Vulnerabilities > CVE-2015-3885 - Numeric Errors vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.

Vulnerable Configurations

Part Description Count
Application
Dcraw_Project
1
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-228.NASL
    descriptionA vulnerability has been discovered in the ExactImage image manipulation programs. CVE-2015-3885 Eduardo Castellanos discovered an Integer overflow in the dcraw version included in ExactImage. This vulnerability allows remote attackers to cause a denial of service (crash) via a crafted image. For the oldoldstable distribution (squeeze), these problems have been fixed in version 0.8.1-3+deb6u4. For the oldstable, stable, and testing distributions, these problems will be fixed soon. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-05-29
    plugin id83886
    published2015-05-29
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83886
    titleDebian DLA-228-1 : exactimage security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-228-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(83886);
      script_version("2.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-3885");
      script_bugtraq_id(74590);
    
      script_name(english:"Debian DLA-228-1 : exactimage security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A vulnerability has been discovered in the ExactImage image
    manipulation programs.
    
    CVE-2015-3885
    
    Eduardo Castellanos discovered an Integer overflow in the dcraw
    version included in ExactImage. This vulnerability allows remote
    attackers to cause a denial of service (crash) via a crafted image.
    
    For the oldoldstable distribution (squeeze), these problems have been
    fixed in version 0.8.1-3+deb6u4.
    
    For the oldstable, stable, and testing distributions, these problems
    will be fixed soon.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2015/05/msg00015.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze-lts/exactimage"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:exactimage");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:exactimage-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:exactimage-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libexactimage-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-exactimage");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-exactimage");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/05/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/29");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"exactimage", reference:"0.8.1-3+deb6u4")) flag++;
    if (deb_check(release:"6.0", prefix:"exactimage-dbg", reference:"0.8.1-3+deb6u4")) flag++;
    if (deb_check(release:"6.0", prefix:"exactimage-perl", reference:"0.8.1-3+deb6u4")) flag++;
    if (deb_check(release:"6.0", prefix:"libexactimage-perl", reference:"0.8.1-3+deb6u4")) flag++;
    if (deb_check(release:"6.0", prefix:"php5-exactimage", reference:"0.8.1-3+deb6u4")) flag++;
    if (deb_check(release:"6.0", prefix:"python-exactimage", reference:"0.8.1-3+deb6u4")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-60.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-60 (LibRaw: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in LibRaw. Please review the CVE identifiers referenced below for details. Impact : An attacker could execute arbitrary code, cause a Denial of Service condition, or have other unspecified impacts. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96746
    published2017-01-25
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96746
    titleGLSA-201701-60 : LibRaw: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201701-60.
    #
    # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(96746);
      script_version("3.3");
      script_cvs_date("Date: 2020/01/22");
    
      script_cve_id("CVE-2015-3885", "CVE-2015-8366", "CVE-2015-8367");
      script_xref(name:"GLSA", value:"201701-60");
    
      script_name(english:"GLSA-201701-60 : LibRaw: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201701-60
    (LibRaw: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in LibRaw. Please review
          the CVE identifiers referenced below for details.
      
    Impact :
    
        An attacker could execute arbitrary code, cause a Denial of Service
          condition, or have other unspecified impacts.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201701-60"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All LibRaw users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=media-libs/libraw-0.17.1'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libraw");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/01/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/25");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"media-libs/libraw", unaffected:make_list("ge 0.17.1"), vulnerable:make_list("lt 0.17.1"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "LibRaw");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8647.NASL
    descriptionThis update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-06-09
    plugin id84030
    published2015-06-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84030
    titleFedora 21 : dcraw-9.25.0-2.fc21 (2015-8647)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-8647.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84030);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3885");
      script_xref(name:"FEDORA", value:"2015-8647");
    
      script_name(english:"Fedora 21 : dcraw-9.25.0-2.fc21 (2015-8647)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update contains a fix for a bug which could cause dcraw write
    past array boundaries.
    
    Additionally, it updates dcraw to version 9,25.0 which contains
    updated color matrices and supports the Canon EOS 5DS.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1221249"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159479.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2cd0415b"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected dcraw package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:dcraw");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/05/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC21", reference:"dcraw-9.25.0-2.fc21")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dcraw");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8247.NASL
    descriptionPatch for ljpeg_start() vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-27
    plugin id83831
    published2015-05-27
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83831
    titleFedora 20 : LibRaw-0.15.4-2.fc20 (2015-8247)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-8247.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(83831);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3885");
      script_xref(name:"FEDORA", value:"2015-8247");
    
      script_name(english:"Fedora 20 : LibRaw-0.15.4-2.fc20 (2015-8247)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Patch for ljpeg_start() vulnerability.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1221250"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158582.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?10e33a72"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected LibRaw package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:LibRaw");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/05/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC20", reference:"LibRaw-0.15.4-2.fc20")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "LibRaw");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-243.NASL
    description[This DLA supersedes my wrong announcement using DLA 241-1] CVE-2015-3885: Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable. We recommend that you upgrade your libraw packages. -- Matteo F. Vescovi || Debian Developer GnuPG KeyID: 4096R/0x8062398983B2CF7A NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-06-11
    plugin id84094
    published2015-06-11
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84094
    titleDebian DLA-243-1 : libraw security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-243-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84094);
      script_version("2.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-3885");
      script_bugtraq_id(74590);
    
      script_name(english:"Debian DLA-243-1 : libraw security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "[This DLA supersedes my wrong announcement using DLA 241-1]
    
    CVE-2015-3885: Integer overflow in the ljpeg_start function in dcraw
    7.00 and earlier allows remote attackers to cause a denial of service
    (crash) via a crafted image, which triggers a buffer overflow, related
    to the len variable.
    
    We recommend that you upgrade your libraw packages.
    
    -- Matteo F. Vescovi || Debian Developer GnuPG KeyID:
    4096R/0x8062398983B2CF7A
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2015/06/msg00007.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze-lts/libraw"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Upgrade the affected libraw-dev, and libraw-doc packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libraw-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libraw-doc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/06/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"libraw-dev", reference:"0.9.1-1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libraw-doc", reference:"0.9.1-1+deb6u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8699.NASL
    descriptionThis update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-06-09
    plugin id84032
    published2015-06-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84032
    titleFedora 22 : ufraw-0.21-1.fc22 (2015-8699)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-8699.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84032);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3885");
      script_xref(name:"FEDORA", value:"2015-8699");
    
      script_name(english:"Fedora 22 : ufraw-0.21-1.fc22 (2015-8699)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update contains a fix for a bug which could cause dcraw write
    past array boundaries.
    
    Additionally, it updates ufraw to version 0.21, an upstream bugfix
    release.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1221249"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159579.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f90f00dd"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected ufraw package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ufraw");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:22");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/05/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^22([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 22.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC22", reference:"ufraw-0.21-1.fc22")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ufraw");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8621.NASL
    descriptionThis update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-06-09
    plugin id84029
    published2015-06-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84029
    titleFedora 22 : dcraw-9.25.0-2.fc22 (2015-8621)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8085.NASL
    descriptionUpdate to version 0.16.1, see http://www.libraw.org/download#changelog for details. Security fix for CVE-2015-3885. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-27
    plugin id83826
    published2015-05-27
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83826
    titleFedora 22 : mingw-LibRaw-0.16.1-1.fc22 (2015-8085)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8671.NASL
    descriptionThis update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-06-09
    plugin id84031
    published2015-06-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84031
    titleFedora 20 : dcraw-9.25.0-2.fc20 (2015-8671)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8482.NASL
    descriptionLatest upstream bugfix. Fixed dcraw vulnerability in ljpeg_start() Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-29
    plugin id83898
    published2015-05-29
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83898
    titleFedora 21 : LibRaw-0.16.2-1.fc21 (2015-8482)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8717.NASL
    descriptionThis update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-06-09
    plugin id84034
    published2015-06-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84034
    titleFedora 21 : ufraw-0.21-1.fc21 (2015-8717)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3692.NASL
    descriptionMultiple vulnerabilities were discovered in the FreeImage multimedia library, which might result in denial of service or the execution of arbitrary code if a malformed XMP or RAW image is processed.
    last seen2020-06-01
    modified2020-06-02
    plugin id94056
    published2016-10-14
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94056
    titleDebian DSA-3692-1 : freeimage - security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8444.NASL
    descriptionUpdate to version 0.16.2, see http://www.libraw.org/download#changelog for details. Update to version 0.16.1, see http://www.libraw.org/download#changelog for details. Security fix for CVE-2015-3885. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-27
    plugin id83838
    published2015-05-27
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83838
    titleFedora 22 : mingw-LibRaw-0.16.2-1.fc22 (2015-8444)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2489.NASL
    descriptionAccording to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.(CVE-2015-3885) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-04
    plugin id131642
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131642
    titleEulerOS 2.0 SP2 : dcraw (EulerOS-SA-2019-2489)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8706.NASL
    descriptionThis update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-06-09
    plugin id84033
    published2015-06-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84033
    titleFedora 20 : ufraw-0.21-1.fc20 (2015-8706)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2300-1.NASL
    descriptionThis update for libraw fixes the following issues : - CVE-2015-3885: A specially crafted raw image file could have caused a Denial of Service through an integer overflow. (bsc#930683) - CVE-2015-8367: The function phase_one_correct() did not handle memory object initialization correctly, which may have caused some other problems. (bsc#957517) - CVE-2017-6886: memory corruption in parse_tiff_ifd() func (internal/dcraw_common.cpp) could lead to Denial of service (bsc#1039380) - CVE-2017-6889: integer overflow error within the
    last seen2020-06-01
    modified2020-06-02
    plugin id102855
    published2017-08-31
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102855
    titleSUSE SLED12 Security Update : libraw (SUSE-SU-2017:2300-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8170.NASL
    descriptionRawstudio from github https://github.com/rawstudio/rawstudio/ . Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-07-20
    plugin id84856
    published2015-07-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84856
    titleFedora 21 : rawstudio-2.1-0.1.20150511git983bda1.fc21 (2015-8170)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8187.NASL
    descriptionSecurity fix for CVE-2015-3885 (dcraw input sanitization), bz #1221257 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-29
    plugin id83892
    published2015-05-29
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83892
    titleFedora 22 : rawtherapee-4.2-9.fc22 (2015-8187)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_57325ECFFACC11E4968FB888E347C638.NASL
    descriptionocert reports : The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the
    last seen2020-06-01
    modified2020-06-02
    plugin id83512
    published2015-05-18
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83512
    titleFreeBSD : dcraw -- integer overflow condition (57325ecf-facc-11e4-968f-b888e347c638)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201706-17.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201706-17 (Kodi: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Kodi. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted image file using Kodi, possibly resulting in a Denial of Service condition. Furthermore, a remote attacker could entice a user process a specially crafted ZIP file containing subtitles using Kodi, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id100943
    published2017-06-21
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/100943
    titleGLSA-201706-17 : Kodi: Multiple vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3492-1.NASL
    descriptionIt was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id104785
    published2017-11-27
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/104785
    titleUbuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libraw vulnerabilities (USN-3492-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2567.NASL
    descriptionAccording to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.(CVE-2015-3885) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-19
    plugin id132284
    published2019-12-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132284
    titleEulerOS 2.0 SP3 : dcraw (EulerOS-SA-2019-2567)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8432.NASL
    descriptionLatest upstream bugfix. Fixed dcraw vulnerability in ljpeg_start() Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-27
    plugin id83837
    published2015-05-27
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83837
    titleFedora 22 : LibRaw-0.16.2-1.fc22 (2015-8432)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8196.NASL
    descriptionRawstudio from github https://github.com/rawstudio/rawstudio/ . Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-07-20
    plugin id84857
    published2015-07-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84857
    titleFedora 22 : rawstudio-2.1-0.1.20150511git983bda1.fc22 (2015-8196)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-54.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-54 (DCRaw: Buffer overflow) An integer overflow was discovered in the ljpeg_start function in DCRaw. Impact : Remote attackers, by enticing a user to open a specially crafted image, could cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96689
    published2017-01-23
    reporterThis script is Copyright (C) 2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/96689
    titleGLSA-201701-54 : DCRaw: Buffer overflow
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8266.NASL
    descriptionSecurity fix for CVE-2015-3885 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-27
    plugin id83833
    published2015-05-27
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83833
    titleFedora 20 : mingw-LibRaw-0.15.4-5.fc20 (2015-8266)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-8498.NASL
    descriptionUpdate to version 0.16.2, see http://www.libraw.org/download#changelog for details. Update to version 0.16.1, see http://www.libraw.org/download#changelog for details. Security fix for CVE-2015-3885. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-29
    plugin id83899
    published2015-05-29
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83899
    titleFedora 21 : mingw-LibRaw-0.16.2-1.fc21 (2015-8498)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-378.NASL
    descriptionThe libraw library was updated to fix one security issue. The following vulnerability was fixed : - boo#930683: CVE-2015-3885: dcraw/libraw: input sanitization errors
    last seen2020-06-05
    modified2015-05-26
    plugin id83804
    published2015-05-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83804
    titleopenSUSE Security Update : libraw (openSUSE-2015-378)

References