Vulnerabilities > CVE-2009-5063 - Memory Leak vulnerability in Libpng
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_4_LIBPNG12-110802.NASL description This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 75911 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75911 title openSUSE Security Update : libpng12 (libpng12-4947) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng12-4947. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75911); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng12 (libpng12-4947)"); script_summary(english:"Check for the libpng12-4947 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng12 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-compat-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-devel-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-0-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-0-debuginfo-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-compat-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-debugsource-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng12-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-0-32bit-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-0-debuginfo-32bit-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-compat-devel-32bit-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng12-devel-32bit-1.2.46-7.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng12-0"); }
NASL family SuSE Local Security Checks NASL id SUSE9_12815.NASL description This update of libpng fixes : - CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399). (CVE-2008-6218) - CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119). (CVE-2011-2690) - CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119). (CVE-2011-2692) last seen 2020-06-01 modified 2020-06-02 plugin id 55895 published 2011-08-18 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55895 title SuSE9 Security Update : libpng (YOU Patch Number 12815) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55895); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"SuSE9 Security Update : libpng (YOU Patch Number 12815)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of libpng fixes : - CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399). (CVE-2008-6218) - CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119). (CVE-2011-2690) - CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119). (CVE-2011-2692)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-6218.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-5063.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2501.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2690.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2691.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2692.html" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12815."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/08/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"libpng-1.2.5-182.32")) flag++; if (rpm_check(release:"SUSE9", reference:"libpng-devel-1.2.5-182.32")) flag++; if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"libpng-32bit-9-201108021634")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_11_4_LIBPNG14-110802.NASL description This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 75913 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75913 title openSUSE Security Update : libpng14 (libpng14-4949) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng14-4949. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75913); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng14 (libpng14-4949)"); script_summary(english:"Check for the libpng14-4949 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng14 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-compat-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-devel-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-14-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-14-debuginfo-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-compat-devel-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-debugsource-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libpng14-devel-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-14-32bit-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-14-debuginfo-32bit-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-compat-devel-32bit-1.4.4-3.4.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libpng14-devel-32bit-1.4.4-3.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng14-14"); }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201206-15.NASL description The remote host is affected by the vulnerability described in GLSA-201206-15 (libpng: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libpng: The “embedded_profile_len()” function in pngwutil.c does not check for negative values, resulting in a memory leak (CVE-2009-5063). The “png_format_buffer()” function in pngerror.c contains an off-by-one error (CVE-2011-2501). The “png_rgb_to_gray()” function in pngrtran.c contains an integer overflow error (CVE-2011-2690). The “png_err()” function in pngerror.c contains a NULL pointer dereference error (CVE-2011-2691). The “png_handle_sCAL()” function in pngrutil.c improperly handles malformed sCAL chunks(CVE-2011-2692). The “png_decompress_chunk()” function in pngrutil.c contains an integer overflow error (CVE-2011-3026). The “png_inflate()” function in pngrutil.c contains and out of bounds error (CVE-2011-3045). The “png_set_text_2()” function in pngset.c contains an error which could result in memory corruption (CVE-2011-3048). The “png_formatted_warning()” function in pngerror.c contains an off-by-one error (CVE-2011-3464). Impact : An attacker could exploit these vulnerabilities to execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user, or to cause programs linked against the library to crash. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 59668 published 2012-06-25 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59668 title GLSA-201206-15 : libpng: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201206-15. # # The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(59668); script_version("1.13"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3026", "CVE-2011-3045", "CVE-2011-3048", "CVE-2011-3464"); script_bugtraq_id(48474, 48618, 48660, 51823, 52049, 52453, 52830); script_xref(name:"GLSA", value:"201206-15"); script_name(english:"GLSA-201206-15 : libpng: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201206-15 (libpng: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libpng: The “embedded_profile_len()” function in pngwutil.c does not check for negative values, resulting in a memory leak (CVE-2009-5063). The “png_format_buffer()” function in pngerror.c contains an off-by-one error (CVE-2011-2501). The “png_rgb_to_gray()” function in pngrtran.c contains an integer overflow error (CVE-2011-2690). The “png_err()” function in pngerror.c contains a NULL pointer dereference error (CVE-2011-2691). The “png_handle_sCAL()” function in pngrutil.c improperly handles malformed sCAL chunks(CVE-2011-2692). The “png_decompress_chunk()” function in pngrutil.c contains an integer overflow error (CVE-2011-3026). The “png_inflate()” function in pngrutil.c contains and out of bounds error (CVE-2011-3045). The “png_set_text_2()” function in pngset.c contains an error which could result in memory corruption (CVE-2011-3048). The “png_formatted_warning()” function in pngerror.c contains an off-by-one error (CVE-2011-3464). Impact : An attacker could exploit these vulnerabilities to execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user, or to cause programs linked against the library to crash. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201206-15" ); script_set_attribute( attribute:"solution", value: "All libpng 1.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.5.10' All libpng 1.2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.49' Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libpng"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"media-libs/libpng", unaffected:make_list("ge 1.5.10", "ge 1.2.49"), vulnerable:make_list("lt 1.5.10"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_3_LIBPNG12-110802.NASL description This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 75603 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75603 title openSUSE Security Update : libpng12 (libpng12-4947) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng12-4947. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75603); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng12 (libpng12-4947)"); script_summary(english:"Check for the libpng12-4947 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng12 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng12-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"libpng12-0-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng12-compat-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng12-devel-1.2.46-7.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"libpng12-0-32bit-1.2.46-7.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng12-0"); }
NASL family SuSE Local Security Checks NASL id SUSE_LIBPNG-7669.NASL description This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 55897 published 2011-08-18 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55897 title SuSE 10 Security Update : libpng (ZYPP Patch Number 7669) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55897); script_version ("1.8"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"SuSE 10 Security Update : libpng (ZYPP Patch Number 7669)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-6218.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-5063.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2501.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2690.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2691.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2692.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7669."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/08/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLES10", sp:3, reference:"libpng-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:3, reference:"libpng-devel-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:3, cpu:"x86_64", reference:"libpng-32bit-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:3, cpu:"x86_64", reference:"libpng-devel-32bit-1.2.8-19.31.9")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1367-1.NASL description It was discovered that libpng did not properly verify the embedded profile length of iCCP chunks. An attacker could exploit this to cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS. (CVE-2009-5063) Jueri Aedla discovered that libpng did not properly verify the size used when allocating memory during chunk decompression. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. (CVE-2011-3026). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57998 published 2012-02-17 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57998 title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libpng vulnerabilities (USN-1367-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1367-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(57998); script_version("1.9"); script_cvs_date("Date: 2019/09/19 12:54:27"); script_cve_id("CVE-2009-5063", "CVE-2011-3026"); script_bugtraq_id(52049); script_xref(name:"USN", value:"1367-1"); script_name(english:"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libpng vulnerabilities (USN-1367-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "It was discovered that libpng did not properly verify the embedded profile length of iCCP chunks. An attacker could exploit this to cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS. (CVE-2009-5063) Jueri Aedla discovered that libpng did not properly verify the size used when allocating memory during chunk decompression. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. (CVE-2011-3026). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1367-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng12-0 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpng12-0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/31"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(8\.04|10\.04|10\.10|11\.04|11\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 10.04 / 10.10 / 11.04 / 11.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"8.04", pkgname:"libpng12-0", pkgver:"1.2.15~beta5-3ubuntu0.5")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libpng12-0", pkgver:"1.2.42-1ubuntu2.3")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"libpng12-0", pkgver:"1.2.44-1ubuntu0.2")) flag++; if (ubuntu_check(osver:"11.04", pkgname:"libpng12-0", pkgver:"1.2.44-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"11.10", pkgname:"libpng12-0", pkgver:"1.2.46-3ubuntu1.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng12-0"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_3_LIBPNG14-110802.NASL description This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 75604 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75604 title openSUSE Security Update : libpng14 (libpng14-4949) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update libpng14-4949. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75604); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"openSUSE Security Update : libpng14 (libpng14-4949)"); script_summary(english:"Check for the libpng14-4949 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"solution", value:"Update the affected libpng14 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-14-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-compat-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpng14-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"libpng14-14-1.4.3-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng14-compat-devel-1.4.3-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"libpng14-devel-1.4.3-3.3.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"libpng14-14-32bit-1.4.3-3.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng14-14"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_LIBPNG-DEVEL-110802.NASL description This update of libpng12-0 fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - unknown (unknown). (CVE-2009-5063: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)) - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 55896 published 2011-08-18 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55896 title SuSE 11.1 Security Update : libpng (SAT Patch Number 4948) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55896); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"SuSE 11.1 Security Update : libpng (SAT Patch Number 4948)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update of libpng12-0 fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - unknown (unknown). (CVE-2009-5063: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)) - CVE-2011-2501: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P): Design Error (CWE-DesignError) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2691: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Other (CWE-Other) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=475533" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=680146" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=702578" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706388" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=706389" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-6218.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-5063.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2501.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2690.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2691.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2692.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4948."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpng-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpng12-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpng12-0-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/08/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"libpng-devel-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"libpng12-0-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libpng-devel-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libpng12-0-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libpng12-0-32bit-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"libpng12-0-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"s390x", reference:"libpng12-0-32bit-1.2.31-5.25.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"libpng12-0-32bit-1.2.31-5.25.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_LIBPNG-7670.NASL description This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119) last seen 2020-06-01 modified 2020-06-02 plugin id 57218 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57218 title SuSE 10 Security Update : libpng (ZYPP Patch Number 7670) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(57218); script_version ("1.6"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2008-6218", "CVE-2009-5063", "CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692"); script_name(english:"SuSE 10 Security Update : libpng (ZYPP Patch Number 7670)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C): Resource Management Errors (CWE-399) - CVE-2011-2690: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-2692: CVSS v2 Base Score: 5.0 (AV:N/AC:M/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-6218.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-5063.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2501.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2690.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2691.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2692.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7670."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"libpng-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"libpng-devel-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"libpng-32bit-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"libpng-devel-32bit-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"libpng-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"libpng-devel-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"libpng-32bit-1.2.8-19.31.9")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"libpng-devel-32bit-1.2.8-19.31.9")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
References
- http://www.openwall.com/lists/oss-security/2011/03/22/7
- http://www.openwall.com/lists/oss-security/2011/03/28/6
- http://secunia.com/advisories/49660
- http://security.gentoo.org/glsa/glsa-201206-15.xml
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18