{"id": "USN-525-1", "bulletinFamily": "unix", "title": "libsndfile vulnerability", "description": "Robert Buchholz discovered that libsndfile did not correctly validate the \nsize of its memory buffers. If a user were tricked into playing a specially \ncrafted FLAC file, a remote attacker could execute arbitrary code with user \nprivileges.", "published": "2007-10-04T00:00:00", "modified": "2007-10-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://ubuntu.com/security/notices/USN-525-1", "reporter": "Ubuntu", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2007-4974"], "cvelist": ["CVE-2007-4974"], "type": "ubuntu", "lastseen": "2020-07-09T00:27:56", "edition": 5, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-4974"]}, {"type": "openvas", "idList": ["OPENVAS:60075", "OPENVAS:840055", "OPENVAS:861023", "OPENVAS:65979", "OPENVAS:1361412562310830320", "OPENVAS:136141256231065979", "OPENVAS:830320", "OPENVAS:58652"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1442.NASL", "FEDORA_2007-2236.NASL", "MANDRAKE_MDKSA-2007-191.NASL", "GENTOO_GLSA-200710-04.NASL", "UBUNTU_USN-525-1.NASL", "SUSE_LIBSNDFILE-4430.NASL", "SUSE_LIBSNDFILE-4431.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200710-04"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1442-2:ED684"]}], "modified": "2020-07-09T00:27:56", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2020-07-09T00:27:56", "rev": 2}, "vulnersScore": 7.1}, "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "libsndfile1", "packageVersion": "1.0.12-3ubuntu1"}, {"OS": "Ubuntu", "OSVersion": "6.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "libsndfile1", "packageVersion": "1.0.16-1ubuntu0.6.10.1"}, {"OS": "Ubuntu", "OSVersion": "7.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "libsndfile1", "packageVersion": "1.0.16-1ubuntu0.7.04.1"}], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T05:31:26", "description": "Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.", "edition": 6, "cvss3": {}, "published": "2007-09-19T17:17:00", "title": "CVE-2007-4974", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4974"], "modified": "2011-10-18T04:00:00", "cpe": ["cpe:/a:mega-nerd:libsndfile:1.0.13", "cpe:/a:mega-nerd:libsndfile:1.0.15", "cpe:/a:mega-nerd:libsndfile:1.0.12", "cpe:/a:mega-nerd:libsndfile:1.0.11", "cpe:/a:mega-nerd:libsndfile:1.0.0", "cpe:/a:mega-nerd:libsndfile:1.0.16", "cpe:/a:mega-nerd:libsndfile:1.0.10", "cpe:/a:mega-nerd:libsndfile:0.0.28", "cpe:/a:mega-nerd:libsndfile:1.0.17", "cpe:/a:mega-nerd:libsndfile:1.0.1", "cpe:/a:mega-nerd:libsndfile:1.0.14", "cpe:/a:mega-nerd:libsndfile:0.0.8"], "id": "CVE-2007-4974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4974", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mega-nerd:libsndfile:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:0.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:mega-nerd:libsndfile:1.0.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-12-04T11:29:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-525-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840055", "href": "http://plugins.openvas.org/nasl.php?oid=840055", "type": "openvas", "title": "Ubuntu Update for libsndfile vulnerability USN-525-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_525_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for libsndfile vulnerability USN-525-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Robert Buchholz discovered that libsndfile did not correctly validate the\n size of its memory buffers. If a user were tricked into playing a specially\n crafted FLAC file, a remote attacker could execute arbitrary code with user\n privileges.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-525-1\";\ntag_affected = \"libsndfile vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-525-1/\");\n script_id(840055);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"525-1\");\n script_cve_id(\"CVE-2007-4974\");\n script_name( \"Ubuntu Update for libsndfile vulnerability USN-525-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsndfile1-dev\", ver:\"1.0.16-1ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsndfile1\", ver:\"1.0.16-1ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sndfile-programs\", ver:\"1.0.16-1ubuntu0.7.04.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsndfile1-dev\", ver:\"1.0.12-3ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsndfile1\", ver:\"1.0.12-3ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sndfile-programs\", ver:\"1.0.12-3ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsndfile1-dev\", ver:\"1.0.16-1ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsndfile1\", ver:\"1.0.16-1ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sndfile-programs\", ver:\"1.0.16-1ubuntu0.6.10.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libsndfile\n libsndfile-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065979", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065979", "type": "openvas", "title": "SLES10: Security update for libsndfile", "sourceData": "#\n#VID slesp1-libsndfile-4431\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libsndfile\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libsndfile\n libsndfile-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65979\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-4974\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for libsndfile\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.12~13.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsndfile-devel\", rpm:\"libsndfile-devel~1.0.12~13.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "Check for the Version of libsndfile", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830320", "type": "openvas", "title": "Mandriva Update for libsndfile MDKSA-2007:191 (libsndfile)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libsndfile MDKSA-2007:191 (libsndfile)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A heap-based buffer overflow in libsndfile could allow remote attackers\n to execute arbitrary code via a FLAC file with crafted PCM data which\n contains a block with a size exceeding that of the previous block.\n\n Updated packages have been patched to prevent this issue.\";\n\ntag_affected = \"libsndfile on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-10/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830320\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:191\");\n script_cve_id(\"CVE-2007-4974\");\n script_name( \"Mandriva Update for libsndfile MDKSA-2007:191 (libsndfile)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libsndfile\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsndfile-progs\", rpm:\"libsndfile-progs~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1\", rpm:\"libsndfile1~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-devel\", rpm:\"libsndfile1-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-static-devel\", rpm:\"libsndfile1-static-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1\", rpm:\"lib64sndfile1~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-devel\", rpm:\"lib64sndfile1-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-static-devel\", rpm:\"lib64sndfile1-static-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsndfile-progs\", rpm:\"libsndfile-progs~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1\", rpm:\"libsndfile1~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-devel\", rpm:\"libsndfile1-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-static-devel\", rpm:\"libsndfile1-static-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1\", rpm:\"lib64sndfile1~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-devel\", rpm:\"lib64sndfile1-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-static-devel\", rpm:\"lib64sndfile1-static-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200710-04.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:58652", "href": "http://plugins.openvas.org/nasl.php?oid=58652", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200710-04 (libsndfile)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow vulnerability has been discovered in libsndfile.\";\ntag_solution = \"All libsndfile users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libsndfile-1.0.17-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200710-04\nhttp://bugs.gentoo.org/show_bug.cgi?id=192834\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200710-04.\";\n\n \n\nif(description)\n{\n script_id(58652);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-4974\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200710-04 (libsndfile)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/libsndfile\", unaffected: make_list(\"ge 1.0.17-r1\"), vulnerable: make_list(\"lt 1.0.17-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "Check for the Version of libsndfile", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861023", "href": "http://plugins.openvas.org/nasl.php?oid=861023", "type": "openvas", "title": "Fedora Update for libsndfile FEDORA-2007-2236", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libsndfile FEDORA-2007-2236\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libsndfile on Fedora 7\";\ntag_insight = \"libsndfile is a C library for reading and writing sound files such as\n AIFF, AU, WAV, and others through one standard interface. It can\n currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and\n 64-bit floating point WAV files and a number of compressed formats. It\n compiles and runs on *nix, MacOS, and Win32.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00344.html\");\n script_id(861023);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-2236\");\n script_cve_id(\"CVE-2007-4974\");\n script_name( \"Fedora Update for libsndfile FEDORA-2007-2236\");\n\n script_summary(\"Check for the Version of libsndfile\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile-debuginfo\", rpm:\"libsndfile-debuginfo~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile-devel\", rpm:\"libsndfile-devel~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile-debuginfo\", rpm:\"libsndfile-debuginfo~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile-devel\", rpm:\"libsndfile-devel~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libsndfile\n libsndfile-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65979", "href": "http://plugins.openvas.org/nasl.php?oid=65979", "type": "openvas", "title": "SLES10: Security update for libsndfile", "sourceData": "#\n#VID slesp1-libsndfile-4431\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libsndfile\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libsndfile\n libsndfile-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65979);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-4974\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for libsndfile\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.12~13.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsndfile-devel\", rpm:\"libsndfile-devel~1.0.12~13.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "The remote host is missing an update to libsndfile\nannounced via advisory DSA 1442-2.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:60075", "href": "http://plugins.openvas.org/nasl.php?oid=60075", "type": "openvas", "title": "Debian Security Advisory DSA 1442-2 (libsndfile)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1442_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1442-2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Rubert Buchholz discovered that libsndfile, a library for reading /\nwriting audio files performs insufficient boundary checks when\nprocessing FLAC files, which might lead to the execution of arbitrary\ncode.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 1.0.16-2.\n\nThe old stable distribution (sarge) is not affected by this problem.\n\nWe recommend that you upgrade your libsndfile packages.\";\ntag_summary = \"The remote host is missing an update to libsndfile\nannounced via advisory DSA 1442-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201442-2\";\n\nif(description)\n{\n script_id(60075);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-4974\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1442-2 (libsndfile)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libsndfile1-dev\", ver:\"1.0.16-2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsndfile1\", ver:\"1.0.16-2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sndfile-programs\", ver:\"1.0.16-2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "description": "Check for the Version of libsndfile", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830320", "href": "http://plugins.openvas.org/nasl.php?oid=830320", "type": "openvas", "title": "Mandriva Update for libsndfile MDKSA-2007:191 (libsndfile)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libsndfile MDKSA-2007:191 (libsndfile)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A heap-based buffer overflow in libsndfile could allow remote attackers\n to execute arbitrary code via a FLAC file with crafted PCM data which\n contains a block with a size exceeding that of the previous block.\n\n Updated packages have been patched to prevent this issue.\";\n\ntag_affected = \"libsndfile on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-10/msg00000.php\");\n script_id(830320);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:191\");\n script_cve_id(\"CVE-2007-4974\");\n script_name( \"Mandriva Update for libsndfile MDKSA-2007:191 (libsndfile)\");\n\n script_summary(\"Check for the Version of libsndfile\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsndfile-progs\", rpm:\"libsndfile-progs~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1\", rpm:\"libsndfile1~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-devel\", rpm:\"libsndfile1-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-static-devel\", rpm:\"libsndfile1-static-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1\", rpm:\"lib64sndfile1~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-devel\", rpm:\"lib64sndfile1-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-static-devel\", rpm:\"lib64sndfile1-static-devel~1.0.17~5.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsndfile-progs\", rpm:\"libsndfile-progs~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1\", rpm:\"libsndfile1~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-devel\", rpm:\"libsndfile1-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile1-static-devel\", rpm:\"libsndfile1-static-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsndfile\", rpm:\"libsndfile~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1\", rpm:\"lib64sndfile1~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-devel\", rpm:\"lib64sndfile1-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sndfile1-static-devel\", rpm:\"lib64sndfile1-static-devel~1.0.17~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:09", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4974"], "description": "### Background\n\nlibsndfile is a library for reading and writing various formats of audio files including WAV and FLAC. \n\n### Description\n\nRobert Buchholz of the Gentoo Security team discovered that the flac_buffer_copy() function does not correctly handle FLAC streams with variable block sizes which leads to a heap-based buffer overflow (CVE-2007-4974). \n\n### Impact\n\nA remote attacker could exploit this vulnerability by enticing a user to open a specially crafted FLAC file or network stream with an application using libsndfile. This might lead to the execution of arbitrary code with privileges of the user playing the file. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll libsndfile users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/libsndfile-1.0.17-r1\"", "edition": 1, "modified": "2007-10-07T00:00:00", "published": "2007-10-07T00:00:00", "id": "GLSA-200710-04", "href": "https://security.gentoo.org/glsa/200710-04", "type": "gentoo", "title": "libsndfile: Buffer overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T10:52:15", "description": "The remote host is affected by the vulnerability described in GLSA-200710-04\n(libsndfile: Buffer overflow)\n\n Robert Buchholz of the Gentoo Security team discovered that the\n flac_buffer_copy() function does not correctly handle FLAC streams with\n variable block sizes which leads to a heap-based buffer overflow\n (CVE-2007-4974).\n \nImpact :\n\n A remote attacker could exploit this vulnerability by enticing a user\n to open a specially crafted FLAC file or network stream with an\n application using libsndfile. This might lead to the execution of\n arbitrary code with privileges of the user playing the file.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2007-10-09T00:00:00", "title": "GLSA-200710-04 : libsndfile: Buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2007-10-09T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:libsndfile"], "id": "GENTOO_GLSA-200710-04.NASL", "href": "https://www.tenable.com/plugins/nessus/26944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200710-04.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26944);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-4974\");\n script_xref(name:\"GLSA\", value:\"200710-04\");\n\n script_name(english:\"GLSA-200710-04 : libsndfile: Buffer overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200710-04\n(libsndfile: Buffer overflow)\n\n Robert Buchholz of the Gentoo Security team discovered that the\n flac_buffer_copy() function does not correctly handle FLAC streams with\n variable block sizes which leads to a heap-based buffer overflow\n (CVE-2007-4974).\n \nImpact :\n\n A remote attacker could exploit this vulnerability by enticing a user\n to open a specially crafted FLAC file or network stream with an\n application using libsndfile. This might lead to the execution of\n arbitrary code with privileges of the user playing the file.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200710-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libsndfile users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/libsndfile-1.0.17-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libsndfile\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/libsndfile\", unaffected:make_list(\"ge 1.0.17-r1\"), vulnerable:make_list(\"lt 1.0.17-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsndfile\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:46", "description": "A heap-based buffer overflow in libsndfile could allow remote\nattackers to execute arbitrary code via a FLAC file with crafted PCM\ndata which contains a block with a size exceeding that of the previous\nblock.\n\nUpdated packages have been patched to prevent this issue.", "edition": 24, "published": "2007-10-03T00:00:00", "title": "Mandrake Linux Security Advisory : libsndfile (MDKSA-2007:191)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2007-10-03T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libsndfile1-static-devel", "p-cpe:/a:mandriva:linux:libsndfile1", "cpe:/o:mandriva:linux:2007", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:libsndfile1-devel", "p-cpe:/a:mandriva:linux:lib64sndfile1-static-devel", "p-cpe:/a:mandriva:linux:libsndfile-progs", "p-cpe:/a:mandriva:linux:lib64sndfile1-devel", "p-cpe:/a:mandriva:linux:lib64sndfile1"], "id": "MANDRAKE_MDKSA-2007-191.NASL", "href": "https://www.tenable.com/plugins/nessus/26901", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:191. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26901);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-4974\");\n script_xref(name:\"MDKSA\", value:\"2007:191\");\n\n script_name(english:\"Mandrake Linux Security Advisory : libsndfile (MDKSA-2007:191)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow in libsndfile could allow remote\nattackers to execute arbitrary code via a FLAC file with crafted PCM\ndata which contains a block with a size exceeding that of the previous\nblock.\n\nUpdated packages have been patched to prevent this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sndfile1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sndfile1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sndfile1-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsndfile-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsndfile1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsndfile1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libsndfile1-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64sndfile1-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64sndfile1-devel-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64sndfile1-static-devel-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"libsndfile-progs-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libsndfile1-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libsndfile1-devel-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libsndfile1-static-devel-1.0.17-2.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64sndfile1-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64sndfile1-devel-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64sndfile1-static-devel-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"libsndfile-progs-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libsndfile1-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libsndfile1-devel-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libsndfile1-static-devel-1.0.17-5.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:05", "description": "An updated libsndfile package has been released, fixing a potential\nheap-based buffer overflow in malcrafted flac files.\n\nThx to Robert Buchholz for finding that issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2007-11-06T00:00:00", "title": "Fedora 7 : libsndfile-1.0.17-2.fc7 (2007-2236)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2007-11-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libsndfile-devel", "cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:libsndfile", "p-cpe:/a:fedoraproject:fedora:libsndfile-debuginfo"], "id": "FEDORA_2007-2236.NASL", "href": "https://www.tenable.com/plugins/nessus/27762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-2236.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27762);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-4974\");\n script_bugtraq_id(25758);\n script_xref(name:\"FEDORA\", value:\"2007-2236\");\n\n script_name(english:\"Fedora 7 : libsndfile-1.0.17-2.fc7 (2007-2236)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated libsndfile package has been released, fixing a potential\nheap-based buffer overflow in malcrafted flac files.\n\nThx to Robert Buchholz for finding that issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=237575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=296221\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-September/003869.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01386842\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libsndfile, libsndfile-debuginfo and / or\nlibsndfile-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libsndfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libsndfile-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libsndfile-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"libsndfile-1.0.17-2.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"libsndfile-debuginfo-1.0.17-2.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"libsndfile-devel-1.0.17-2.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsndfile / libsndfile-debuginfo / libsndfile-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:44:54", "description": "Rubert Buchholz discovered that libsndfile, a library for reading /\nwriting audio files, performs insufficient boundary checks when\nprocessing FLAC files, which might lead to the execution of arbitrary\ncode.", "edition": 26, "published": "2008-01-04T00:00:00", "title": "Debian DSA-1442-1 : libsndfile - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2008-01-04T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:libsndfile"], "id": "DEBIAN_DSA-1442.NASL", "href": "https://www.tenable.com/plugins/nessus/29836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1442. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29836);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-4974\");\n script_bugtraq_id(25758);\n script_xref(name:\"DSA\", value:\"1442\");\n\n script_name(english:\"Debian DSA-1442-1 : libsndfile - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rubert Buchholz discovered that libsndfile, a library for reading /\nwriting audio files, performs insufficient boundary checks when\nprocessing FLAC files, which might lead to the execution of arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1442\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libsndfile packages.\n\nThe old stable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 1.0.16-2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsndfile\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libsndfile1\", reference:\"1.0.16-2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libsndfile1-dev\", reference:\"1.0.16-2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"sndfile-programs\", reference:\"1.0.16-2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:46:30", "description": "This update fixes a possible buffer overflow that occurs while reading\ndecoded PCM data from the FLAC library. (CVE-2007-4974)", "edition": 23, "published": "2008-01-04T00:00:00", "title": "SuSE 10 Security Update : libsndfile (ZYPP Patch Number 4431)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2008-01-04T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBSNDFILE-4431.NASL", "href": "https://www.tenable.com/plugins/nessus/29851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29851);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4974\");\n\n script_name(english:\"SuSE 10 Security Update : libsndfile (ZYPP Patch Number 4431)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a possible buffer overflow that occurs while reading\ndecoded PCM data from the FLAC library. (CVE-2007-4974)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4974.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4431.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libsndfile-1.0.12-13.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"libsndfile-devel-1.0.12-13.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"libsndfile-32bit-1.0.12-13.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libsndfile-1.0.12-13.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"libsndfile-devel-1.0.12-13.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"libsndfile-32bit-1.0.12-13.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:46:30", "description": "This update fixes a possible buffer overflow that occurs while reading\ndecoded PCM data from the FLAC library. (CVE-2007-4974)", "edition": 24, "published": "2008-01-08T00:00:00", "title": "openSUSE 10 Security Update : libsndfile (libsndfile-4430)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2008-01-08T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:libsndfile-devel", "p-cpe:/a:novell:opensuse:libsndfile-progs", "p-cpe:/a:novell:opensuse:libsndfile-32bit", "p-cpe:/a:novell:opensuse:libsndfile-octave", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:libsndfile"], "id": "SUSE_LIBSNDFILE-4430.NASL", "href": "https://www.tenable.com/plugins/nessus/29881", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsndfile-4430.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29881);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4974\");\n\n script_name(english:\"openSUSE 10 Security Update : libsndfile (libsndfile-4430)\");\n script_summary(english:\"Check for the libsndfile-4430 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a possible buffer overflow that occurs while reading\ndecoded PCM data from the FLAC library. (CVE-2007-4974)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsndfile packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsndfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsndfile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsndfile-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsndfile-octave\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsndfile-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libsndfile-1.0.12-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libsndfile-devel-1.0.12-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libsndfile-octave-1.0.12-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"libsndfile-progs-1.0.12-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"libsndfile-32bit-1.0.12-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libsndfile-1.0.17-23\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libsndfile-devel-1.0.17-23\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libsndfile-octave-1.0.17-23\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"libsndfile-progs-1.0.17-23\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"libsndfile-32bit-1.0.17-23\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsndfile\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:44:05", "description": "Robert Buchholz discovered that libsndfile did not correctly validate\nthe size of its memory buffers. If a user were tricked into playing a\nspecially crafted FLAC file, a remote attacker could execute arbitrary\ncode with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : libsndfile vulnerability (USN-525-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4974"], "modified": "2007-11-10T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:sndfile-programs", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:libsndfile1", "p-cpe:/a:canonical:ubuntu_linux:libsndfile1-dev", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-525-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-525-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28130);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-4974\");\n script_xref(name:\"USN\", value:\"525-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : libsndfile vulnerability (USN-525-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Robert Buchholz discovered that libsndfile did not correctly validate\nthe size of its memory buffers. If a user were tricked into playing a\nspecially crafted FLAC file, a remote attacker could execute arbitrary\ncode with user privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/525-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libsndfile1, libsndfile1-dev and / or\nsndfile-programs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsndfile1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsndfile1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sndfile-programs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsndfile1\", pkgver:\"1.0.12-3ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libsndfile1-dev\", pkgver:\"1.0.12-3ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"sndfile-programs\", pkgver:\"1.0.12-3ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libsndfile1\", pkgver:\"1.0.16-1ubuntu0.6.10.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libsndfile1-dev\", pkgver:\"1.0.16-1ubuntu0.6.10.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"sndfile-programs\", pkgver:\"1.0.16-1ubuntu0.6.10.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libsndfile1\", pkgver:\"1.0.16-1ubuntu0.7.04.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libsndfile1-dev\", pkgver:\"1.0.16-1ubuntu0.7.04.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"sndfile-programs\", pkgver:\"1.0.16-1ubuntu0.7.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsndfile1 / libsndfile1-dev / sndfile-programs\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:19:07", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4974"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1442-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nDecember 29, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : libsndfile\nVulnerability : buffer overflow\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-4974\n\nRubert Buchholz discovered that libsndfile, a library for reading / \nwriting audio files performs insufficient boundary checks when\nprocessing FLAC files, which might lead to the execution of arbitrary\ncode.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 1.0.16-2.\n\nThe old stable distribution (sarge) is not affected by this problem.\n\nWe recommend that you upgrade your libsndfile packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16.orig.tar.gz\n Size/MD5 checksum: 857117 773b6639672d39b6342030c7fd1e9719\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16-2.diff.gz\n Size/MD5 checksum: 5465 3143afa4d8b69fe1ba9d0428d3b5b472\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16-2.dsc\n Size/MD5 checksum: 639 778f77063bf0aee761b5d9f7af793ced\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_alpha.deb\n Size/MD5 checksum: 400468 f555adb582857c57e2efc4c957661a10\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_alpha.deb\n Size/MD5 checksum: 222432 5a776e9755235dfbc33881b54a69df87\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_alpha.deb\n Size/MD5 checksum: 72062 0ad263c448319e10f147d4ca3a2e49cd\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_amd64.deb\n Size/MD5 checksum: 70518 6ece20244584e3e33c680cba32f5bd01\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_amd64.deb\n Size/MD5 checksum: 186978 15d1c0d80b1df110594b0e25dc444ca3\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_amd64.deb\n Size/MD5 checksum: 322346 f8d850304a105b5b8d2beadb3e81304d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_arm.deb\n Size/MD5 checksum: 72042 6efb81b71098e378b5f702c06cb8b2d9\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_arm.deb\n Size/MD5 checksum: 343534 03aef95ebfe92522c5d36a4e5590859d\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_arm.deb\n Size/MD5 checksum: 220952 d01c16d518630402f6714691b829d793\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_hppa.deb\n Size/MD5 checksum: 74542 cf4e50401c65e94b5ec93b488c0180c7\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_hppa.deb\n Size/MD5 checksum: 236320 7c0274e6b33b5e301dcd7a474d502107\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_hppa.deb\n Size/MD5 checksum: 373514 af037103e816ba426298a634057decb2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_i386.deb\n Size/MD5 checksum: 74262 834537ca8b562a4350d5a9c422f436ca\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_i386.deb\n Size/MD5 checksum: 319560 9fe5127322c613449eb0dde18a27cfb8\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_i386.deb\n Size/MD5 checksum: 197498 e9bc609646a45373a0d365b071950c6a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_ia64.deb\n Size/MD5 checksum: 270526 4e79bb42b5e92d68fa00bff980686eb3\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_ia64.deb\n Size/MD5 checksum: 416098 3d6c672fd2480a3a5783142085445bdd\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_ia64.deb\n Size/MD5 checksum: 75756 d29c6c9fe859001936087e53afdff185\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_mips.deb\n Size/MD5 checksum: 217138 c59d9ffccb7d577d06f4eb8f8a875e98\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_mips.deb\n Size/MD5 checksum: 374184 e0a8ce0c236b772bc58eaad8aad2006a\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_mips.deb\n Size/MD5 checksum: 72760 2468de6305a9c60fdfd0fe73bad8999a\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_mipsel.deb\n Size/MD5 checksum: 72800 da3ce8b83dc1ad383c23812df43cf31d\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_mipsel.deb\n Size/MD5 checksum: 373316 d2e45aaad4073e64b6e3e443e6702cac\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_mipsel.deb\n Size/MD5 checksum: 216758 0a66a28c249850999b90b6f90d0c027b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_powerpc.deb\n Size/MD5 checksum: 207748 7c999002bfce68181a2818eaf3e829ed\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_powerpc.deb\n Size/MD5 checksum: 346286 2b9d3e4cef955ff76a963a3e40aebecd\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_powerpc.deb\n Size/MD5 checksum: 75812 b8549289577e9a8bfe279592ebb68c69\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_s390.deb\n Size/MD5 checksum: 346370 dca74b112ab72b4893b272aa983f6e07\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_s390.deb\n Size/MD5 checksum: 72800 6fd80164e263294833c6b6a4f98faf7f\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_s390.deb\n Size/MD5 checksum: 220876 8f28f995c96e3366cc98a1578aba5a46\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_sparc.deb\n Size/MD5 checksum: 70652 7560d39c5a222317decb5586c17d1d55\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_sparc.deb\n Size/MD5 checksum: 207790 e758c2a6e11a78f25df2ad1b2205206e\n http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_sparc.deb\n Size/MD5 checksum: 334854 f97aba9749b0dd78f6da521399fa9937\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2007-12-29T01:41:27", "published": "2007-12-29T01:41:27", "id": "DEBIAN:DSA-1442-2:ED684", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00225.html", "title": "[SECURITY] [DSA 1442-2] New libsndfile packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4974"], "description": "libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on *nix, MacOS, and Win32. ", "modified": "2007-09-24T18:00:24", "published": "2007-09-24T18:00:24", "id": "FEDORA:L8OI0QTR011674", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: libsndfile-1.0.17-2.fc7", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}