Vulnerabilities > CVE-2009-1932 - Numeric Errors vulnerability in Gstreamer Good Plug-Ins 0.10.15
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_GSTREAMER-0_10-PLUGINS-GOOD-090609.NASL description Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932). last seen 2020-06-01 modified 2020-06-02 plugin id 39978 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39978 title openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989) code if ( !defined_func("nasl_level") || nasl_level() < 61201 || (nasl_level() >= 70000 && nasl_level() < 70105) || (nasl_level() >= 70200 && nasl_level() < 70203) || (nasl_level() >= 80000 && nasl_level() < 80502) ) exit(0); # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gstreamer-0_10-plugins-good-989. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(39978); script_version("1.10"); script_cvs_date("Date: 2019/10/24 13:56:46"); script_cve_id("CVE-2009-1932"); script_name(english:"openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)"); script_summary(english:"Check for the gstreamer-0_10-plugins-good-989 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=510292" ); script_set_attribute( attribute:"solution", value:"Update the affected gstreamer-0_10-plugins-good packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good-lang"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"gstreamer-0_10-plugins-good-0.10.7-38.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"gstreamer-0_10-plugins-good-extra-0.10.7-38.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"gstreamer-0_10-plugins-good-lang-0.10.7-38.4") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer-0_10-plugins-good / gstreamer-0_10-plugins-good-extra / etc"); }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1123.NASL description Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 43761 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43761 title CentOS 5 : gstreamer-plugins-good (CESA-2009:1123) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1123 and # CentOS Errata and Security Advisory 2009:1123 respectively. # include("compat.inc"); if (description) { script_id(43761); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:04"); script_cve_id("CVE-2009-1932"); script_xref(name:"RHSA", value:"2009:1123"); script_name(english:"CentOS 5 : gstreamer-plugins-good (CESA-2009:1123)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect." ); # https://lists.centos.org/pipermail/centos-announce/2009-June/016005.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9aaacfb9" ); # https://lists.centos.org/pipermail/centos-announce/2009-June/016006.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?089dbb72" ); script_set_attribute( attribute:"solution", value:"Update the affected gstreamer-plugins-good packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gstreamer-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gstreamer-plugins-good-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/06/04"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"gstreamer-plugins-good-0.10.9-1.el5_3.2")) flag++; if (rpm_check(release:"CentOS-5", reference:"gstreamer-plugins-good-devel-0.10.9-1.el5_3.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer-plugins-good / gstreamer-plugins-good-devel"); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-789-1.NASL description Tielei Wang discovered that GStreamer Good Plugins did not correctly handle malformed PNG image files. If a user were tricked into opening a crafted PNG image file with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 39491 published 2009-06-23 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39491 title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : gst-plugins-good0.10 vulnerability (USN-789-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-789-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(39491); script_version("1.13"); script_cvs_date("Date: 2019/08/02 13:33:02"); script_cve_id("CVE-2009-1932"); script_xref(name:"USN", value:"789-1"); script_name(english:"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : gst-plugins-good0.10 vulnerability (USN-789-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Tielei Wang discovered that GStreamer Good Plugins did not correctly handle malformed PNG image files. If a user were tricked into opening a crafted PNG image file with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/789-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gstreamer0.10-esd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gstreamer0.10-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gstreamer0.10-plugins-good-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gstreamer0.10-plugins-good-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gstreamer0.10-pulseaudio"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/06/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(6\.06|8\.04|8\.10|9\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 8.04 / 8.10 / 9.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"6.06", pkgname:"gstreamer0.10-esd", pkgver:"0.10.3-0ubuntu4.2")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"gstreamer0.10-plugins-good", pkgver:"0.10.3-0ubuntu4.2")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"gstreamer0.10-plugins-good-dbg", pkgver:"0.10.3-0ubuntu4.2")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"gstreamer0.10-plugins-good-doc", pkgver:"0.10.3-0ubuntu4.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"gstreamer0.10-esd", pkgver:"0.10.7-3ubuntu0.3")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"gstreamer0.10-plugins-good", pkgver:"0.10.7-3ubuntu0.3")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"gstreamer0.10-plugins-good-dbg", pkgver:"0.10.7-3ubuntu0.3")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"gstreamer0.10-plugins-good-doc", pkgver:"0.10.7-3ubuntu0.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"gstreamer0.10-esd", pkgver:"0.10.10.4-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"gstreamer0.10-plugins-good", pkgver:"0.10.10.4-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"gstreamer0.10-plugins-good-dbg", pkgver:"0.10.10.4-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"gstreamer0.10-plugins-good-doc", pkgver:"0.10.10.4-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"gstreamer0.10-pulseaudio", pkgver:"0.10.10.4-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"gstreamer0.10-esd", pkgver:"0.10.14-1ubuntu0.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"gstreamer0.10-plugins-good", pkgver:"0.10.14-1ubuntu0.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"gstreamer0.10-plugins-good-dbg", pkgver:"0.10.14-1ubuntu0.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"gstreamer0.10-plugins-good-doc", pkgver:"0.10.14-1ubuntu0.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"gstreamer0.10-pulseaudio", pkgver:"0.10.14-1ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer0.10-esd / gstreamer0.10-plugins-good / etc"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_1_GSTREAMER-0_10-PLUGINS-GOOD-090609.NASL description Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932). last seen 2020-06-01 modified 2020-06-02 plugin id 40228 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40228 title openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989) code if ( !defined_func("nasl_level") || nasl_level() < 61201 || (nasl_level() >= 70000 && nasl_level() < 70105) || (nasl_level() >= 70200 && nasl_level() < 70203) || (nasl_level() >= 80000 && nasl_level() < 80502) ) exit(0); # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gstreamer-0_10-plugins-good-989. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(40228); script_version("1.10"); script_cvs_date("Date: 2019/10/24 13:56:47"); script_cve_id("CVE-2009-1932"); script_name(english:"openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)"); script_summary(english:"Check for the gstreamer-0_10-plugins-good-989 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=510292" ); script_set_attribute( attribute:"solution", value:"Update the affected gstreamer-0_10-plugins-good packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good-lang"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"gstreamer-0_10-plugins-good-0.10.10-3.22.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"gstreamer-0_10-plugins-good-extra-0.10.10-3.22.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"gstreamer-0_10-plugins-good-lang-0.10.10-3.22.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer-0_10-plugins-good / gstreamer-0_10-plugins-good-extra / etc"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-130.NASL description Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow (CVE-2009-1932). Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 39322 published 2009-06-08 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39322 title Mandriva Linux Security Advisory : gstreamer0.10-plugins-good (MDVSA-2009:130-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2009:130. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(39322); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:51"); script_cve_id("CVE-2009-1932"); script_xref(name:"MDVSA", value:"2009:130-1"); script_name(english:"Mandriva Linux Security Advisory : gstreamer0.10-plugins-good (MDVSA-2009:130-1)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow (CVE-2009-1932). Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-aalib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-caca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-dv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-esound"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-flac"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-raw1394"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-speex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gstreamer0.10-wavpack"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/06/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-aalib-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-caca-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-dv-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-esound-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-flac-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-plugins-good-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-raw1394-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-speex-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gstreamer0.10-wavpack-0.10.6-3.3mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_GSTREAMER010-PLUGINS-GOOD-6293.NASL description Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer. (CVE-2009-1932) last seen 2020-06-01 modified 2020-06-02 plugin id 41518 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41518 title SuSE 10 Security Update : gstreamer (ZYPP Patch Number 6293) code if ( !defined_func("nasl_level") || nasl_level() < 61201 || (nasl_level() >= 70000 && nasl_level() < 70105) || (nasl_level() >= 70200 && nasl_level() < 70203) || (nasl_level() >= 80000 && nasl_level() < 80502) ) exit(0); # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41518); script_version ("1.9"); script_cvs_date("Date: 2019/10/24 13:56:49"); script_cve_id("CVE-2009-1932"); script_name(english:"SuSE 10 Security Update : gstreamer (ZYPP Patch Number 6293)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer. (CVE-2009-1932)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1932.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6293."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"gstreamer010-plugins-good-0.10.2-16.23")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"gstreamer010-plugins-good-doc-0.10.2-16.23")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"gstreamer010-plugins-good-extra-0.10.2-16.23")) flag++; if (rpm_check(release:"SLES10", sp:2, reference:"gstreamer010-plugins-good-0.10.2-16.23")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Scientific Linux Local Security Checks NASL id SL_20090625_GSTREAMER_PLUGINS_GOOD_ON_SL5_X.NASL description Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 60602 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60602 title Scientific Linux Security Update : gstreamer-plugins-good on SL5.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60602); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:18"); script_cve_id("CVE-2009-1932"); script_name(english:"Scientific Linux Security Update : gstreamer-plugins-good on SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0906&L=scientific-linux-errata&T=0&P=2327 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?86833644" ); script_set_attribute( attribute:"solution", value: "Update the affected gstreamer-plugins-good and / or gstreamer-plugins-good-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"gstreamer-plugins-good-0.10.9-1.el5_3.2")) flag++; if (rpm_check(release:"SL5", reference:"gstreamer-plugins-good-devel-0.10.9-1.el5_3.2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-1123.NASL description From Red Hat Security Advisory 2009:1123 : Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 67879 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67879 title Oracle Linux 5 : gstreamer-plugins-good (ELSA-2009-1123) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1123 and # Oracle Linux Security Advisory ELSA-2009-1123 respectively. # include("compat.inc"); if (description) { script_id(67879); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:08"); script_cve_id("CVE-2009-1932"); script_xref(name:"RHSA", value:"2009:1123"); script_name(english:"Oracle Linux 5 : gstreamer-plugins-good (ELSA-2009-1123)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2009:1123 : Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2009-June/001054.html" ); script_set_attribute( attribute:"solution", value:"Update the affected gstreamer-plugins-good packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gstreamer-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:gstreamer-plugins-good-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/06/04"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL5", reference:"gstreamer-plugins-good-0.10.9-1.el5_3.2")) flag++; if (rpm_check(release:"EL5", reference:"gstreamer-plugins-good-devel-0.10.9-1.el5_3.2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer-plugins-good / gstreamer-plugins-good-devel"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1839.NASL description It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the last seen 2020-06-01 modified 2020-06-02 plugin id 44704 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44704 title Debian DSA-1839-1 : gst-plugins-good0.10 - integer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1839. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(44704); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:22"); script_cve_id("CVE-2009-1932"); script_xref(name:"DSA", value:"1839"); script_name(english:"Debian DSA-1839-1 : gst-plugins-good0.10 - integer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the 'good' set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531631" ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532352" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2009/dsa-1839" ); script_set_attribute( attribute:"solution", value: "Upgrade the gst-plugins-good0.10 packages. For the stable distribution (lenny), this problem has been fixed in version 0.10.8-4.1~lenny2. For the oldstable distribution (etch), this problem has been fixed in version 0.10.4-4+etch1. Packages for the s390 and hppa architectures will be released once they are available." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gst-plugins-good0.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/07/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"4.0", prefix:"gstreamer0.10-esd", reference:"0.10.4-4+etch1")) flag++; if (deb_check(release:"4.0", prefix:"gstreamer0.10-plugins-good", reference:"0.10.4-4+etch1")) flag++; if (deb_check(release:"4.0", prefix:"gstreamer0.10-plugins-good-dbg", reference:"0.10.4-4+etch1")) flag++; if (deb_check(release:"4.0", prefix:"gstreamer0.10-plugins-good-doc", reference:"0.10.4-4+etch1")) flag++; if (deb_check(release:"5.0", prefix:"gstreamer0.10-esd", reference:"0.10.8-4.1~lenny2")) flag++; if (deb_check(release:"5.0", prefix:"gstreamer0.10-plugins-good", reference:"0.10.8-4.1~lenny2")) flag++; if (deb_check(release:"5.0", prefix:"gstreamer0.10-plugins-good-dbg", reference:"0.10.8-4.1~lenny2")) flag++; if (deb_check(release:"5.0", prefix:"gstreamer0.10-plugins-good-doc", reference:"0.10.8-4.1~lenny2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_GSTREAMER010-PLUGINS-GOOD-6295.NASL description Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932). last seen 2020-06-01 modified 2020-06-02 plugin id 42004 published 2009-10-06 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42004 title openSUSE 10 Security Update : gstreamer010-plugins-good (gstreamer010-plugins-good-6295) code if ( !defined_func("nasl_level") || nasl_level() < 61201 || (nasl_level() >= 70000 && nasl_level() < 70105) || (nasl_level() >= 70200 && nasl_level() < 70203) || (nasl_level() >= 80000 && nasl_level() < 80502) ) exit(0); # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gstreamer010-plugins-good-6295. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(42004); script_version ("1.6"); script_cvs_date("Date: 2019/10/24 13:56:49"); script_cve_id("CVE-2009-1932"); script_name(english:"openSUSE 10 Security Update : gstreamer010-plugins-good (gstreamer010-plugins-good-6295)"); script_summary(english:"Check for the gstreamer010-plugins-good-6295 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932)." ); script_set_attribute( attribute:"solution", value:"Update the affected gstreamer010-plugins-good packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer010-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer010-plugins-good-extra"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.3", reference:"gstreamer010-plugins-good-0.10.6-41.6") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"gstreamer010-plugins-good-extra-0.10.6-41.6") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer010-plugins-good / gstreamer010-plugins-good-extra"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_2_GSTREAMER-0_10-PLUGINS-GOOD-091218.NASL description Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932). last seen 2020-06-01 modified 2020-06-02 plugin id 43813 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43813 title openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-1717) code if ( !defined_func("nasl_level") || nasl_level() < 61201 || (nasl_level() >= 70000 && nasl_level() < 70105) || (nasl_level() >= 70200 && nasl_level() < 70203) || (nasl_level() >= 80000 && nasl_level() < 80502) ) exit(0); # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gstreamer-0_10-plugins-good-1717. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(43813); script_version("1.7"); script_cvs_date("Date: 2019/10/24 13:56:47"); script_cve_id("CVE-2009-1932"); script_name(english:"openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-1717)"); script_summary(english:"Check for the gstreamer-0_10-plugins-good-1717 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer (CVE-2009-1932)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=510292" ); script_set_attribute( attribute:"solution", value:"Update the affected gstreamer-0_10-plugins-good packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gstreamer-0_10-plugins-good-lang"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.2", reference:"gstreamer-0_10-plugins-good-0.10.15-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"gstreamer-0_10-plugins-good-extra-0.10.15-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"gstreamer-0_10-plugins-good-lang-0.10.15-3.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gstreamer-0_10-plugins-good / gstreamer-0_10-plugins-good-extra / etc"); }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200907-11.NASL description The remote host is affected by the vulnerability described in GLSA-200907-11 (GStreamer plug-ins: User-assisted execution of arbitrary code) Multiple vulnerabilities have been reported in several GStreamer plug-ins: Tobias Klein reported two heap-based buffer overflows and an array index error in the qtdemux_parse_samples() function in gst-plugins-good when processing a QuickTime media .mov file (CVE-2009-0386, CVE-2009-0387, CVE-2009-0397). Thomas Hoger of the Red Hat Security Response Team reported an integer overflow that can lead to a heap-based buffer overflow in the gst_vorbis_tag_add_coverart() function in gst-plugins-base when processing COVERART tags (CVE-2009-0586). Tielei Wang of ICST-ERCIS, Peking University reported multiple integer overflows leading to buffer overflows in gst-plugins-libpng when processing a PNG file (CVE-2009-1932). Impact : A remote attacker could entice a user or automated system using a GStreamer plug-in to process a specially crafted file, resulting in the execution of arbitrary code or a Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 39782 published 2009-07-13 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39782 title GLSA-200907-11 : GStreamer plug-ins: User-assisted execution of arbitrary code NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1123.NASL description Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 39526 published 2009-06-26 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39526 title RHEL 5 : gstreamer-plugins-good (RHSA-2009:1123) NASL family SuSE Local Security Checks NASL id SUSE_11_GSTREAMER-0_10-PLUGINS-GOOD-090609.NASL description Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer. (CVE-2009-1932) last seen 2020-06-01 modified 2020-06-02 plugin id 41401 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41401 title SuSE 11 Security Update : gstreamer (SAT Patch Number 984)
Oval
accepted | 2013-04-29T04:08:53.875-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
definition_extensions |
| ||||||||||||
description | Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | ||||||||||||
family | unix | ||||||||||||
id | oval:org.mitre.oval:def:10798 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
title | Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | ||||||||||||
version | 18 |
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc
- http://osvdb.org/54827
- http://secunia.com/advisories/35205
- http://secunia.com/advisories/35583
- http://secunia.com/advisories/35777
- http://secunia.com/advisories/35897
- http://security.gentoo.org/glsa/glsa-200907-11.xml
- http://www.debian.org/security/2009/dsa-1839
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:130
- http://www.redhat.com/support/errata/RHSA-2009-1123.html
- http://www.securityfocus.com/bid/35172
- http://www.vupen.com/english/advisories/2009/1506
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798