05B9048FBC.NASL", "DEBIAN_DLA-877.NASL", "DEBIAN_DSA-3844.NASL", "EULEROS_SA-2019-2265.NASL", "UBUNTU_USN-3602-1.NASL", "SUSE_SU-2018-1472-1.NASL", "EULEROS_SA-2019-2209.NASL"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:1108-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851541", "OPENVAS:1361412562310872558", "OPENVAS:1361412562310890877", "OPENVAS:703844", "OPENVAS:1361412562310703844", "OPENVAS:1361412562310812582"]}, {"type": "cve", "idList": ["CVE-2016-10266", "CVE-2016-10272", "CVE-2016-10270", "CVE-2016-10269", "CVE-2016-10267", "CVE-2016-10271", "CVE-2016-10268"]}, {"type": "debian", "idList": ["DEBIAN:DLA-877-1:C34DC", "DEBIAN:DSA-3844-1:F751B"]}, {"type": "ubuntu", "idList": ["USN-3602-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:B5964D2AB72D599E586D491432260541"]}, {"type": "gentoo", "idList": ["GLSA-201709-27"]}], "modified": "2017-04-18T13:18:34"}, "vulnersScore": 6.5}, "references": ["https://bugzilla.suse.com/1031263", "https://bugzilla.suse.com/1031250", "https://bugzilla.suse.com/1031254", "https://bugzilla.suse.com/1031262", "https://bugzilla.suse.com/1031255", "https://bugzilla.suse.com/1031247", "https://bugzilla.suse.com/1031249"], "id": "SUSE-SU-2017:1044-1", "hash": "69f55ece238bb3cd324aeba60f3ff73cdcabfee2d2165d47715dc4685697d45b", "lastseen": "2017-04-18T13:18:34", "cvelist": ["CVE-2016-10266", "CVE-2016-10268", "CVE-2016-10272", "CVE-2016-10270", "CVE-2016-10271", "CVE-2016-10269", "CVE-2016-10267"], "modified": "2017-04-18T15:13:00", "description": "This update for tiff fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer overflow) or possibly have unspecified\n other impact via a crafted TIFF image, related to "WRITE of size 2048"\n and libtiff/tif_next.c:64:9 (bsc#1031247).\n - CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows remote\n attackers to cause a denial of service (heap-based buffer over-read and\n buffer overflow) or possibly have unspecified other impact via a crafted\n TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13\n (bsc#1031249).\n - CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly have unspecified\n other impact via a crafted TIFF image, related to "READ of size 8" and\n libtiff/tif_read.c:523:22 (bsc#1031250).\n - CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly have unspecified\n other impact via a crafted TIFF image, related to "READ of size 512" and\n libtiff/tif_unix.c:340:2 (bsc#1031254).\n - CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers\n to cause a denial of service (integer underflow and heap-based buffer\n under-read) or possibly have unspecified other impact via a crafted TIFF\n image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23\n (bsc#1031255).\n - CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash) via a crafted\n TIFF image, related to libtiff/tif_ojpeg.c:816:8 (bsc#1031262).\n - CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash) via a crafted\n TIFF image, related to libtiff/tif_read.c:351:22. (bsc#1031263).\n\n", "affectedPackage": [{"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.aarch64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.aarch64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo-32bit", "packageFilename": "libtiff5-debuginfo-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-32bit", "packageFilename": "libtiff5-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo-32bit", "packageFilename": "libtiff5-debuginfo-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.aarch64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.aarch64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.aarch64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.aarch64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.ppc64le.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.ppc64le.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.ppc64le.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.ppc64le.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo-32bit", "packageFilename": "libtiff5-debuginfo-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-32bit", "packageFilename": "libtiff5-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-32bit", "packageFilename": "libtiff5-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-32bit", "packageFilename": "libtiff5-32bit-4.0.7-43.1.s390x.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo-32bit", "packageFilename": "libtiff5-debuginfo-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.aarch64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.ppc64le.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.x86_64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.s390x.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.s390x.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.aarch64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo-32bit", "packageFilename": "libtiff5-debuginfo-32bit-4.0.7-43.1.s390x.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.aarch64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.x86_64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.s390x.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.ppc64le.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.x86_64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff-devel", "packageFilename": "libtiff-devel-4.0.7-43.1.s390x.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-32bit", "packageFilename": "libtiff5-32bit-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "s390x", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debuginfo", "packageFilename": "tiff-debuginfo-4.0.7-43.1.s390x.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.x86_64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.aarch64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.ppc64le.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff", "packageFilename": "tiff-4.0.7-43.1.ppc64le.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.x86_64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.x86_64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.aarch64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.x86_64.rpm"}, {"arch": "ppc64le", "operator": "lt", "OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.ppc64le.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5", "packageFilename": "libtiff5-4.0.7-43.1.aarch64.rpm"}, {"arch": "aarch64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.0.7-43.1", "packageName": "libtiff5-debuginfo", "packageFilename": "libtiff5-debuginfo-4.0.7-43.1.aarch64.rpm"}, {"arch": "x86_64", "operator": "lt", "OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "4.0.7-43.1", "packageName": "tiff-debugsource", "packageFilename": "tiff-debugsource-4.0.7-43.1.x86_64.rpm"}]}
{"openvas": [{"lastseen": "2019-05-29T18:34:06", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-04-12T00:00:00", "id": "OPENVAS:1361412562310872558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872558", "title": "Fedora Update for libtiff FEDORA-2017-ab3acddd21", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libtiff FEDORA-2017-ab3acddd21\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872558\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-12 06:39:43 +0200 (Wed, 12 Apr 2017)\");\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\",\n \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-10271\", \"CVE-2016-10272\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libtiff FEDORA-2017-ab3acddd21\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libtiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libtiff on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-ab3acddd21\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLH7V5OQSTAJWJSTJANTEQ4WZWONWL4W\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff\", rpm:\"libtiff~4.0.7~4.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:41", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2017-04-27T00:00:00", "id": "OPENVAS:1361412562310851541", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851541", "title": "SuSE Update for tiff openSUSE-SU-2017:1108-1 (tiff)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2017_1108_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for tiff openSUSE-SU-2017:1108-1 (tiff)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851541\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-27 07:17:10 +0200 (Thu, 27 Apr 2017)\");\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\",\n \"CVE-2016-10270\", \"CVE-2016-10271\", \"CVE-2016-10272\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for tiff openSUSE-SU-2017:1108-1 (tiff)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This update for tiff fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer overflow) or possibly have unspecified\n other impact via a crafted TIFF image, related to 'WRITE of size 2048'\n and libtiff/tif_next.c:64:9 (bsc#1031247).\n\n - CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows remote\n attackers to cause a denial of service (heap-based buffer over-read and\n buffer overflow) or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 1' and libtiff/tif_fax3.c:413:13\n (bsc#1031249).\n\n - CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly have unspecified\n other impact via a crafted TIFF image, related to 'READ of size 8' and\n libtiff/tif_read.c:523:22 (bsc#1031250).\n\n - CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly have unspecified\n other impact via a crafted TIFF image, related to 'READ of size 512' and\n libtiff/tif_unix.c:340:2 (bsc#1031254).\n\n - CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers\n to cause a denial of service (integer underflow and heap-based buffer\n under-read) or possibly have unspecified other impact via a crafted TIFF\n image, related to 'READ of size 78490' and libtiff/tif_unix.c:115:23\n (bsc#1031255).\n\n - CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash) via a crafted\n TIFF image, related to libtiff/tif_ojpeg.c:816:8 (bsc#1031262).\n\n - CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash) via a crafted\n TIFF image, related to libtiff/tif_read.c:351:22. (bsc#1031263).\n\n This update was imported from the SUSE:SLE-12:Update update project.\");\n script_tag(name:\"affected\", value:\"tiff on openSUSE Leap 42.2, openSUSE Leap 42.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:1108_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSELeap42\\.2|openSUSELeap42\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5\", rpm:\"libtiff5~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5-debuginfo\", rpm:\"libtiff5-debuginfo~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tiff-debuginfo\", rpm:\"tiff-debuginfo~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tiff-debugsource\", rpm:\"tiff-debugsource~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff-devel-32bit\", rpm:\"libtiff-devel-32bit~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5-32bit\", rpm:\"libtiff5-32bit~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5-debuginfo-32bit\", rpm:\"libtiff5-debuginfo-32bit~4.0.7~17.3.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSELeap42.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5\", rpm:\"libtiff5~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5-debuginfo\", rpm:\"libtiff5-debuginfo~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tiff-debuginfo\", rpm:\"tiff-debuginfo~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tiff-debugsource\", rpm:\"tiff-debugsource~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff-devel-32bit\", rpm:\"libtiff-devel-32bit~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5-32bit\", rpm:\"libtiff5-32bit~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtiff5-debuginfo-32bit\", rpm:\"libtiff5-debuginfo-32bit~4.0.7~18.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:39", "bulletinFamily": "scanner", "description": "libtiff is vulnerable to multiple buffer overflows and integer overflows\nthat can lead to application crashes (denial of service) or worse.\n\nCVE-2016-10266\n\nInteger overflow that can lead to divide-by-zero in\nTIFFReadEncodedStrip (tif_read.c).\n\nCVE-2016-10267\n\nDivide-by-zero error in OJPEGDecodeRaw (tif_ojpeg.c).\n\nCVE-2016-10268\n\nHeap-based buffer overflow in TIFFReverseBits (tif_swab.c).\n\nCVE-2016-10269\n\nHeap-based buffer overflow in _TIFFmemcpy (tif_unix.c).", "modified": "2019-03-18T00:00:00", "published": "2018-01-12T00:00:00", "id": "OPENVAS:1361412562310890877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310890877", "title": "Debian LTS Advisory ([SECURITY] [DLA 877-1] tiff security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_877.nasl 14281 2019-03-18 14:53:48Z cfischer $\n#\n# Auto-generated from advisory DLA 877-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.890877\");\n script_version(\"$Revision: 14281 $\");\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 877-1] tiff security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:53:48 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-12 00:00:00 +0100 (Fri, 12 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/03/msg00035.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"tiff on Debian Linux\");\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n4.0.2-6+deb7u11.\n\nWe recommend that you upgrade your tiff packages.\");\n script_tag(name:\"summary\", value:\"libtiff is vulnerable to multiple buffer overflows and integer overflows\nthat can lead to application crashes (denial of service) or worse.\n\nCVE-2016-10266\n\nInteger overflow that can lead to divide-by-zero in\nTIFFReadEncodedStrip (tif_read.c).\n\nCVE-2016-10267\n\nDivide-by-zero error in OJPEGDecodeRaw (tif_ojpeg.c).\n\nCVE-2016-10268\n\nHeap-based buffer overflow in TIFFReverseBits (tif_swab.c).\n\nCVE-2016-10269\n\nHeap-based buffer overflow in _TIFFmemcpy (tif_unix.c).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5-alt-dev\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5-dev\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiffxx5\", ver:\"4.0.2-6+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:59", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.", "modified": "2019-03-18T00:00:00", "published": "2017-05-03T00:00:00", "id": "OPENVAS:1361412562310703844", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703844", "title": "Debian Security Advisory DSA 3844-1 (tiff - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3844.nasl 14280 2019-03-18 14:50:45Z cfischer $\n# Auto-generated from advisory DSA 3844-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703844\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-3658\", \"CVE-2016-9535\", \"CVE-2017-5225\", \"CVE-2017-7592\", \"CVE-2017-7593\", \"CVE-2017-7594\", \"CVE-2017-7595\", \"CVE-2017-7596\", \"CVE-2017-7597\", \"CVE-2017-7598\", \"CVE-2017-7599\", \"CVE-2017-7600\", \"CVE-2017-7601\", \"CVE-2017-7602\");\n script_name(\"Debian Security Advisory DSA 3844-1 (tiff - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-03 00:00:00 +0200 (Wed, 03 May 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3844.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|9)\");\n script_tag(name:\"affected\", value:\"tiff on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 4.0.3-12.3+deb8u3.\n\nFor the upcoming stable distribution (stretch), these problems have been\nfixed in version 4.0.7-6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.0.7-6.\n\nWe recommend that you upgrade your tiff packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5:i386\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5:amd64\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5-dev:i386\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5-dev:amd64\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiffxx5:i386\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiffxx5:amd64\", ver:\"4.0.3-12.3+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5:i386\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5:amd64\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5-dev:i386\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiff5-dev:amd64\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiffxx5:i386\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtiffxx5:amd64\", ver:\"4.0.7-6\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:57:54", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.", "modified": "2017-07-07T00:00:00", "published": "2017-05-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703844", "id": "OPENVAS:703844", "title": "Debian Security Advisory DSA 3844-1 (tiff - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3844.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3844-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703844);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-3658\", \"CVE-2016-9535\", \"CVE-2017-5225\", \"CVE-2017-7592\", \"CVE-2017-7593\", \"CVE-2017-7594\", \"CVE-2017-7595\", \"CVE-2017-7596\", \"CVE-2017-7597\", \"CVE-2017-7598\", \"CVE-2017-7599\", \"CVE-2017-7600\", \"CVE-2017-7601\", \"CVE-2017-7602\");\n script_name(\"Debian Security Advisory DSA 3844-1 (tiff - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-05-03 00:00:00 +0200 (Wed, 03 May 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3844.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tiff on Debian Linux\");\n script_tag(name: \"insight\", value: \"libtiff is a library providing support for the Tag Image File Format\n(TIFF), a widely used format for storing image data.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 4.0.3-12.3+deb8u3.\n\nFor the upcoming stable distribution (stretch), these problems have been\nfixed in version 4.0.7-6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.0.7-6.\n\nWe recommend that you upgrade your tiff packages.\");\n script_tag(name: \"summary\", value: \"Multiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5:i386\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5:amd64\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5-dev:i386\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5-dev:amd64\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx5:i386\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx5:amd64\", ver:\"4.0.3-12.3+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5:i386\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5:amd64\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5-dev:i386\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff5-dev:amd64\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx5:i386\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx5:amd64\", ver:\"4.0.7-6\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:33:22", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2018-03-21T00:00:00", "id": "OPENVAS:1361412562310812582", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812582", "title": "Ubuntu Update for tiff USN-3602-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3602_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for tiff USN-3602-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812582\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-21 11:17:10 +0100 (Wed, 21 Mar 2018)\");\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\",\n \"CVE-2016-10371\", \"CVE-2017-10688\", \"CVE-2017-11335\", \"CVE-2017-12944\",\n \"CVE-2017-13726\", \"CVE-2017-13727\", \"CVE-2017-18013\", \"CVE-2017-7592\",\n \"CVE-2017-7593\", \"CVE-2017-7594\", \"CVE-2017-7595\", \"CVE-2017-7596\",\n \"CVE-2017-7597\", \"CVE-2017-7598\", \"CVE-2017-7599\", \"CVE-2017-7600\",\n \"CVE-2017-7601\", \"CVE-2017-7602\", \"CVE-2017-9403\", \"CVE-2017-9404\",\n \"CVE-2017-9815\", \"CVE-2017-9936\", \"CVE-2018-5784\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for tiff USN-3602-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tiff'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that LibTIFF incorrectly\nhandled certain malformed images. If a user or automated system were tricked into\nopening a specially crafted image, a remote attacker could crash the application,\nleading to a denial of service, or possibly execute arbitrary code with user\nprivileges.\");\n script_tag(name:\"affected\", value:\"tiff on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3602-1\");\n script_xref(name:\"URL\", value:\"https://usn.ubuntu.com/usn/usn-3602-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.3-7ubuntu0.8\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5:amd64\", ver:\"4.0.3-7ubuntu0.8\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5:i386\", ver:\"4.0.3-7ubuntu0.8\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"4.0.6-1ubuntu0.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5:amd64\", ver:\"4.0.6-1ubuntu0.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libtiff5:i386\", ver:\"4.0.6-1ubuntu0.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2019-11-03T12:18:50", "bulletinFamily": "scanner", "description": "This update for tiff fixes the following issues: Security issues \nfixed :\n\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer overflow)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to ", "modified": "2019-11-02T00:00:00", "id": "SUSE_SU-2017-1044-1.NASL", "href": "https://www.tenable.com/plugins/nessus/99466", "published": "2017-04-19T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2017:1044-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1044-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99466);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2019/09/11 11:22:15\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-10271\", \"CVE-2016-10272\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2017:1044-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues: Security issues \nfixed :\n\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer overflow)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'WRITE of size 2048' and\n libtiff/tif_next.c:64:9 (bsc#1031247).\n\n - CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows\n remote attackers to cause a denial of service\n (heap-based buffer over-read and buffer overflow) or\n possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 1' and\n libtiff/tif_fax3.c:413:13 (bsc#1031249).\n\n - CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 8' and\n libtiff/tif_read.c:523:22 (bsc#1031250).\n\n - CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 512' and\n libtiff/tif_unix.c:340:2 (bsc#1031254).\n\n - CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows\n remote attackers to cause a denial of service (integer\n underflow and heap-based buffer under-read) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'READ of size 78490' and\n libtiff/tif_unix.c:115:23 (bsc#1031255).\n\n - CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted TIFF image, related to\n libtiff/tif_ojpeg.c:816:8 (bsc#1031262).\n\n - CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted TIFF image, related to\n libtiff/tif_read.c:351:22. (bsc#1031263).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10266/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10268/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10269/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10271/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10272/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171044-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa57b34a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-610=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2017-610=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-610=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-610=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-610=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-610=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2017-610=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtiff5-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtiff5-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"tiff-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"tiff-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"tiff-debugsource-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtiff5-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libtiff5-debuginfo-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"tiff-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"tiff-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"tiff-debugsource-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libtiff5-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"tiff-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"tiff-debugsource-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"tiff-debuginfo-4.0.7-43.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"tiff-debugsource-4.0.7-43.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:27:38", "bulletinFamily": "scanner", "description": "Security fix for :\n\n - **CVE-2016-10266**\n\n - **CVE-2016-10267**\n\n - **CVE-2016-10268**\n\n - **CVE-2016-10269**\n\n - **CVE-2016-10270**\n\n - **CVE-2016-10271**\n\n - **CVE-2016-10272**\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2017-05B9048FBC.NASL", "href": "https://www.tenable.com/plugins/nessus/101563", "published": "2017-07-17T00:00:00", "title": "Fedora 26 : libtiff (2017-05b9048fbc)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-05b9048fbc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101563);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2019/09/24 14:09:05\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-10271\", \"CVE-2016-10272\");\n script_xref(name:\"FEDORA\", value:\"2017-05b9048fbc\");\n\n script_name(english:\"Fedora 26 : libtiff (2017-05b9048fbc)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for :\n\n - **CVE-2016-10266**\n\n - **CVE-2016-10267**\n\n - **CVE-2016-10268**\n\n - **CVE-2016-10269**\n\n - **CVE-2016-10270**\n\n - **CVE-2016-10271**\n\n - **CVE-2016-10272**\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-05b9048fbc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"libtiff-4.0.7-4.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:28:36", "bulletinFamily": "scanner", "description": "Security fix for :\n\n - **CVE-2016-10266**\n\n - **CVE-2016-10267**\n\n - **CVE-2016-10268**\n\n - **CVE-2016-10269**\n\n - **CVE-2016-10270**\n\n - **CVE-2016-10271**\n\n - **CVE-2016-10272**\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2017-AB3ACDDD21.NASL", "href": "https://www.tenable.com/plugins/nessus/99273", "published": "2017-04-11T00:00:00", "title": "Fedora 25 : libtiff (2017-ab3acddd21)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ab3acddd21.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99273);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2019/09/24 14:09:08\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-10271\", \"CVE-2016-10272\");\n script_xref(name:\"FEDORA\", value:\"2017-ab3acddd21\");\n\n script_name(english:\"Fedora 25 : libtiff (2017-ab3acddd21)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for :\n\n - **CVE-2016-10266**\n\n - **CVE-2016-10267**\n\n - **CVE-2016-10268**\n\n - **CVE-2016-10269**\n\n - **CVE-2016-10270**\n\n - **CVE-2016-10271**\n\n - **CVE-2016-10272**\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab3acddd21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"libtiff-4.0.7-4.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T03:01:52", "bulletinFamily": "scanner", "description": "This update for tiff fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer overflow)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to ", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2017-515.NASL", "href": "https://www.tenable.com/plugins/nessus/99704", "published": "2017-04-27T00:00:00", "title": "openSUSE Security Update : tiff (openSUSE-2017-515)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-515.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99704);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2018/01/26 17:32:52 $\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-10271\", \"CVE-2016-10272\");\n\n script_name(english:\"openSUSE Security Update : tiff (openSUSE-2017-515)\");\n script_summary(english:\"Check for the openSUSE-2017-515 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer overflow)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'WRITE of size 2048' and\n libtiff/tif_next.c:64:9 (bsc#1031247).\n\n - CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows\n remote attackers to cause a denial of service\n (heap-based buffer over-read and buffer overflow) or\n possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 1' and\n libtiff/tif_fax3.c:413:13 (bsc#1031249).\n\n - CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 8' and\n libtiff/tif_read.c:523:22 (bsc#1031250).\n\n - CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 512' and\n libtiff/tif_unix.c:340:2 (bsc#1031254).\n\n - CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows\n remote attackers to cause a denial of service (integer\n underflow and heap-based buffer under-read) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'READ of size 78490' and\n libtiff/tif_unix.c:115:23 (bsc#1031255).\n\n - CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted TIFF image, related to\n libtiff/tif_ojpeg.c:816:8 (bsc#1031262).\n\n - CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted TIFF image, related to\n libtiff/tif_read.c:351:22. (bsc#1031263).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031263\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1|SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1 / 42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libtiff-devel-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libtiff5-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libtiff5-debuginfo-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"tiff-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"tiff-debuginfo-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"tiff-debugsource-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.7-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libtiff-devel-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libtiff5-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libtiff5-debuginfo-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tiff-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tiff-debuginfo-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tiff-debugsource-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libtiff5-32bit-4.0.7-17.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libtiff5-debuginfo-32bit-4.0.7-17.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-devel-32bit / libtiff-devel / libtiff5-32bit / libtiff5 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:20:47", "bulletinFamily": "scanner", "description": "libtiff is vulnerable to multiple buffer overflows and integer\noverflows that can lead to application crashes (denial of service) or\nworse.\n\nCVE-2016-10266\n\nInteger overflow that can lead to divide-by-zero in\nTIFFReadEncodedStrip (tif_read.c).\n\nCVE-2016-10267\n\nDivide-by-zero error in OJPEGDecodeRaw (tif_ojpeg.c). CVE-2016-10268\n\nHeap-based buffer overflow in TIFFReverseBits (tif_swab.c).\n\nCVE-2016-10269\n\nHeap-based buffer overflow in _TIFFmemcpy (tif_unix.c).\n\nFor Debian 7 ", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DLA-877.NASL", "href": "https://www.tenable.com/plugins/nessus/99043", "published": "2017-03-30T00:00:00", "title": "Debian DLA-877-1 : tiff security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-877-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99043);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/07/09 14:30:26\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\");\n\n script_name(english:\"Debian DLA-877-1 : tiff security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libtiff is vulnerable to multiple buffer overflows and integer\noverflows that can lead to application crashes (denial of service) or\nworse.\n\nCVE-2016-10266\n\nInteger overflow that can lead to divide-by-zero in\nTIFFReadEncodedStrip (tif_read.c).\n\nCVE-2016-10267\n\nDivide-by-zero error in OJPEGDecodeRaw (tif_ojpeg.c). CVE-2016-10268\n\nHeap-based buffer overflow in TIFFReverseBits (tif_swab.c).\n\nCVE-2016-10269\n\nHeap-based buffer overflow in _TIFFmemcpy (tif_unix.c).\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4.0.2-6+deb7u11.\n\nWe recommend that you upgrade your tiff packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/03/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/tiff\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5-alt-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiff5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtiffxx5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libtiff-doc\", reference:\"4.0.2-6+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtiff-opengl\", reference:\"4.0.2-6+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtiff-tools\", reference:\"4.0.2-6+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtiff5\", reference:\"4.0.2-6+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtiff5-alt-dev\", reference:\"4.0.2-6+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtiff5-dev\", reference:\"4.0.2-6+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtiffxx5\", reference:\"4.0.2-6+deb7u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:21:37", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities have been discovered in the libtiff library\nand the included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-3844.NASL", "href": "https://www.tenable.com/plugins/nessus/99973", "published": "2017-05-04T00:00:00", "title": "Debian DSA-3844-1 : tiff - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3844. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99973);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2019/07/15 14:20:30\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-3658\", \"CVE-2016-9535\", \"CVE-2017-5225\", \"CVE-2017-7592\", \"CVE-2017-7593\", \"CVE-2017-7594\", \"CVE-2017-7595\", \"CVE-2017-7596\", \"CVE-2017-7597\", \"CVE-2017-7598\", \"CVE-2017-7599\", \"CVE-2017-7600\", \"CVE-2017-7601\", \"CVE-2017-7602\");\n script_xref(name:\"DSA\", value:\"3844\");\n\n script_name(english:\"Debian DSA-3844-1 : tiff - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the libtiff library\nand the included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tiff\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3844\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tiff packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 4.0.3-12.3+deb8u3.\n\nFor the upcoming stable distribution (stretch), these problems have\nbeen fixed in version 4.0.7-6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-doc\", reference:\"4.0.3-12.3+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-opengl\", reference:\"4.0.3-12.3+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff-tools\", reference:\"4.0.3-12.3+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff5\", reference:\"4.0.3-12.3+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiff5-dev\", reference:\"4.0.3-12.3+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtiffxx5\", reference:\"4.0.3-12.3+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-09T02:08:53", "bulletinFamily": "scanner", "description": "According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - There is a reachable assertion abort in the function\n TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related\n to tif_dirwrite.c and a SubIFD tag. A crafted input\n will lead to a remote denial of service\n attack.(CVE-2017-13727)\n\n - The putagreytile function in tif_getimage.c in LibTIFF\n 4.0.7 has a left-shift undefined behavior issue, which\n might allow remote attackers to cause a denial of\n service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7592)\n\n - tif_read.c in LibTIFF 4.0.7 does not ensure that\n tif_rawdata is properly initialized, which might allow\n remote attackers to obtain sensitive information from\n process memory via a crafted image.(CVE-2017-7593)\n\n - The OJPEGReadHeaderInfoSecTablesDcTable function in\n tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (memory leak) via a crafted\n image.(CVE-2017-7594)\n\n - The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF\n 4.0.7 allows remote attackers to cause a denial of\n service (divide-by-zero error and application crash)\n via a crafted image.(CVE-2017-7595)\n\n - LibTIFF 4.0.7 has an ", "modified": "2019-11-02T00:00:00", "published": "2019-11-08T00:00:00", "id": "EULEROS_SA-2019-2265.NASL", "href": "https://www.tenable.com/plugins/nessus/130727", "title": "EulerOS 2.0 SP3 : libtiff (EulerOS-SA-2019-2265)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130727);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2016-10092\",\n \"CVE-2016-10266\",\n \"CVE-2016-10267\",\n \"CVE-2016-10268\",\n \"CVE-2016-10269\",\n \"CVE-2016-10270\",\n \"CVE-2016-10272\",\n \"CVE-2016-10371\",\n \"CVE-2016-3186\",\n \"CVE-2016-3622\",\n \"CVE-2016-9273\",\n \"CVE-2016-9538\",\n \"CVE-2016-9539\",\n \"CVE-2017-10688\",\n \"CVE-2017-12944\",\n \"CVE-2017-13726\",\n \"CVE-2017-13727\",\n \"CVE-2017-7592\",\n \"CVE-2017-7593\",\n \"CVE-2017-7594\",\n \"CVE-2017-7595\",\n \"CVE-2017-7596\",\n \"CVE-2017-7597\",\n \"CVE-2017-7598\",\n \"CVE-2017-7599\",\n \"CVE-2017-7600\",\n \"CVE-2017-7601\",\n \"CVE-2017-7602\",\n \"CVE-2017-9403\",\n \"CVE-2017-9936\",\n \"CVE-2018-7456\",\n \"CVE-2018-8905\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libtiff (EulerOS-SA-2019-2265)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - There is a reachable assertion abort in the function\n TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related\n to tif_dirwrite.c and a SubIFD tag. A crafted input\n will lead to a remote denial of service\n attack.(CVE-2017-13727)\n\n - The putagreytile function in tif_getimage.c in LibTIFF\n 4.0.7 has a left-shift undefined behavior issue, which\n might allow remote attackers to cause a denial of\n service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7592)\n\n - tif_read.c in LibTIFF 4.0.7 does not ensure that\n tif_rawdata is properly initialized, which might allow\n remote attackers to obtain sensitive information from\n process memory via a crafted image.(CVE-2017-7593)\n\n - The OJPEGReadHeaderInfoSecTablesDcTable function in\n tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (memory leak) via a crafted\n image.(CVE-2017-7594)\n\n - The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF\n 4.0.7 allows remote attackers to cause a denial of\n service (divide-by-zero error and application crash)\n via a crafted image.(CVE-2017-7595)\n\n - LibTIFF 4.0.7 has an 'outside the range of\n representable values of type float' undefined behavior\n issue, which might allow remote attackers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7596)\n\n - tif_dirread.c in LibTIFF 4.0.7 has an 'outside the\n range of representable values of type float' undefined\n behavior issue, which might allow remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image.(CVE-2017-7597)\n\n - LibTIFF 4.0.7 has an 'outside the range of\n representable values of type short' undefined behavior\n issue, which might allow remote attackers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7599)\n\n - LibTIFF 4.0.7 has an 'outside the range of\n representable values of type unsigned char' undefined\n behavior issue, which might allow remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image.(CVE-2017-7600)\n\n - tif_dirread.c in LibTIFF 4.0.7 might allow remote\n attackers to cause a denial of service (divide-by-zero\n error and application crash) via a crafted\n image.(CVE-2017-7598)\n\n - LibTIFF 4.0.7 has a 'shift exponent too large for\n 64-bit type long' undefined behavior issue, which might\n allow remote attackers to cause a denial of service\n (application crash) or possibly have unspecified other\n impact via a crafted image.(CVE-2017-7601)\n\n - LibTIFF 4.0.7 has a signed integer overflow, which\n might allow remote attackers to cause a denial of\n service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7602)\n\n - In LibTIFF 4.0.7, a memory leak vulnerability was found\n in the function TIFFReadDirEntryLong8Array in\n tif_dirread.c, which allows attackers to cause a denial\n of service via a crafted file.(CVE-2017-9403)\n\n - In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c.\n A crafted TIFF document can lead to a memory leak\n resulting in a remote denial of service\n attack.(CVE-2017-9936)\n\n - Heap-based buffer overflow in the\n readContigStripsIntoBuffer function in tif_unix.c in\n LibTIFF 4.0.7 allows remote attackers to have\n unspecified impact via a crafted image.(CVE-2016-10092)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer overflow) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'WRITE of size 2048' and\n libtiff/tif_next.c:64:9.(CVE-2016-10272)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash)\n via a crafted TIFF image, related to\n libtiff/tif_read.c:351:22.(CVE-2016-10266)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash)\n via a crafted TIFF image, related to\n libtiff/tif_ojpeg.c:816:8.(CVE-2016-10267)\n\n - tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers\n to cause a denial of service (integer underflow and\n heap-based buffer under-read) or possibly have\n unspecified other impact via a crafted TIFF image,\n related to 'READ of size 78490' and\n libtiff/tif_unix.c:115:23.(CVE-2016-10268)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'READ of size 512' and\n libtiff/tif_unix.c:340:2.(CVE-2016-10269)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'READ of size 8' and\n libtiff/tif_read.c:523:22.(CVE-2016-10270)\n\n - The TIFFWriteDirectoryTagCheckedRational function in\n tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers\n to cause a denial of service (assertion failure and\n application exit) via a crafted TIFF\n file.(CVE-2016-10371)\n\n - The fpAcc function in tif_predict.c in the tiff2rgba\n tool in LibTIFF 4.0.6 and earlier allows remote\n attackers to cause a denial of service (divide-by-zero\n error) via a crafted TIFF image.(CVE-2016-3622)\n\n - tiffsplit in libtiff 4.0.6 allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted file, related to changing td_nstrips in\n TIFF_STRIPCHOP mode.(CVE-2016-9273)\n\n - The TIFFReadDirEntryArray function in tif_read.c in\n LibTIFF 4.0.8 mishandles memory allocation for short\n files, which allows remote attackers to cause a denial\n of service (allocation failure and application crash)\n in the TIFFFetchStripThing function in tif_dirread.c\n during a tiff2pdf invocation.(CVE-2017-12944)\n\n - There is a reachable assertion abort in the function\n TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to\n tif_dirwrite.c and a SubIFD tag. A crafted input will\n lead to a remote denial of service\n attack.(CVE-2017-13726)\n\n - tools/tiffcrop.c in libtiff 4.0.6 reads an undefined\n buffer in readContigStripsIntoBuffer() because of a\n uint16 integer overflow. Reported as MSVR\n 35100.(CVE-2016-9538)\n\n - tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds\n read in readContigTilesIntoBuffer(). Reported as MSVR\n 35092.(CVE-2016-9539)\n\n - In LibTIFF 4.0.8, there is a assertion abort in the\n TIFFWriteDirectoryTagCheckedLong8Array function in\n tif_dirwrite.c. A crafted input will lead to a remote\n denial of service attack.(CVE-2017-10688)\n\n - Buffer overflow in the readextension function in\n gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to\n cause a denial of service (application crash) via a\n crafted GIF file.(CVE-2016-3186)\n\n - A NULL Pointer Dereference occurs in the function\n TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when\n using the tiffinfo tool to print crafted TIFF\n information, a different vulnerability than\n CVE-2017-18013. (This affects an earlier part of the\n TIFFPrintDirectory function that was not addressed by\n the CVE-2017-18013 patch.)(CVE-2018-7456)\n\n - In LibTIFF 4.0.9, a heap-based buffer overflow occurs\n in the function LZWDecodeCompat in tif_lzw.c via a\n crafted TIFF file, as demonstrated by\n tiff2ps.(CVE-2018-8905)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2265\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4354c43e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h14\",\n \"libtiff-devel-4.0.3-27.h14\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-03T12:21:42", "bulletinFamily": "scanner", "description": "This update for tiff fixes the following issues: Security issues \nfixed :\n\n - CVE-2016-5315: The setByteArray function in tif_dir.c\n allowed remote attackers to cause a denial of service\n (out-of-bounds read) via a crafted tiff image.\n (bsc#984809)\n\n - CVE-2016-10267: LibTIFF allowed remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted TIFF image, related to\n libtiff/tif_ojpeg.c:816:8. (bsc#1017694)\n\n - CVE-2016-10269: LibTIFF allowed remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to ", "modified": "2019-11-02T00:00:00", "id": "SUSE_SU-2018-1472-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110258", "published": "2018-05-31T00:00:00", "title": "SUSE SLES11 Security Update : tiff (SUSE-SU-2018:1472-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1472-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110258);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2016-10267\", \"CVE-2016-10269\", \"CVE-2016-10270\", \"CVE-2016-5314\", \"CVE-2016-5315\", \"CVE-2017-18013\", \"CVE-2017-7593\", \"CVE-2017-7595\", \"CVE-2017-7596\", \"CVE-2017-7597\", \"CVE-2017-7599\", \"CVE-2017-7600\", \"CVE-2017-7601\", \"CVE-2017-7602\");\n\n script_name(english:\"SUSE SLES11 Security Update : tiff (SUSE-SU-2018:1472-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tiff fixes the following issues: Security issues \nfixed :\n\n - CVE-2016-5315: The setByteArray function in tif_dir.c\n allowed remote attackers to cause a denial of service\n (out-of-bounds read) via a crafted tiff image.\n (bsc#984809)\n\n - CVE-2016-10267: LibTIFF allowed remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted TIFF image, related to\n libtiff/tif_ojpeg.c:816:8. (bsc#1017694)\n\n - CVE-2016-10269: LibTIFF allowed remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 512' and\n libtiff/tif_unix.c:340:2. (bsc#1031254)\n\n - CVE-2016-10270: LibTIFF allowed remote attackers to\n cause a denial of service (heap-based buffer over-read)\n or possibly have unspecified other impact via a crafted\n TIFF image, related to 'READ of size 8' and\n libtiff/tif_read.c:523:22. (bsc#1031250)\n\n - CVE-2017-18013: In LibTIFF, there was a NULL pointer\n Dereference in the tif_print.c TIFFPrintDirectory\n function, as demonstrated by a tiffinfo crash.\n (bsc#1074317)\n\n - CVE-2017-7593: tif_read.c did not ensure that\n tif_rawdata is properly initialized, which might have\n allowed remote attackers to obtain sensitive information\n from process memory via a crafted image. (bsc#1033129)\n\n - CVE-2017-7595: The JPEGSetupEncode function in\n tiff_jpeg.c allowed remote attackers to cause a denial\n of service (divide-by-zero error and application crash)\n via a crafted image. (bsc#1033127)\n\n - CVE-2017-7596: LibTIFF had an 'outside the range of\n representable values of type float' undefined behavior\n issue, which might have allowed remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image. (bsc#1033126)\n\n - CVE-2017-7597: tif_dirread.c had an 'outside the range\n of representable values of type float' undefined\n behavior issue, which might have allowed remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n crafted image. (bsc#1033120)\n\n - CVE-2017-7599: LibTIFF had an 'outside the range of\n representable values of type short' undefined behavior\n issue, which might have allowed remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image. (bsc#1033113)\n\n - CVE-2017-7600: LibTIFF had an 'outside the range of\n representable values of type unsigned char' undefined\n behavior issue, which might have allowed remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n crafted image. (bsc#1033112)\n\n - CVE-2017-7601: LibTIFF had a 'shift exponent too large\n for 64-bit type long' undefined behavior issue, which\n might have allowed remote attackers to cause a denial of\n service (application crash) or possibly have unspecified\n other impact via a crafted image. (bsc#1033111)\n\n - CVE-2017-7602: LibTIFF had a signed integer overflow,\n which might have allowed remote attackers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a crafted image.\n (bsc#1033109)\n\n - Multiple divide by zero issues\n\n - CVE-2016-5314: Buffer overflow in the PixarLogDecode\n function in tif_pixarlog.c allowed remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n TIFF image, as demonstrated by overwriting the\n vgetparent function pointer with rgb2ycbcr. (bsc#987351\n bsc#984808 bsc#984831)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1033129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=984808\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=984809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=984831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=987351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10269/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5314/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5315/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18013/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7593/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7596/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7597/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7599/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7600/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7601/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7602/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181472-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f76228cb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-tiff-13631=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-tiff-13631=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-tiff-13631=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libtiff3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libtiff3-32bit-3.8.2-141.169.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libtiff3-32bit-3.8.2-141.169.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libtiff3-3.8.2-141.169.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"tiff-3.8.2-141.169.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-03T12:32:54", "bulletinFamily": "scanner", "description": "It was discovered that LibTIFF incorrectly handled certain malformed\nimages. If a user or automated system were tricked into opening a\nspecially crafted image, a remote attacker could crash the\napplication, leading to a denial of service, or possibly execute\narbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "UBUNTU_USN-3602-1.NASL", "href": "https://www.tenable.com/plugins/nessus/108513", "published": "2018-03-21T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS : tiff vulnerabilities (USN-3602-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3602-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108513);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/18 12:31:48\");\n\n script_cve_id(\"CVE-2016-10266\", \"CVE-2016-10267\", \"CVE-2016-10268\", \"CVE-2016-10269\", \"CVE-2016-10371\", \"CVE-2017-10688\", \"CVE-2017-11335\", \"CVE-2017-12944\", \"CVE-2017-13726\", \"CVE-2017-13727\", \"CVE-2017-18013\", \"CVE-2017-7592\", \"CVE-2017-7593\", \"CVE-2017-7594\", \"CVE-2017-7595\", \"CVE-2017-7596\", \"CVE-2017-7597\", \"CVE-2017-7598\", \"CVE-2017-7599\", \"CVE-2017-7600\", \"CVE-2017-7601\", \"CVE-2017-7602\", \"CVE-2017-9403\", \"CVE-2017-9404\", \"CVE-2017-9815\", \"CVE-2017-9936\", \"CVE-2018-5784\");\n script_xref(name:\"USN\", value:\"3602-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : tiff vulnerabilities (USN-3602-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that LibTIFF incorrectly handled certain malformed\nimages. If a user or automated system were tricked into opening a\nspecially crafted image, a remote attacker could crash the\napplication, leading to a denial of service, or possibly execute\narbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3602-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff-tools and / or libtiff5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtiff5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libtiff-tools\", pkgver:\"4.0.3-7ubuntu0.8\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libtiff5\", pkgver:\"4.0.3-7ubuntu0.8\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libtiff-tools\", pkgver:\"4.0.6-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libtiff5\", pkgver:\"4.0.6-1ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff-tools / libtiff5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-09T02:08:47", "bulletinFamily": "scanner", "description": "According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The _TIFFFax3fillruns function in libtiff before 4.0.6\n allows remote attackers to cause a denial of service\n (divide-by-zero error and application crash) via a\n crafted Tiff image.The _TIFFFax3fillruns function in\n libtiff before 4.0.6 allows remote attackers to cause a\n denial of service (divide-by-zero error and application\n crash) via a crafted Tiff image.(CVE-2016-5323)\n\n - The cvtClump function in the rgb2ycbcr tool in LibTIFF\n 4.0.6 and earlier allows remote attackers to cause a\n denial of service (out-of-bounds write) by setting the\n ", "modified": "2019-11-02T00:00:00", "published": "2019-11-08T00:00:00", "id": "EULEROS_SA-2019-2209.NASL", "href": "https://www.tenable.com/plugins/nessus/130671", "title": "EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2019-2209)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130671);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2016-10092\",\n \"CVE-2016-10266\",\n \"CVE-2016-10267\",\n \"CVE-2016-10268\",\n \"CVE-2016-10269\",\n \"CVE-2016-10270\",\n \"CVE-2016-10272\",\n \"CVE-2016-10371\",\n \"CVE-2016-3622\",\n \"CVE-2016-3623\",\n \"CVE-2016-3624\",\n \"CVE-2016-5102\",\n \"CVE-2016-5318\",\n \"CVE-2016-5321\",\n \"CVE-2016-5323\",\n \"CVE-2016-9273\",\n \"CVE-2016-9538\",\n \"CVE-2016-9539\",\n \"CVE-2017-10688\",\n \"CVE-2017-12944\",\n \"CVE-2017-13726\",\n \"CVE-2017-13727\",\n \"CVE-2017-7592\",\n \"CVE-2017-7593\",\n \"CVE-2017-7594\",\n \"CVE-2017-7595\",\n \"CVE-2017-7596\",\n \"CVE-2017-7597\",\n \"CVE-2017-7598\",\n \"CVE-2017-7599\",\n \"CVE-2017-7600\",\n \"CVE-2017-7601\",\n \"CVE-2017-7602\",\n \"CVE-2017-9117\",\n \"CVE-2017-9147\",\n \"CVE-2017-9403\",\n \"CVE-2017-9936\",\n \"CVE-2018-10779\",\n \"CVE-2018-10963\",\n \"CVE-2018-17100\",\n \"CVE-2018-17101\",\n \"CVE-2018-18557\",\n \"CVE-2018-18661\",\n \"CVE-2018-7456\",\n \"CVE-2018-8905\",\n \"CVE-2019-14973\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2019-2209)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The _TIFFFax3fillruns function in libtiff before 4.0.6\n allows remote attackers to cause a denial of service\n (divide-by-zero error and application crash) via a\n crafted Tiff image.The _TIFFFax3fillruns function in\n libtiff before 4.0.6 allows remote attackers to cause a\n denial of service (divide-by-zero error and application\n crash) via a crafted Tiff image.(CVE-2016-5323)\n\n - The cvtClump function in the rgb2ycbcr tool in LibTIFF\n 4.0.6 and earlier allows remote attackers to cause a\n denial of service (out-of-bounds write) by setting the\n '-v' option to -1.(CVE-2016-3624)\n\n - The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows\n remote attackers to cause a denial of service\n (divide-by-zero) by setting the (1) v or (2) h\n parameter to 0.(CVE-2016-3623)\n\n - An issue was discovered in LibTIFF 4.0.9. There is a\n int32 overflow in multiply_ms in tools/ppm2tiff.c,\n which can cause a denial of service (crash) or possibly\n have unspecified other impact via a crafted image\n file.(CVE-2018-17100)\n\n - An issue was discovered in LibTIFF 4.0.9. There are two\n out-of-bounds writes in cpTags in tools/tiff2bw.c and\n tools/pal2rgb.c, which can cause a denial of service\n (application crash) or possibly have unspecified other\n impact via a crafted image file.(CVE-2018-17101)\n\n - LibTIFF 4.0.9 (with JBIG enabled) decodes\n arbitrarily-sized JBIG into a buffer, ignoring the\n buffer size, which leads to a tif_jbig.c JBIGDecode\n out-of-bounds write.(CVE-2018-18557)\n\n - In LibTIFF 4.0.9, a heap-based buffer overflow occurs\n in the function LZWDecodeCompat in tif_lzw.c via a\n crafted TIFF file, as demonstrated by\n tiff2ps.(CVE-2018-8905)\n\n - tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers\n to cause a denial of service (integer underflow and\n heap-based buffer under-read) or possibly have\n unspecified other impact via a crafted TIFF image,\n related to 'READ of size 78490' and\n libtiff/tif_unix.c:115:23.(CVE-2016-10268)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'READ of size 512' and\n libtiff/tif_unix.c:340:2.(CVE-2016-10269)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'READ of size 8' and\n libtiff/tif_read.c:523:22.(CVE-2016-10270)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer overflow) or possibly\n have unspecified other impact via a crafted TIFF image,\n related to 'WRITE of size 2048' and\n libtiff/tif_next.c:64:9.(CVE-2016-10272)\n\n - Heap-based buffer overflow in the\n readContigStripsIntoBuffer function in tif_unix.c in\n LibTIFF 4.0.7 allows remote attackers to have\n unspecified impact via a crafted image.(CVE-2016-10092)\n\n - In LibTIFF 4.0.8, there is a assertion abort in the\n TIFFWriteDirectoryTagCheckedLong8Array function in\n tif_dirwrite.c. A crafted input will lead to a remote\n denial of service attack.(CVE-2017-10688)\n\n - The TIFFReadDirEntryArray function in tif_read.c in\n LibTIFF 4.0.8 mishandles memory allocation for short\n files, which allows remote attackers to cause a denial\n of service (allocation failure and application crash)\n in the TIFFFetchStripThing function in tif_dirread.c\n during a tiff2pdf invocation.(CVE-2017-12944)\n\n - tools/tiffcrop.c in libtiff 4.0.6 reads an undefined\n buffer in readContigStripsIntoBuffer() because of a\n uint16 integer overflow. Reported as MSVR\n 35100.(CVE-2016-9538)\n\n - tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds\n read in readContigTilesIntoBuffer(). Reported as MSVR\n 35092.(CVE-2016-9539)\n\n - The putagreytile function in tif_getimage.c in LibTIFF\n 4.0.7 has a left-shift undefined behavior issue, which\n might allow remote attackers to cause a denial of\n service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7592)\n\n - The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF\n 4.0.7 allows remote attackers to cause a denial of\n service (divide-by-zero error and application crash)\n via a crafted image.(CVE-2017-7595)\n\n - LibTIFF 4.0.7 has an 'outside the range of\n representable values of type float' undefined behavior\n issue, which might allow remote attackers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7596)\n\n - tif_dirread.c in LibTIFF 4.0.7 has an 'outside the\n range of representable values of type float' undefined\n behavior issue, which might allow remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image.(CVE-2017-7597)\n\n - tif_dirread.c in LibTIFF 4.0.7 might allow remote\n attackers to cause a denial of service (divide-by-zero\n error and application crash) via a crafted\n image.(CVE-2017-7598)\n\n - LibTIFF 4.0.7 has an 'outside the range of\n representable values of type short' undefined behavior\n issue, which might allow remote attackers to cause a\n denial of service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7599)\n\n - LibTIFF 4.0.7 has an 'outside the range of\n representable values of type unsigned char' undefined\n behavior issue, which might allow remote attackers to\n cause a denial of service (application crash) or\n possibly have unspecified other impact via a crafted\n image.(CVE-2017-7600)\n\n - LibTIFF 4.0.7 has a 'shift exponent too large for\n 64-bit type long' undefined behavior issue, which might\n allow remote attackers to cause a denial of service\n (application crash) or possibly have unspecified other\n impact via a crafted image.(CVE-2017-7601)\n\n - LibTIFF 4.0.7 has a signed integer overflow, which\n might allow remote attackers to cause a denial of\n service (application crash) or possibly have\n unspecified other impact via a crafted\n image.(CVE-2017-7602)\n\n - In LibTIFF 4.0.7, the program processes BMP images\n without verifying that biWidth and biHeight in the\n bitmap-information header match the actual input,\n leading to a heap-based buffer over-read in\n bmp2tiff.(CVE-2017-9117)\n\n - The TIFFWriteDirectoryTagCheckedRational function in\n tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers\n to cause a denial of service (assertion failure and\n application exit) via a crafted TIFF\n file.(CVE-2016-10371)\n\n - The fpAcc function in tif_predict.c in the tiff2rgba\n tool in LibTIFF 4.0.6 and earlier allows remote\n attackers to cause a denial of service (divide-by-zero\n error) via a crafted TIFF image.(CVE-2016-3622)\n\n - The DumpModeDecode function in libtiff 4.0.6 and\n earlier allows attackers to cause a denial of service\n (invalid read and crash) via a crafted tiff\n image.(CVE-2016-5321)\n\n - The TIFFWriteDirectorySec() function in tif_dirwrite.c\n in LibTIFF through 4.0.9 allows remote attackers to\n cause a denial of service (assertion failure and\n application crash) via a crafted file, a different\n vulnerability than CVE-2017-13726.(CVE-2018-10963)\n\n - There is a reachable assertion abort in the function\n TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to\n tif_dirwrite.c and a SubIFD tag. A crafted input will\n lead to a remote denial of service\n attack.(CVE-2017-13726)\n\n - There is a reachable assertion abort in the function\n TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related\n to tif_dirwrite.c and a SubIFD tag. A crafted input\n will lead to a remote denial of service\n attack.(CVE-2017-13727)\n\n - In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c.\n A crafted TIFF document can lead to a memory leak\n resulting in a remote denial of service\n attack.(CVE-2017-9936)\n\n - In LibTIFF 4.0.7, a memory leak vulnerability was found\n in the function TIFFReadDirEntryLong8Array in\n tif_dirread.c, which allows attackers to cause a denial\n of service via a crafted file.(CVE-2017-9403)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash)\n via a crafted TIFF image, related to\n libtiff/tif_ojpeg.c:816:8.(CVE-2016-10267)\n\n - tiffsplit in libtiff 4.0.6 allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted file, related to changing td_nstrips in\n TIFF_STRIPCHOP mode.(CVE-2016-9273)\n\n - LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField\n function in tif_dir.c, which might allow remote\n attackers to cause a denial of service (crash) via a\n crafted TIFF file.(CVE-2017-9147)\n\n - Stack-based buffer overflow in the _TIFFVGetField\n function in libtiff 4.0.6 and earlier allows remote\n attackers to crash the application via a crafted\n tiff.(CVE-2016-5318)\n\n - An issue was discovered in LibTIFF 4.0.9. There is a\n NULL pointer dereference in the function LZWDecode in\n the file tif_lzw.c.(CVE-2018-18661)\n\n - TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a\n heap-based buffer over-read, as demonstrated by\n bmp2tiff.(CVE-2018-10779)\n\n - The OJPEGReadHeaderInfoSecTablesDcTable function in\n tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to\n cause a denial of service (memory leak) via a crafted\n image.(CVE-2017-7594)\n\n - LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash)\n via a crafted TIFF image, related to\n libtiff/tif_read.c:351:22.(CVE-2016-10266)\n\n - Buffer overflow in the readgifimage function in\n gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows\n remote attackers to cause a denial of service\n (segmentation fault) via a crafted gif\n file.(CVE-2016-5102)\n\n - tif_read.c in LibTIFF 4.0.7 does not ensure that\n tif_rawdata is properly initialized, which might allow\n remote attackers to obtain sensitive information from\n process memory via a crafted image.(CVE-2017-7593)\n\n - A NULL Pointer Dereference occurs in the function\n TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when\n using the tiffinfo tool to print crafted TIFF\n information, a different vulnerability than\n CVE-2017-18013. (This affects an earlier part of the\n TIFFPrintDirectory function that was not addressed by\n the CVE-2017-18013 patch.)(CVE-2018-7456)\n\n - _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in\n LibTIFF through 4.0.10 mishandle Integer Overflow\n checks because they rely on compiler behavior that is\n undefined by the applicable C standards. This can, for\n example, lead to an application crash.(CVE-2019-14973)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2209\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1833399b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libtiff-4.0.3-27.h22.eulerosv2r7\",\n \"libtiff-devel-4.0.3-27.h22.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2017-04-26T17:19:01", "bulletinFamily": "unix", "description": "This update for tiff fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer overflow) or possibly have unspecified\n other impact via a crafted TIFF image, related to "WRITE of size 2048"\n and libtiff/tif_next.c:64:9 (bsc#1031247).\n - CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows remote\n attackers to cause a denial of service (heap-based buffer over-read and\n buffer overflow) or possibly have unspecified other impact via a crafted\n TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13\n (bsc#1031249).\n - CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly have unspecified\n other impact via a crafted TIFF image, related to "READ of size 8" and\n libtiff/tif_read.c:523:22 (bsc#1031250).\n - CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (heap-based buffer over-read) or possibly have unspecified\n other impact via a crafted TIFF image, related to "READ of size 512" and\n libtiff/tif_unix.c:340:2 (bsc#1031254).\n - CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers\n to cause a denial of service (integer underflow and heap-based buffer\n under-read) or possibly have unspecified other impact via a crafted TIFF\n image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23\n (bsc#1031255).\n - CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash) via a crafted\n TIFF image, related to libtiff/tif_ojpeg.c:816:8 (bsc#1031262).\n - CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to cause a denial\n of service (divide-by-zero error and application crash) via a crafted\n TIFF image, related to libtiff/tif_read.c:351:22. (bsc#1031263).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "modified": "2017-04-26T18:11:51", "published": "2017-04-26T18:11:51", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00032.html", "id": "OPENSUSE-SU-2017:1108-1", "type": "suse", "title": "Security update for tiff (important)", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to \"WRITE of size 2048\" and libtiff/tif_next.c:64:9.", "modified": "2017-03-31T01:59:00", "id": "CVE-2016-10272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10272", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10272", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 8\" and libtiff/tif_read.c:523:22.", "modified": "2017-11-04T01:29:00", "id": "CVE-2016-10270", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10270", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10270", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.", "modified": "2018-03-22T01:29:00", "id": "CVE-2016-10266", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10266", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10266", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 512\" and libtiff/tif_unix.c:340:2.", "modified": "2018-03-22T01:29:00", "id": "CVE-2016-10269", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10269", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10269", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.", "modified": "2018-03-22T01:29:00", "id": "CVE-2016-10267", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10267", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10267", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23.", "modified": "2018-03-22T01:29:00", "id": "CVE-2016-10268", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10268", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10268", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:15:33", "bulletinFamily": "NVD", "description": "tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 1\" and libtiff/tif_fax3.c:413:13.", "modified": "2017-03-31T01:59:00", "id": "CVE-2016-10271", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10271", "published": "2017-03-24T19:59:00", "title": "CVE-2016-10271", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:21:56", "bulletinFamily": "unix", "description": "Package : tiff\nVersion : 4.0.2-6+deb7u11\nCVE ID : CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269\n\nlibtiff is vulnerable to multiple buffer overflows and integer overflows\nthat can lead to application crashes (denial of service) or worse.\n\nCVE-2016-10266\n\n Integer overflow that can lead to divide-by-zero in\n TIFFReadEncodedStrip (tif_read.c).\n\nCVE-2016-10267\n\n Divide-by-zero error in OJPEGDecodeRaw (tif_ojpeg.c).\n \nCVE-2016-10268\n\n Heap-based buffer overflow in TIFFReverseBits (tif_swab.c).\n\nCVE-2016-10269\n\n Heap-based buffer overflow in _TIFFmemcpy (tif_unix.c).\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n4.0.2-6+deb7u11.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nRapha\u00ebl Hertzog \u25c8 Debian Developer\n\nSupport Debian LTS: https://www.freexian.com/services/debian-lts.html\nLearn to master Debian: https://debian-handbook.info/get/\n", "modified": "2017-03-28T14:06:02", "published": "2017-03-28T14:06:02", "id": "DEBIAN:DLA-877-1:C34DC", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201703/msg00035.html", "title": "[SECURITY] [DLA 877-1] tiff security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:27", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3844-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 03, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tiff\nCVE ID : CVE-2016-3658 CVE-2016-9535 CVE-2016-10266\n CVE-2016-10267 CVE-2016-10269 CVE-2016-10270\n\t\t CVE-2017-5225 CVE-2017-7592 CVE-2017-7593\n\t\t CVE-2017-7594 CVE-2017-7595 CVE-2017-7596\n\t\t CVE-2017-7597 CVE-2017-7598 CVE-2017-7599\n\t\t CVE-2017-7600 CVE-2017-7601 CVE-2017-7602\n\nMultiple vulnerabilities have been discovered in the libtiff library and\nthe included tools, which may result in denial of service, memory\ndisclosure or the execution of arbitrary code.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4.0.3-12.3+deb8u3.\n\nFor the upcoming stable distribution (stretch), these problems have been\nfixed in version 4.0.7-6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.0.7-6.\n\nWe recommend that you upgrade your tiff packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2017-05-03T21:06:40", "published": "2017-05-03T21:06:40", "id": "DEBIAN:DSA-3844-1:F751B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00103.html", "title": "[SECURITY] [DSA 3844-1] tiff security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T19:22:01", "bulletinFamily": "unix", "description": "It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.", "modified": "2018-03-20T00:00:00", "published": "2018-03-20T00:00:00", "id": "USN-3602-1", "href": "https://usn.ubuntu.com/3602-1/", "title": "LibTIFF vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:45", "bulletinFamily": "software", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.192.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.192.0 or later.\n\n# References\n\n * [USN-3602-1](<https://usn.ubuntu.com/3602-1/>)\n * [CVE-2016-10266](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10266>)\n * [CVE-2016-10267](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10267>)\n * [CVE-2016-10268](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10268>)\n * [CVE-2016-10269](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10269>)\n * [CVE-2016-10371](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10371>)\n * [CVE-2017-10688](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-10688>)\n * [CVE-2017-11335](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11335>)\n * [CVE-2017-12944](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12944>)\n * [CVE-2017-13726](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13726>)\n * [CVE-2017-13727](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13727>)\n * [CVE-2017-18013](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18013>)\n * [CVE-2017-7592](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7592>)\n * [CVE-2017-7593](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7593>)\n * [CVE-2017-7594](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7594>)\n * [CVE-2017-7595](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7595>)\n * [CVE-2017-7596](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7596>)\n * [CVE-2017-7597](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7597>)\n * [CVE-2017-7598](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7598>)\n * [CVE-2017-7599](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7599>)\n * [CVE-2017-7600](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7600>)\n * [CVE-2017-7601](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7601>)\n * [CVE-2017-7602](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7602>)\n * [CVE-2017-9403](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9403>)\n * [CVE-2017-9404](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9404>)\n * [CVE-2017-9815](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9815>)\n * [CVE-2017-9936](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9936>)\n * [CVE-2018-5784](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5784>)\n", "modified": "2018-05-02T00:00:00", "published": "2018-05-02T00:00:00", "id": "CFOUNDRY:B5964D2AB72D599E586D491432260541", "href": "https://www.cloudfoundry.org/blog/usn-3602-1/", "title": "USN-3602-1: LibTIFF vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2017-09-29T13:58:07", "bulletinFamily": "unix", "description": "### Background\n\nThe TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. \n\n### Description\n\nMultiple vulnerabilities have been discovered in LibTIFF. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nA remote attacker, by enticing the user to process a specially crafted TIFF file, could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or have other unspecified impacts. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll LibTIFF users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/tiff-4.0.8\"\n \n\nPackages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.", "modified": "2017-09-26T00:00:00", "published": "2017-09-26T00:00:00", "href": "https://security.gentoo.org/glsa/201709-27", "id": "GLSA-201709-27", "title": "libTIFF: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}