Vulnerabilities > CVE-2014-9496

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.

Nessus

  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2037.NASL
    descriptionAccording to the version of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.(CVE-2014-9496) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-09-24
    plugin id129230
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129230
    titleEulerOS 2.0 SP3 : libsndfile (EulerOS-SA-2019-2037)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129230);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07");
    
      script_cve_id(
        "CVE-2014-9496"
      );
      script_bugtraq_id(
        71796
      );
    
      script_name(english:"EulerOS 2.0 SP3 : libsndfile (EulerOS-SA-2019-2037)");
      script_summary(english:"Checks the rpm output for the updated package.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "According to the version of the libsndfile package installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerability :
    
      - The sd2_parse_rsrc_fork function in sd2.c in libsndfile
        allows attackers to have unspecified impact via vectors
        related to a (1) map offset or (2) rsrc marker, which
        triggers an out-of-bounds read.(CVE-2014-9496)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2037
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4735b15d");
      script_set_attribute(attribute:"solution", value:
    "Update the affected libsndfile package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/24");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libsndfile");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["libsndfile-1.0.25-10.h5"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-18.NASL
    descriptionChanges in libsndfile: two buffer read overflows in sd2_parse_rsrc_fork() (CVE-2014-9496, bnc#911796): backported upstream fix patches
    last seen2020-06-05
    modified2015-01-15
    plugin id80543
    published2015-01-15
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80543
    titleopenSUSE Security Update : libsndfile (openSUSE-SU-2015:0041-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2015-18.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(80543);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2014-9496");
    
      script_name(english:"openSUSE Security Update : libsndfile (openSUSE-SU-2015:0041-1)");
      script_summary(english:"Check for the openSUSE-2015-18 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Changes in libsndfile: two buffer read overflows in
    sd2_parse_rsrc_fork() (CVE-2014-9496, bnc#911796): backported upstream
    fix patches"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=911796"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2015-01/msg00016.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libsndfile packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/01/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-debugsource-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-devel-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-progs-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-progs-debuginfo-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-progs-debugsource-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile1-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile1-debuginfo-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsndfile1-32bit-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsndfile1-debuginfo-32bit-1.0.25-17.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-debugsource-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-devel-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-progs-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-progs-debuginfo-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-progs-debugsource-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile1-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile1-debuginfo-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsndfile1-32bit-1.0.25-19.4.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsndfile1-debuginfo-32bit-1.0.25-19.4.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile-progs / libsndfile-progs-debuginfo / etc");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-149.NASL
    descriptionUpdated libsndfile packages fix security vulnerabilities : libsndfile contains multiple buffer-overflow vulnerabilities in src/sd2.c because it fails to properly bounds-check user-supplied input, which may allow an attacker to execute arbitrary code or cause a denial of service (CVE-2014-9496). libsndfile contains a divide-by-zero error in src/file_io.c which may allow an attacker to cause a denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id82402
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82402
    titleMandriva Linux Security Advisory : libsndfile (MDVSA-2015:149)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2015:149. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82402);
      script_version("1.3");
      script_cvs_date("Date: 2019/08/02 13:32:56");
    
      script_cve_id("CVE-2014-9496");
      script_xref(name:"MDVSA", value:"2015:149");
    
      script_name(english:"Mandriva Linux Security Advisory : libsndfile (MDVSA-2015:149)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated libsndfile packages fix security vulnerabilities :
    
    libsndfile contains multiple buffer-overflow vulnerabilities in
    src/sd2.c because it fails to properly bounds-check user-supplied
    input, which may allow an attacker to execute arbitrary code or cause
    a denial of service (CVE-2014-9496).
    
    libsndfile contains a divide-by-zero error in src/file_io.c which may
    allow an attacker to cause a denial of service."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2015-0015.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sndfile-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sndfile-static-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsndfile-progs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64sndfile-devel-1.0.25-4.1.mbs2")) flag++;
    if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64sndfile-static-devel-1.0.25-4.1.mbs2")) flag++;
    if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64sndfile1-1.0.25-4.1.mbs2")) flag++;
    if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"libsndfile-progs-1.0.25-4.1.mbs2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBSNDFILE-150123.NASL
    descriptionThis update for libsndfile fixes two buffer read overflows in sd2_parse_rsrc_fork(). (CVE-2014-9496, bsc#911796)
    last seen2020-06-01
    modified2020-06-02
    plugin id81078
    published2015-01-29
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81078
    titleSuSE 11.3 Security Update : libsndfile (SAT Patch Number 10221)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(81078);
      script_version("$Revision: 1.1 $");
      script_cvs_date("$Date: 2015/01/29 15:48:27 $");
    
      script_cve_id("CVE-2014-9496");
    
      script_name(english:"SuSE 11.3 Security Update : libsndfile (SAT Patch Number 10221)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for libsndfile fixes two buffer read overflows in
    sd2_parse_rsrc_fork(). (CVE-2014-9496, bsc#911796)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=911796"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2014-9496.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 10221.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libsndfile");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libsndfile-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/01/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/29");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libsndfile-1.0.20-2.6.5")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libsndfile-1.0.20-2.6.5")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libsndfile-32bit-1.0.20-2.6.5")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"libsndfile-1.0.20-2.6.5")) flag++;
    if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"libsndfile-32bit-1.0.20-2.6.5")) flag++;
    if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libsndfile-32bit-1.0.20-2.6.5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-356.NASL
    descriptionCVE-2014-9496 The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. CVE-2014-9756 The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. CVE-2015-7805 Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-12-01
    plugin id87111
    published2015-12-01
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87111
    titleDebian DLA-356-1 : libsndfile security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-356-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87111);
      script_version("2.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2014-9496", "CVE-2014-9756", "CVE-2015-7805");
      script_bugtraq_id(71796);
    
      script_name(english:"Debian DLA-356-1 : libsndfile security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "CVE-2014-9496
    
    The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows
    attackers to have unspecified impact via vectors related to a (1) map
    offset or (2) rsrc marker, which triggers an out-of-bounds read.
    
    CVE-2014-9756
    
    The psf_fwrite function in file_io.c in libsndfile allows attackers to
    cause a denial of service (divide-by-zero error and application crash)
    via unspecified vectors related to the headindex variable.
    
    CVE-2015-7805
    
    Heap-based buffer overflow in libsndfile 1.0.25 allows remote
    attackers to have unspecified impact via the headindex value in the
    header in an AIFF file.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2015/11/msg00017.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze-lts/libsndfile"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:sndfile-programs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/11/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"libsndfile1", reference:"1.0.21-3+squeeze2")) flag++;
    if (deb_check(release:"6.0", prefix:"libsndfile1-dev", reference:"1.0.21-3+squeeze2")) flag++;
    if (deb_check(release:"6.0", prefix:"sndfile-programs", reference:"1.0.21-3+squeeze2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-928.NASL
    descriptionMultiple vulnerabilities were found in libsndfile, a popular library for reading/writing audio files. CVE-2017-7585 In libsndfile before 1.0.28, an error in the
    last seen2020-03-17
    modified2017-05-01
    plugin id99739
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/99739
    titleDebian DLA-928-1 : libsndfile security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-928-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99739);
      script_version("3.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-7805", "CVE-2017-7585", "CVE-2017-7586", "CVE-2017-7741", "CVE-2017-7742");
    
      script_name(english:"Debian DLA-928-1 : libsndfile security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities were found in libsndfile, a popular library
    for reading/writing audio files.
    
    CVE-2017-7585
    
    In libsndfile before 1.0.28, an error in the 'flac_buffer_copy()'
    function (flac.c) can be exploited to cause a stack-based buffer
    overflow via a specially crafted FLAC file.
    
    CVE-2017-7586
    
    In libsndfile before 1.0.28, an error in the 'header_read()' function
    (common.c) when handling ID3 tags can be exploited to cause a
    stack-based buffer overflow via a specially crafted FLAC file.
    CVE-2017-7741
    
    In libsndfile before 1.0.28, an error in the
    'flac_buffer_copy()' function (flac.c) can be exploited to
    cause a segmentation violation (with write memory access)
    via a specially crafted FLAC file during a resample attempt,
    a similar issue to CVE-2017-7585. CVE-2017-7742
    
    In libsndfile before 1.0.28, an error in the
    'flac_buffer_copy()' function (flac.c) can be exploited to
    cause a segmentation violation (with read memory access) via
    a specially crafted FLAC file during a resample attempt, a
    similar issue to CVE-2017-7585. CVE-2014-9496
    
    The sd2_parse_rsrc_fork function in sd2.c in libsndfile
    allows attackers to have unspecified impact via vectors
    related to a (1) map offset or (2) rsrc marker, which
    triggers an out-of-bounds read.
    
    CVE-2014-9756
    
    The psf_fwrite function in file_io.c in libsndfile allows attackers to
    cause a denial of service (divide-by-zero error and application crash)
    via unspecified vectors related to the headindex variable.
    CVE-2015-7805
    
    Heap-based buffer overflow in libsndfile 1.0.25 allows
    remote attackers to have unspecified impact via the
    headindex value in the header in an AIFF file.
    
    For Debian 7 'Wheezy', these problems have been fixed in version
    1.0.25-9.1+deb7u1.
    
    We recommend that you upgrade your libsndfile packages.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2017/04/msg00047.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/wheezy/libsndfile"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:sndfile-programs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/04/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"7.0", prefix:"libsndfile1", reference:"1.0.25-9.1+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libsndfile1-dev", reference:"1.0.25-9.1+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"sndfile-programs", reference:"1.0.25-9.1+deb7u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2513.NASL
    descriptionAccording to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libsndfile before 1.0.28, an error in the
    last seen2020-05-08
    modified2019-12-04
    plugin id131666
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131666
    titleEulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2019-2513)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(131666);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07");
    
      script_cve_id(
        "CVE-2014-9496",
        "CVE-2014-9756",
        "CVE-2017-12562",
        "CVE-2017-14634",
        "CVE-2017-16942",
        "CVE-2017-6892",
        "CVE-2017-7586",
        "CVE-2017-7741",
        "CVE-2017-7742",
        "CVE-2017-8361",
        "CVE-2017-8362",
        "CVE-2017-8363",
        "CVE-2017-8365"
      );
      script_bugtraq_id(
        71796
      );
    
      script_name(english:"EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2019-2513)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the libsndfile package installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerabilities :
    
      - In libsndfile before 1.0.28, an error in the
        'header_read()' function (common.c) when handling ID3
        tags can be exploited to cause a stack-based buffer
        overflow via a specially crafted FLAC
        file.(CVE-2017-7586)
    
      - Heap-based Buffer Overflow in the psf_binheader_writef
        function in common.c in libsndfile through 1.0.28
        allows remote attackers to cause a denial of service
        (application crash) or possibly have unspecified other
        impact.(CVE-2017-12562)
    
      - In libsndfile 1.0.25 (fixed in 1.0.26), a
        divide-by-zero error exists in the function
        wav_w64_read_fmt_chunk() in wav_w64.c, which may lead
        to DoS when playing a crafted audio
        file.(CVE-2017-16942)
    
      - In libsndfile 1.0.28, a divide-by-zero error exists in
        the function double64_init() in double64.c, which may
        lead to DoS when playing a crafted audio
        file.(CVE-2017-14634)
    
      - The psf_fwrite function in file_io.c in libsndfile
        allows attackers to cause a denial of service
        (divide-by-zero error and application crash) via
        unspecified vectors related to the headindex
        variable.(CVE-2014-9756)
    
      - In libsndfile before 1.0.28, an error in the
        'flac_buffer_copy()' function (flac.c) can be exploited
        to cause a segmentation violation (with write memory
        access) via a specially crafted FLAC file during a
        resample attempt, a similar issue to
        CVE-2017-7585.(CVE-2017-7741)
    
      - In libsndfile before 1.0.28, an error in the
        'flac_buffer_copy()' function (flac.c) can be exploited
        to cause a segmentation violation (with read memory
        access) via a specially crafted FLAC file during a
        resample attempt, a similar issue to
        CVE-2017-7585.(CVE-2017-7742)
    
      - In libsndfile version 1.0.28, an error in the
        'aiff_read_chanmap()' function (aiff.c) can be
        exploited to cause an out-of-bounds read memory access
        via a specially crafted AIFF file.(CVE-2017-6892)
    
      - The flac_buffer_copy function in flac.c in libsndfile
        1.0.28 allows remote attackers to cause a denial of
        service (buffer overflow and application crash) or
        possibly have unspecified other impact via a crafted
        audio file.(CVE-2017-8361)
    
      - The flac_buffer_copy function in flac.c in libsndfile
        1.0.28 allows remote attackers to cause a denial of
        service (invalid read and application crash) via a
        crafted audio file.(CVE-2017-8362)
    
      - The flac_buffer_copy function in flac.c in libsndfile
        1.0.28 allows remote attackers to cause a denial of
        service (heap-based buffer over-read and application
        crash) via a crafted audio file.(CVE-2017-8363)
    
      - The i2les_array function in pcm.c in libsndfile 1.0.28
        allows remote attackers to cause a denial of service
        (buffer over-read and application crash) via a crafted
        audio file.(CVE-2017-8365)
    
      - The sd2_parse_rsrc_fork function in sd2.c in libsndfile
        allows attackers to have unspecified impact via vectors
        related to a (1) map offset or (2) rsrc marker, which
        triggers an out-of-bounds read.(CVE-2014-9496)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2513
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b80e01d6");
      script_set_attribute(attribute:"solution", value:
    "Update the affected libsndfile packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/04");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libsndfile");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["libsndfile-1.0.25-10.h11"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4430.NASL
    descriptionMathy Vanhoef (NYUAD) and Eyal Ronen (Tel Aviv University & KU Leuven) found multiple vulnerabilities in the WPA implementation found in wpa_supplication (station) and hostapd (access point). These vulnerability are also collectively known as
    last seen2020-06-01
    modified2020-06-02
    plugin id124038
    published2019-04-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124038
    titleDebian DSA-4430-1 : wpa - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4430. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(124038);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/23");
    
      script_cve_id("CVE-2019-9495", "CVE-2019-9497", "CVE-2019-9498", "CVE-2019-9499");
      script_xref(name:"DSA", value:"4430");
    
      script_name(english:"Debian DSA-4430-1 : wpa - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mathy Vanhoef (NYUAD) and Eyal Ronen (Tel Aviv University & KU Leuven)
    found multiple vulnerabilities in the WPA implementation found in
    wpa_supplication (station) and hostapd (access point). These
    vulnerability are also collectively known as 'Dragonblood'.
    
      - CVE-2019-9495
        Cache-based side-channel attack against the EAP-pwd
        implementation: an attacker able to run unprivileged
        code on the target machine (including for example
        JavaScript code in a browser on a smartphone) during the
        handshake could deduce enough information to discover
        the password in a dictionary attack.
    
      - CVE-2019-9497
        Reflection attack against EAP-pwd server implementation:
        a lack of validation of received scalar and elements
        value in the EAP-pwd-Commit messages could result in
        attacks that would be able to complete EAP-pwd
        authentication exchange without the attacker having to
        know the password. This does not result in the attacker
        being able to derive the session key, complete the
        following key exchange and access the network.
    
      - CVE-2019-9498
        EAP-pwd server missing commit validation for
        scalar/element: hostapd doesn't validate values received
        in the EAP-pwd-Commit message, so an attacker could use
        a specially crafted commit message to manipulate the
        exchange in order for hostapd to derive a session key
        from a limited set of possible values. This could result
        in an attacker being able to complete authentication and
        gain access to the network.
    
      - CVE-2019-9499
        EAP-pwd peer missing commit validation for
        scalar/element: wpa_supplicant doesn't validate values
        received in the EAP-pwd-Commit message, so an attacker
        could use a specially crafted commit message to
        manipulate the exchange in order for wpa_supplicant to
        derive a session key from a limited set of possible
        values. This could result in an attacker being able to
        complete authentication and operate as a rogue AP.
    
    Note that the Dragonblood moniker also applies to CVE-2019-9494 and
    CVE-2014-9496 which are vulnerabilities in the SAE protocol in WPA3.
    SAE is not enabled in Debian stretch builds of wpa, which is thus not
    vulnerable by default.
    
    Due to the complexity of the backporting process, the fix for these
    vulnerabilities are partial. Users are advised to use strong passwords
    to prevent dictionary attacks or use a 2.7-based version from
    stretch-backports (version above 2:2.7+git20190128+0c1e29f-4)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926801"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-9495"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-9497"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-9498"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-9499"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-9494"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2014-9496"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/wpa"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/wpa"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2019/dsa-4430"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the wpa packages.
    
    For the stable distribution (stretch), these problems have been fixed
    in version 2:2.4-1+deb9u3."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wpa");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/04/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"9.0", prefix:"hostapd", reference:"2:2.4-1+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"wpagui", reference:"2:2.4-1+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"wpasupplicant", reference:"2:2.4-1+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"wpasupplicant-udeb", reference:"2:2.4-1+deb9u3")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201612-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201612-03 (libsndfile: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file, possibly resulting in the execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id95518
    published2016-12-05
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95518
    titleGLSA-201612-03 : libsndfile: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201612-03.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95518);
      script_version("3.2");
      script_cvs_date("Date: 2019/04/11 17:23:06");
    
      script_cve_id("CVE-2014-9496", "CVE-2015-7805");
      script_xref(name:"GLSA", value:"201612-03");
    
      script_name(english:"GLSA-201612-03 : libsndfile: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201612-03
    (libsndfile: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in libsndfile. Please
          review the CVE identifiers referenced below for details.
      
    Impact :
    
        A remote attacker could entice a user to open a specially crafted file,
          possibly resulting in the execution of arbitrary code with the privileges
          of the process, or cause a Denial of Service condition.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201612-03"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All libsndfile users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=media-libs/libsndfile-1.0.26'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libsndfile");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/12/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/05");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"media-libs/libsndfile", unaffected:make_list("ge 1.0.26"), vulnerable:make_list("lt 1.0.26"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2832-1.NASL
    descriptionIt was discovered that libsndfile incorrectly handled memory when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-9496) Joshua Rogers discovered that libsndfile incorrectly handled division when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. (CVE-2014-9756) Marco Romano discovered that libsndfile incorrectly handled certain malformed AIFF files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7805). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87239
    published2015-12-08
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87239
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libsndfile vulnerabilities (USN-2832-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-2832-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87239);
      script_version("2.8");
      script_cvs_date("Date: 2019/09/18 12:31:45");
    
      script_cve_id("CVE-2014-9496", "CVE-2014-9756", "CVE-2015-7805");
      script_xref(name:"USN", value:"2832-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libsndfile vulnerabilities (USN-2832-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that libsndfile incorrectly handled memory when
    parsing malformed files. A remote attacker could use this issue to
    cause libsndfile to crash, resulting in a denial of service. This
    issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
    (CVE-2014-9496)
    
    Joshua Rogers discovered that libsndfile incorrectly handled division
    when parsing malformed files. A remote attacker could use this issue
    to cause libsndfile to crash, resulting in a denial of service.
    (CVE-2014-9756)
    
    Marco Romano discovered that libsndfile incorrectly handled certain
    malformed AIFF files. A remote attacker could use this issue to cause
    libsndfile to crash, resulting in a denial of service, or possibly
    execute arbitrary code. (CVE-2015-7805).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/2832-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libsndfile1 package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/01/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/12/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/08");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|15\.04|15\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 15.04 / 15.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"libsndfile1", pkgver:"1.0.25-4ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"libsndfile1", pkgver:"1.0.25-7ubuntu2.1")) flag++;
    if (ubuntu_check(osver:"15.04", pkgname:"libsndfile1", pkgver:"1.0.25-9.1ubuntu0.15.04.1")) flag++;
    if (ubuntu_check(osver:"15.10", pkgname:"libsndfile1", pkgver:"1.0.25-9.1ubuntu0.15.10.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile1");
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2016-039-02.NASL
    descriptionNew libsndfile packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id88626
    published2016-02-09
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88626
    titleSlackware 13.37 / 14.0 / 14.1 / current : libsndfile (SSA:2016-039-02)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Slackware Security Advisory 2016-039-02. The text 
    # itself is copyright (C) Slackware Linux, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88626);
      script_version("2.2");
      script_cvs_date("Date: 2019/04/11 17:23:07");
    
      script_cve_id("CVE-2014-9496", "CVE-2014-9756", "CVE-2015-7805");
      script_xref(name:"SSA", value:"2016-039-02");
    
      script_name(english:"Slackware 13.37 / 14.0 / 14.1 / current : libsndfile (SSA:2016-039-02)");
      script_summary(english:"Checks for updated package in /var/log/packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Slackware host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "New libsndfile packages are available for Slackware 13.37, 14.0,
    14.1, and -current to fix security issues."
      );
      # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458383
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?d0b680c6"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libsndfile package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:libsndfile");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.37");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Slackware Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("slackware.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
    if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
    
    
    flag = 0;
    if (slackware_check(osver:"13.37", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"i486", pkgnum:"1_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"x86_64", pkgnum:"1_slack13.37")) flag++;
    
    if (slackware_check(osver:"14.0", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"i486", pkgnum:"1_slack14.0")) flag++;
    if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"x86_64", pkgnum:"1_slack14.0")) flag++;
    
    if (slackware_check(osver:"14.1", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"i486", pkgnum:"1_slack14.1")) flag++;
    if (slackware_check(osver:"14.1", arch:"x86_64", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"x86_64", pkgnum:"1_slack14.1")) flag++;
    
    if (slackware_check(osver:"current", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"i586", pkgnum:"1")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"libsndfile", pkgver:"1.0.26", pkgarch:"x86_64", pkgnum:"1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2208.NASL
    descriptionAccording to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libsndfile version 1.0.28, an error in the
    last seen2020-05-08
    modified2019-11-08
    plugin id130670
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130670
    titleEulerOS 2.0 SP5 : libsndfile (EulerOS-SA-2019-2208)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-024.NASL
    descriptionUpdated libsndfile packages fix security vulnerabilities : libsndfile contains multiple buffer-overflow vulnerabilities in src/sd2.c because it fails to properly bounds-check user-supplied input, which may allow an attacker to execute arbitrary code or cause a denial of service (CVE-2014-9496). libsndfile contains a divide-by-zero error in src/file_io.c which may allow an attacker to cause a denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id80561
    published2015-01-16
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80561
    titleMandriva Linux Security Advisory : libsndfile (MDVSA-2015:024)