Vulnerabilities > CVE-2008-6218 - Resource Management Errors vulnerability in Libpng

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

libpng

CWE-399

nessus

NVD

Published: 2009-02-20

Updated: 2018-10-11

Summary

Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.

Vulnerable Configurations

Part	Description	Count
Application	Libpng Libpng Libpng 1.2.0 Libpng Libpng 1.2.1 Libpng Libpng 1.2.2 Libpng Libpng 1.2.3 Libpng Libpng 1.2.4 Libpng Libpng 1.2.5 Libpng Libpng 1.2.6 Libpng Libpng 1.2.7 Libpng Libpng 1.2.8 Libpng Libpng 1.2.9 Libpng Libpng 1.2.10 Libpng Libpng 1.2.11 Libpng Libpng 1.2.13 Libpng Libpng 1.2.14 Libpng Libpng 1.2.15 Libpng Libpng 1.2.16 Libpng Libpng 1.2.17 Libpng Libpng 1.2.18 Libpng Libpng 1.2.19 Libpng Libpng 1.2.20 Libpng Libpng 1.2.21 Libpng Libpng 1.2.22 Libpng Libpng 1.2.23 Libpng Libpng 1.2.24 Libpng Libpng 1.2.25 Libpng Libpng 1.2.26 Libpng Libpng 1.2.27 Libpng Libpng 1.2.28 Libpng Libpng 1.2.29 Libpng Libpng 1.2.30 Libpng Libpng 1.2.31 Libpng Libpng 1.2.32 Libpng Libpng 1.2.33 Libpng Libpng 1.4.0	243

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_4_LIBPNG12-110802.NASL
description	This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	75911
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/75911
title	openSUSE Security Update : libpng12 (libpng12-4947)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng12-4947. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75911); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng12 (libpng12-4947)"); script_summary(english:"Check for the libpng12-4947 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng12 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-compat-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-devel-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-0-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-0-debuginfo-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-compat-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-debugsource-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-0-32bit-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-0-debuginfo-32bit-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-compat-devel-32bit-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-devel-32bit-1.2.46-7.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng12-0"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE9_12815.NASL
description	This update of libpng fixes : - CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399). (CVE-2008-6218) - CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119). (CVE-2011-2690) - CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119). (CVE-2011-2692)
last seen	2020-06-01
modified	2020-06-02
plugin id	55895
published	2011-08-18
reporter	This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/55895
title	SuSE9 Security Update : libpng (YOU Patch Number 12815)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55895); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"SuSE9 Security Update : libpng (YOU Patch Number 12815)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of libpng fixes : - CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399). (CVE-2008-6218) - CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119). (CVE-2011-2690) - CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119). (CVE-2011-2692)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-6218.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-5063.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2501.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2690.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2691.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2692.html" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12815."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/08/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"libpng-1.2.5-182.32")) flag++; if (rpm_check(release:"SUSE9", reference:"libpng-devel-1.2.5-182.32")) flag++; if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"libpng-32bit-9-201108021634")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_4_LIBPNG14-110802.NASL
description	This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	75913
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/75913
title	openSUSE Security Update : libpng14 (libpng14-4949)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng14-4949. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75913); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng14 (libpng14-4949)"); script_summary(english:"Check for the libpng14-4949 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng14 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-compat-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-devel-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-14-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-14-debuginfo-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-compat-devel-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-debugsource-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-devel-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-14-32bit-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-14-debuginfo-32bit-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-compat-devel-32bit-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-devel-32bit-1.4.4-3.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng14-14"); }

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2010-133.NASL
description	Multiple vulnerabilities has been found and corrected in libpng : Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file (CVE-2008-6218. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row (CVE-2010-1205). Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks (CVE-2010-2249). As a precaution htmldoc has been rebuilt to link against the system libpng library for CS4 and 2008.0. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated packages have been patched to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	48192
published	2010-07-30
reporter	This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/48192
title	Mandriva Linux Security Advisory : libpng (MDVSA-2010:133)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2010:133. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(48192); script_version("1.13"); script_cvs_date("Date: 2019/08/02 13:32:53"); script_cve_id("CVE-2008-6218", "CVE-2010-1205", "CVE-2010-2249"); script_bugtraq_id(31920, 41174); script_xref(name:"MDVSA", value:"2010:133"); script_name(english:"Mandriva Linux Security Advisory : libpng (MDVSA-2010:133)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities has been found and corrected in libpng : Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file (CVE-2008-6218. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row (CVE-2010-1205). Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks (CVE-2010-2249). As a precaution htmldoc has been rebuilt to link against the system libpng library for CS4 and 2008.0. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated packages have been patched to correct these issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:htmldoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:htmldoc-nogui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png-static-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xulrunner-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xulrunner1.9.2.6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-static-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxulrunner-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxulrunner1.9.2.6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nsinstall"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xulrunner"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1"); script_set_attribute(attribute:"patch_publication_date", value:"2010/07/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2008.0", reference:"htmldoc-1.8.27-1.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"htmldoc-nogui-1.8.27-1.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64png-devel-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64png-static-devel-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64png3-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libpng-devel-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"libpng-source-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libpng-static-devel-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libpng3-1.2.22-0.5mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxulrunner-devel-1.9.2.6-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-thunderbird-3.0.5-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"nsinstall-3.0.5-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"xulrunner-1.9.2.6-0.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64png-devel-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64png-static-devel-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64png3-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libpng-devel-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"libpng-source-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libpng-static-devel-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libpng3-1.2.31-2.3mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64png-devel-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64png-static-devel-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64png3-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libpng-devel-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", reference:"libpng-source-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libpng-static-devel-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libpng3-1.2.35-1.2mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64png-devel-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64png-static-devel-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64png3-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libpng-devel-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"libpng-source-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libpng-static-devel-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libpng3-1.2.40-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64png-devel-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64png-static-devel-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64png3-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libpng-devel-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"libpng-source-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libpng-static-devel-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libpng3-1.2.43-1.1mdv2010.1", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201412-08.NASL
description	The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	79961
published	2014-12-15
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/79961
title	GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201412-08. # # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(79961); script_version("1.6"); script_cvs_date("Date: 2019/08/12 17:35:38"); script_cve_id("CVE-2006-3005", "CVE-2007-2741", "CVE-2008-0553", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2008-6661", "CVE-2009-0040", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-0946", "CVE-2009-2042", "CVE-2009-2624", "CVE-2009-3736", "CVE-2009-4029", "CVE-2009-4411", "CVE-2009-4896", "CVE-2010-0001", "CVE-2010-0436", "CVE-2010-0732", "CVE-2010-0829", "CVE-2010-1000", "CVE-2010-1205", "CVE-2010-1511", "CVE-2010-2056", "CVE-2010-2060", "CVE-2010-2192", "CVE-2010-2251", "CVE-2010-2529", "CVE-2010-2809", "CVE-2010-2945"); script_bugtraq_id(24001, 27655, 28770, 31920, 32751, 33740, 33741, 33827, 33990, 34550, 35233, 37128, 37378, 37455, 37886, 37888, 38211, 39467, 39969, 40141, 40426, 40516, 40939, 41174, 41841, 41911, 42297, 43728); script_xref(name:"GLSA", value:"201412-08"); script_name(english:"GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201412-08" ); script_set_attribute( attribute:"solution", value: "All Insight users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-util/insight-6.7.1-r1' All Perl Tk Module users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-perl/perl-tk-804.028-r2' All Source-Navigator users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-util/sourcenav-5.1.4' All Tk users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/tk-8.4.18-r1' All Partimage users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-block/partimage-0.6.8' All Mlmmj users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-mail/mlmmj-1.2.17.1' All acl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-apps/acl-2.2.49' All Xinit users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-apps/xinit-1.2.0-r4' All gzip users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.4' All ncompress users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/ncompress-4.2.4.3' All liblzw users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-libs/liblzw-0.2' All splashutils users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/splashutils-1.5.4.3-r3' All GNU M4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-devel/m4-1.4.14-r1' All KDE Display Manager users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=kde-base/kdm-4.3.5-r1' All GTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-libs/gtk+-2.18.7' All KGet 4.3 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=kde-base/kget-4.3.5-r1' All dvipng users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/dvipng-1.13' All Beanstalk users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-misc/beanstalkd-1.4.6' All Policy Mount users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-apps/pmount-0.9.23' All pam_krb5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-auth/pam_krb5-4.3' All GNU gv users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/gv-3.7.1' All LFTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-ftp/lftp-4.0.6' All Uzbl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/uzbl-2010.08.05' All Slim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-misc/slim-1.3.2' All iputils users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/iputils-20100418' All DVBStreamer users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-tv/dvbstreamer-1.1-r1' Gentoo has discontinued support for Bitdefender Console. We recommend that users unmerge Bitdefender Console: # emerge --unmerge 'app-antivirus/bitdefender-console' NOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2011. It is likely that your system is already no longer affected by these issues." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 94, 119, 189, 200, 264, 287, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:beanstalkd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:bitdefender-console"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:dvbstreamer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:dvipng"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gtk+"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gzip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:insight"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:iputils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:kdm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:kget"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:lftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:liblzw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:m4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mlmmj"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ncompress"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pam_krb5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:partimage"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl-tk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:slim"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:sourcenav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:splashutils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:tk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:uzbl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xinit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/13"); script_set_attribute(attribute:"patch_publication_date", value:"2014/12/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/15"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-arch/gzip", unaffected:make_list("ge 1.4"), vulnerable:make_list("lt 1.4"))) flag++; if (qpkg_check(package:"kde-base/kget", unaffected:make_list("ge 4.3.5-r1"), vulnerable:make_list("lt 4.3.5-r1"))) flag++; if (qpkg_check(package:"dev-libs/liblzw", unaffected:make_list("ge 0.2"), vulnerable:make_list("lt 0.2"))) flag++; if (qpkg_check(package:"kde-base/kdm", unaffected:make_list("ge 4.3.5-r1"), vulnerable:make_list("lt 4.3.5-r1"))) flag++; if (qpkg_check(package:"app-text/dvipng", unaffected:make_list("ge 1.13"), vulnerable:make_list("lt 1.13"))) flag++; if (qpkg_check(package:"x11-apps/xinit", unaffected:make_list("ge 1.2.0-r4"), vulnerable:make_list("lt 1.2.0-r4"))) flag++; if (qpkg_check(package:"net-ftp/lftp", unaffected:make_list("ge 4.0.6"), vulnerable:make_list("lt 4.0.6"))) flag++; if (qpkg_check(package:"net-mail/mlmmj", unaffected:make_list("ge 1.2.17.1"), vulnerable:make_list("lt 1.2.17.1"))) flag++; if (qpkg_check(package:"sys-apps/pmount", unaffected:make_list("ge 0.9.23"), vulnerable:make_list("lt 0.9.23"))) flag++; if (qpkg_check(package:"sys-block/partimage", unaffected:make_list("ge 0.6.8"), vulnerable:make_list("lt 0.6.8"))) flag++; if (qpkg_check(package:"sys-apps/acl", unaffected:make_list("ge 2.2.49"), vulnerable:make_list("lt 2.2.49"))) flag++; if (qpkg_check(package:"app-arch/ncompress", unaffected:make_list("ge 4.2.4.3"), vulnerable:make_list("lt 4.2.4.3"))) flag++; if (qpkg_check(package:"media-gfx/splashutils", unaffected:make_list("ge 1.5.4.3-r3"), vulnerable:make_list("lt 1.5.4.3-r3"))) flag++; if (qpkg_check(package:"www-client/uzbl", unaffected:make_list("ge 2010.08.05"), vulnerable:make_list("lt 2010.08.05"))) flag++; if (qpkg_check(package:"dev-util/insight", unaffected:make_list("ge 6.7.1-r1"), vulnerable:make_list("lt 6.7.1-r1"))) flag++; if (qpkg_check(package:"sys-devel/m4", unaffected:make_list("ge 1.4.14-r1"), vulnerable:make_list("lt 1.4.14-r1"))) flag++; if (qpkg_check(package:"app-antivirus/bitdefender-console", unaffected:make_list(), vulnerable:make_list("le 7.1"))) flag++; if (qpkg_check(package:"app-text/gv", unaffected:make_list("ge 3.7.1"), vulnerable:make_list("lt 3.7.1"))) flag++; if (qpkg_check(package:"media-tv/dvbstreamer", unaffected:make_list("ge 1.1-r1"), vulnerable:make_list("lt 1.1-r1"))) flag++; if (qpkg_check(package:"app-misc/beanstalkd", unaffected:make_list("ge 1.4.6"), vulnerable:make_list("lt 1.4.6"))) flag++; if (qpkg_check(package:"net-misc/iputils", unaffected:make_list("ge 20100418"), vulnerable:make_list("lt 20100418"))) flag++; if (qpkg_check(package:"dev-util/sourcenav", unaffected:make_list("ge 5.1.4"), vulnerable:make_list("lt 5.1.4"))) flag++; if (qpkg_check(package:"x11-libs/gtk+", unaffected:make_list("ge 2.18.7"), vulnerable:make_list("lt 2.18.7"))) flag++; if (qpkg_check(package:"sys-auth/pam_krb5", unaffected:make_list("ge 4.3"), vulnerable:make_list("lt 4.3"))) flag++; if (qpkg_check(package:"dev-lang/tk", unaffected:make_list("ge 8.4.18-r1"), vulnerable:make_list("lt 8.4.18-r1"))) flag++; if (qpkg_check(package:"x11-misc/slim", unaffected:make_list("ge 1.3.2"), vulnerable:make_list("lt 1.3.2"))) flag++; if (qpkg_check(package:"dev-perl/perl-tk", unaffected:make_list("ge 804.028-r2"), vulnerable:make_list("lt 804.028-r2"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "app-arch/gzip / kde-base/kget / dev-libs/liblzw / kde-base/kdm / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_3_LIBPNG12-110802.NASL
description	This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	75603
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/75603
title	openSUSE Security Update : libpng12 (libpng12-4947)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng12-4947. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75603); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng12 (libpng12-4947)"); script_summary(english:"Check for the libpng12-4947 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng12 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"libpng12-0-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng12-compat-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng12-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"libpng12-0-32bit-1.2.46-7.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng12-0"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_LIBPNG-7669.NASL
description	This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	55897
published	2011-08-18
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/55897
title	SuSE 10 Security Update : libpng (ZYPP Patch Number 7669)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55897); script_version ("1.8"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"SuSE 10 Security Update : libpng (ZYPP Patch Number 7669)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-6218.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-5063.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2501.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2690.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2691.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2692.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7669."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/08/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLES10", sp:3, reference:"libpng-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:3, reference:"libpng-devel-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:3, cpu:"x86_64", reference:"libpng-32bit-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:3, cpu:"x86_64", reference:"libpng-devel-32bit-1.2.8-19.31.9")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_3_LIBPNG14-110802.NASL
description	This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	75604
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/75604
title	openSUSE Security Update : libpng14 (libpng14-4949)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng14-4949. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75604); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng14 (libpng14-4949)"); script_summary(english:"Check for the libpng14-4949 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng14 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"libpng14-14-1.4.3-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng14-compat-devel-1.4.3-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng14-devel-1.4.3-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"libpng14-14-32bit-1.4.3-3.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng14-14"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1750.NASL
description	Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2445 The png_handle_tRNS function allows attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. - CVE-2007-5269 Certain chunk handlers allow attackers to cause a denial of service (crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG images, which trigger out-of-bounds read operations. - CVE-2008-1382 libpng allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length
last seen	2020-06-01
modified	2020-06-02
plugin id	35988
published	2009-03-23
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/35988
title	Debian DSA-1750-1 : libpng - several vulnerabilities

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200903-28.NASL
description	The remote host is affected by the vulnerability described in GLSA-200903-28 (libpng: Multiple vulnerabilities) Multiple vulnerabilities were discovered in libpng: A memory leak bug was reported in png_handle_tEXt(), a function that is used while reading PNG images (CVE-2008-6218). A memory overwrite bug was reported by Jon Foster in png_check_keyword(), caused by writing overlong keywords to a PNG file (CVE-2008-5907). A memory corruption issue, caused by an incorrect handling of an out of memory condition has been reported by Tavis Ormandy of the Google Security Team. That vulnerability affects direct uses of png_read_png(), pCAL chunk and 16-bit gamma table handling (CVE-2009-0040). Impact : A remote attacker may execute arbitrary code with the privileges of the user opening a specially crafted PNG file by exploiting the erroneous out-of-memory handling. An attacker may also exploit the png_check_keyword() error to set arbitrary memory locations to 0, if the application allows overlong, user-controlled keywords when writing PNG files. The png_handle_tEXT() vulnerability may be exploited by an attacker to potentially consume all memory on a users system when a specially crafted PNG file is opened. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	35929
published	2009-03-16
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35929
title	GLSA-200903-28 : libpng: Multiple vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_LIBPNG-DEVEL-110802.NASL
description	This update of libpng12-0 fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - unknown (unknown). (CVE-2009-5063: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)) - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	55896
published	2011-08-18
reporter	This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/55896
title	SuSE 11.1 Security Update : libpng (SAT Patch Number 4948)

NASL family	SuSE Local Security Checks
NASL id	SUSE_LIBPNG-7670.NASL
description	This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
last seen	2020-06-01
modified	2020-06-02
plugin id	57218
published	2011-12-13
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/57218
title	SuSE 10 Security Update : libpng (ZYPP Patch Number 7670)

Statements

contributor	Joshua Bressers
lastmodified	2009-06-03
organization	Red Hat
statement	Red Hat does not consider this bug a security flaw. For more details please see the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=468990

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Statements

References