Vulnerabilities > CVE-2014-9756 - Divide By Zero vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
libsndfile-project
canonical
opensuse
CWE-369
nessus

Summary

The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-742.NASL
    descriptionThe libsndfile package was updated to fix three security issues : - CVE-2015-7805: fix for heap overflow via specially crafted AIFF header (bsc#953516) - CVE-2015-8075: fix for out of bounds read access in function psf_strlcpy_crlf (bsc#953519) - CVE-2014-9756: fix a divide-by-zero issue that can lead to an DoS (bsc#953521)
    last seen2020-06-05
    modified2015-11-17
    plugin id86891
    published2015-11-17
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/86891
    titleopenSUSE Security Update : libsndfile (openSUSE-2015-742)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2015-742.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(86891);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2014-9756", "CVE-2015-7805", "CVE-2015-8075");
    
      script_name(english:"openSUSE Security Update : libsndfile (openSUSE-2015-742)");
      script_summary(english:"Check for the openSUSE-2015-742 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The libsndfile package was updated to fix three security issues :
    
      - CVE-2015-7805: fix for heap overflow via specially
        crafted AIFF header (bsc#953516)
    
      - CVE-2015-8075: fix for out of bounds read access in
        function psf_strlcpy_crlf (bsc#953519)
    
      - CVE-2014-9756: fix a divide-by-zero issue that can lead
        to an DoS (bsc#953521)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953516"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953519"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953521"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libsndfile packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/11/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/17");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-debugsource-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-devel-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-progs-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-progs-debuginfo-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile-progs-debugsource-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile1-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsndfile1-debuginfo-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsndfile1-32bit-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsndfile1-debuginfo-32bit-1.0.25-17.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-debugsource-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-devel-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-progs-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-progs-debuginfo-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile-progs-debugsource-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile1-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsndfile1-debuginfo-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsndfile1-32bit-1.0.25-19.7.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsndfile1-debuginfo-32bit-1.0.25-19.7.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile-progs / libsndfile-progs-debuginfo / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-820.NASL
    descriptionThe libsndfile package was updated to fix the following security issue : - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521). - CVE-2015-7805: Fixed heap overflow issue (bsc#953516). - CVE-2015-8075: Fixed heap overflow issue (bsc#953519).
    last seen2020-06-05
    modified2015-11-30
    plugin id87084
    published2015-11-30
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87084
    titleopenSUSE Security Update : libsndfile (openSUSE-2015-820)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2015-820.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87084);
      script_version("2.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2014-9756", "CVE-2015-7805", "CVE-2015-8075");
    
      script_name(english:"openSUSE Security Update : libsndfile (openSUSE-2015-820)");
      script_summary(english:"Check for the openSUSE-2015-820 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The libsndfile package was updated to fix the following security 
    issue :
    
      - CVE-2014-9756: Fixed a divide by zero problem that can
        lead to a Denial of Service (DoS) (bsc#953521).
    
      - CVE-2015-7805: Fixed heap overflow issue (bsc#953516).
    
      - CVE-2015-8075: Fixed heap overflow issue (bsc#953519)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953516"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953519"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953521"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libsndfile packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile-progs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsndfile1-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/11/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile-debugsource-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile-devel-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile-progs-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile-progs-debuginfo-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile-progs-debugsource-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile1-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsndfile1-debuginfo-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsndfile1-32bit-1.0.25-24.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsndfile1-debuginfo-32bit-1.0.25-24.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile-progs / libsndfile-progs-debuginfo / etc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-356.NASL
    descriptionCVE-2014-9496 The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. CVE-2014-9756 The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. CVE-2015-7805 Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-12-01
    plugin id87111
    published2015-12-01
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87111
    titleDebian DLA-356-1 : libsndfile security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-356-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87111);
      script_version("2.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2014-9496", "CVE-2014-9756", "CVE-2015-7805");
      script_bugtraq_id(71796);
    
      script_name(english:"Debian DLA-356-1 : libsndfile security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "CVE-2014-9496
    
    The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows
    attackers to have unspecified impact via vectors related to a (1) map
    offset or (2) rsrc marker, which triggers an out-of-bounds read.
    
    CVE-2014-9756
    
    The psf_fwrite function in file_io.c in libsndfile allows attackers to
    cause a denial of service (divide-by-zero error and application crash)
    via unspecified vectors related to the headindex variable.
    
    CVE-2015-7805
    
    Heap-based buffer overflow in libsndfile 1.0.25 allows remote
    attackers to have unspecified impact via the headindex value in the
    header in an AIFF file.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2015/11/msg00017.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze-lts/libsndfile"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:sndfile-programs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/11/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"libsndfile1", reference:"1.0.21-3+squeeze2")) flag++;
    if (deb_check(release:"6.0", prefix:"libsndfile1-dev", reference:"1.0.21-3+squeeze2")) flag++;
    if (deb_check(release:"6.0", prefix:"sndfile-programs", reference:"1.0.21-3+squeeze2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2000-1.NASL
    descriptionThe libsndfile package was updated to fix the following security issue : - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521). - CVE-2015-7805: Fixed heap overflow issue (bsc#953516). - CVE-2015-8075: Fixed heap overflow issue (bsc#953519). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id86895
    published2015-11-17
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86895
    titleSUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2015:2000-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2015:2000-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(86895);
      script_version("2.9");
      script_cvs_date("Date: 2019/09/11 11:22:12");
    
      script_cve_id("CVE-2014-9756", "CVE-2015-7805", "CVE-2015-8075");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2015:2000-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The libsndfile package was updated to fix the following security 
    issue :
    
      - CVE-2014-9756: Fixed a divide by zero problem that can
        lead to a Denial of Service (DoS) (bsc#953521).
    
      - CVE-2015-7805: Fixed heap overflow issue (bsc#953516).
    
      - CVE-2015-8075: Fixed heap overflow issue (bsc#953519).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=953516"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=953519"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=953521"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-9756/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-7805/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8075/"
      );
      # https://www.suse.com/support/update/announcement/2015/suse-su-20152000-1.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?46ffcf2a"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12 :
    
    zypper in -t patch SUSE-SLE-SDK-12-2015-846=1
    
    SUSE Linux Enterprise Server 12 :
    
    zypper in -t patch SUSE-SLE-SERVER-12-2015-846=1
    
    SUSE Linux Enterprise Desktop 12 :
    
    zypper in -t patch SUSE-SLE-DESKTOP-12-2015-846=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsndfile-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsndfile1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/11/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/11/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/17");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsndfile-debugsource-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsndfile1-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsndfile1-debuginfo-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsndfile1-32bit-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsndfile1-debuginfo-32bit-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"libsndfile-debugsource-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"libsndfile1-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"libsndfile1-32bit-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"libsndfile1-debuginfo-1.0.25-24.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"libsndfile1-debuginfo-32bit-1.0.25-24.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-928.NASL
    descriptionMultiple vulnerabilities were found in libsndfile, a popular library for reading/writing audio files. CVE-2017-7585 In libsndfile before 1.0.28, an error in the
    last seen2020-03-17
    modified2017-05-01
    plugin id99739
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/99739
    titleDebian DLA-928-1 : libsndfile security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-928-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99739);
      script_version("3.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-7805", "CVE-2017-7585", "CVE-2017-7586", "CVE-2017-7741", "CVE-2017-7742");
    
      script_name(english:"Debian DLA-928-1 : libsndfile security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities were found in libsndfile, a popular library
    for reading/writing audio files.
    
    CVE-2017-7585
    
    In libsndfile before 1.0.28, an error in the 'flac_buffer_copy()'
    function (flac.c) can be exploited to cause a stack-based buffer
    overflow via a specially crafted FLAC file.
    
    CVE-2017-7586
    
    In libsndfile before 1.0.28, an error in the 'header_read()' function
    (common.c) when handling ID3 tags can be exploited to cause a
    stack-based buffer overflow via a specially crafted FLAC file.
    CVE-2017-7741
    
    In libsndfile before 1.0.28, an error in the
    'flac_buffer_copy()' function (flac.c) can be exploited to
    cause a segmentation violation (with write memory access)
    via a specially crafted FLAC file during a resample attempt,
    a similar issue to CVE-2017-7585. CVE-2017-7742
    
    In libsndfile before 1.0.28, an error in the
    'flac_buffer_copy()' function (flac.c) can be exploited to
    cause a segmentation violation (with read memory access) via
    a specially crafted FLAC file during a resample attempt, a
    similar issue to CVE-2017-7585. CVE-2014-9496
    
    The sd2_parse_rsrc_fork function in sd2.c in libsndfile
    allows attackers to have unspecified impact via vectors
    related to a (1) map offset or (2) rsrc marker, which
    triggers an out-of-bounds read.
    
    CVE-2014-9756
    
    The psf_fwrite function in file_io.c in libsndfile allows attackers to
    cause a denial of service (divide-by-zero error and application crash)
    via unspecified vectors related to the headindex variable.
    CVE-2015-7805
    
    Heap-based buffer overflow in libsndfile 1.0.25 allows
    remote attackers to have unspecified impact via the
    headindex value in the header in an AIFF file.
    
    For Debian 7 'Wheezy', these problems have been fixed in version
    1.0.25-9.1+deb7u1.
    
    We recommend that you upgrade your libsndfile packages.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2017/04/msg00047.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/wheezy/libsndfile"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libsndfile1-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:sndfile-programs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/04/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"7.0", prefix:"libsndfile1", reference:"1.0.25-9.1+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libsndfile1-dev", reference:"1.0.25-9.1+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"sndfile-programs", reference:"1.0.25-9.1+deb7u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2513.NASL
    descriptionAccording to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libsndfile before 1.0.28, an error in the
    last seen2020-05-08
    modified2019-12-04
    plugin id131666
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131666
    titleEulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2019-2513)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(131666);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07");
    
      script_cve_id(
        "CVE-2014-9496",
        "CVE-2014-9756",
        "CVE-2017-12562",
        "CVE-2017-14634",
        "CVE-2017-16942",
        "CVE-2017-6892",
        "CVE-2017-7586",
        "CVE-2017-7741",
        "CVE-2017-7742",
        "CVE-2017-8361",
        "CVE-2017-8362",
        "CVE-2017-8363",
        "CVE-2017-8365"
      );
      script_bugtraq_id(
        71796
      );
    
      script_name(english:"EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2019-2513)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the libsndfile package installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerabilities :
    
      - In libsndfile before 1.0.28, an error in the
        'header_read()' function (common.c) when handling ID3
        tags can be exploited to cause a stack-based buffer
        overflow via a specially crafted FLAC
        file.(CVE-2017-7586)
    
      - Heap-based Buffer Overflow in the psf_binheader_writef
        function in common.c in libsndfile through 1.0.28
        allows remote attackers to cause a denial of service
        (application crash) or possibly have unspecified other
        impact.(CVE-2017-12562)
    
      - In libsndfile 1.0.25 (fixed in 1.0.26), a
        divide-by-zero error exists in the function
        wav_w64_read_fmt_chunk() in wav_w64.c, which may lead
        to DoS when playing a crafted audio
        file.(CVE-2017-16942)
    
      - In libsndfile 1.0.28, a divide-by-zero error exists in
        the function double64_init() in double64.c, which may
        lead to DoS when playing a crafted audio
        file.(CVE-2017-14634)
    
      - The psf_fwrite function in file_io.c in libsndfile
        allows attackers to cause a denial of service
        (divide-by-zero error and application crash) via
        unspecified vectors related to the headindex
        variable.(CVE-2014-9756)
    
      - In libsndfile before 1.0.28, an error in the
        'flac_buffer_copy()' function (flac.c) can be exploited
        to cause a segmentation violation (with write memory
        access) via a specially crafted FLAC file during a
        resample attempt, a similar issue to
        CVE-2017-7585.(CVE-2017-7741)
    
      - In libsndfile before 1.0.28, an error in the
        'flac_buffer_copy()' function (flac.c) can be exploited
        to cause a segmentation violation (with read memory
        access) via a specially crafted FLAC file during a
        resample attempt, a similar issue to
        CVE-2017-7585.(CVE-2017-7742)
    
      - In libsndfile version 1.0.28, an error in the
        'aiff_read_chanmap()' function (aiff.c) can be
        exploited to cause an out-of-bounds read memory access
        via a specially crafted AIFF file.(CVE-2017-6892)
    
      - The flac_buffer_copy function in flac.c in libsndfile
        1.0.28 allows remote attackers to cause a denial of
        service (buffer overflow and application crash) or
        possibly have unspecified other impact via a crafted
        audio file.(CVE-2017-8361)
    
      - The flac_buffer_copy function in flac.c in libsndfile
        1.0.28 allows remote attackers to cause a denial of
        service (invalid read and application crash) via a
        crafted audio file.(CVE-2017-8362)
    
      - The flac_buffer_copy function in flac.c in libsndfile
        1.0.28 allows remote attackers to cause a denial of
        service (heap-based buffer over-read and application
        crash) via a crafted audio file.(CVE-2017-8363)
    
      - The i2les_array function in pcm.c in libsndfile 1.0.28
        allows remote attackers to cause a denial of service
        (buffer over-read and application crash) via a crafted
        audio file.(CVE-2017-8365)
    
      - The sd2_parse_rsrc_fork function in sd2.c in libsndfile
        allows attackers to have unspecified impact via vectors
        related to a (1) map offset or (2) rsrc marker, which
        triggers an out-of-bounds read.(CVE-2014-9496)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2513
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b80e01d6");
      script_set_attribute(attribute:"solution", value:
    "Update the affected libsndfile packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/04");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libsndfile");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["libsndfile-1.0.25-10.h11"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsndfile");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2616.NASL
    descriptionAccording to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.(CVE-2014-9756) - Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.(CVE-2017-12562) - In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.(CVE-2017-14634) - In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.(CVE-2017-16942) - In libsndfile before 1.0.28, an error in the
    last seen2020-05-08
    modified2019-12-18
    plugin id132151
    published2019-12-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132151
    titleEulerOS 2.0 SP3 : libsndfile (EulerOS-SA-2019-2616)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2832-1.NASL
    descriptionIt was discovered that libsndfile incorrectly handled memory when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-9496) Joshua Rogers discovered that libsndfile incorrectly handled division when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. (CVE-2014-9756) Marco Romano discovered that libsndfile incorrectly handled certain malformed AIFF files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7805). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87239
    published2015-12-08
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87239
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libsndfile vulnerabilities (USN-2832-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2000-2.NASL
    descriptionThe libsndfile package was updated to fix the following security issue : - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521). - CVE-2015-7805: Fixed heap overflow issue (bsc#953516). - CVE-2015-8075: Fixed heap overflow issue (bsc#953519). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87642
    published2015-12-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87642
    titleSUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2015:2000-2)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1979-1.NASL
    descriptionThe libsndfile package was updated to fix the following security issue : - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521). - CVE-2015-7805: Fixed heap overflow issue (bsc#953516). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id86869
    published2015-11-13
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86869
    titleSUSE SLED11 / SLES11 Security Update : libsndfile (SUSE-SU-2015:1979-1)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2016-039-02.NASL
    descriptionNew libsndfile packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id88626
    published2016-02-09
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88626
    titleSlackware 13.37 / 14.0 / 14.1 / current : libsndfile (SSA:2016-039-02)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2208.NASL
    descriptionAccording to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libsndfile version 1.0.28, an error in the
    last seen2020-05-08
    modified2019-11-08
    plugin id130670
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130670
    titleEulerOS 2.0 SP5 : libsndfile (EulerOS-SA-2019-2208)