Vulnerabilities > CVE-2017-9831 - Integer Overflow or Wraparound vulnerability in Libmtp Project Libmtp 1.1.12

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

libmtp-project

CWE-190

nessus

NVD

Published: 2017-06-24

Updated: 2020-04-05

Summary

An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.

Vulnerable Configurations

Part	Description	Count
Application	Libmtp_Project Libmtp Project Libmtp 1.1.12	1

Common Weakness Enumeration (CWE)

CWE-190 - Integer Overflow or Wraparound

Common Attack Pattern Enumeration and Classification (CAPEC)

Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-2169.NASL
description	libmtp is a library for communicating with MTP aware devices. The Media Transfer Protocol (commonly referred to as MTP) is a devised set of custom extensions to support the transfer of music files on USB digital audio players and movie files on USB portable media players. CVE-2017-9831 An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. CVE-2017-9832 An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. For Debian 8
last seen	2020-04-09
modified	2020-04-06
plugin id	135205
published	2020-04-06
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/135205
title	Debian DLA-2169-1 : libmtp security update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-2169-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(135205); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/08"); script_cve_id("CVE-2017-9831", "CVE-2017-9832"); script_name(english:"Debian DLA-2169-1 : libmtp security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "libmtp is a library for communicating with MTP aware devices. The Media Transfer Protocol (commonly referred to as MTP) is a devised set of custom extensions to support the transfer of music files on USB digital audio players and movie files on USB portable media players. CVE-2017-9831 An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. CVE-2017-9832 An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. For Debian 8 'Jessie', these problems have been fixed in version 1.1.8-1+deb8u1. We recommend that you upgrade your libmtp packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2020/04/msg00003.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/libmtp" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-runtime"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mtp-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/24"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"libmtp-common", reference:"1.1.8-1+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libmtp-dbg", reference:"1.1.8-1+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libmtp-dev", reference:"1.1.8-1+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libmtp-doc", reference:"1.1.8-1+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libmtp-runtime", reference:"1.1.8-1+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libmtp9", reference:"1.1.8-1+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"mtp-tools", reference:"1.1.8-1+deb8u1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-4C57DA6642.NASL
description	libmtp 1.1.13 ============= Christophe Vu-Brugier (1) : - added GoPro HERO5 Black Emeric Grange (2) : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope (2) : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang (1) : - Update Google device strings, add (PTP+ADB) id Marcus Meissner (69) : - added archos diamond s https://sourceforge.net/p/libmtp/support-requests/222/ - added bq aquaris x5 https://sourceforge.net/p/libmtp/support-requests/224/ - added lenovo k910ss https://sourceforge.net/p/libmtp/bugs/1597/ - zuk z1 second id https://sourceforge.net/p/libmtp/bugs/1596/ - zuk z1 log - added cat s60 https://sourceforge.net/p/libmtp/feature-requests/176/ - oneplus one 3 log - added archos diamonds , https://sourceforge.net/p/libmtp/support-requests/222/ - added another alcatel idol 3 id https://sourceforge.net/p/libmtp/bugs/1605/ - added tp-link neffos c5 https://sourceforge.net/p/libmtp/bugs/1606/ - added caterpillar cat s40 https://sourceforge.net/p/libmtp/bugs/1603/ - added lenovo vibe note k5 https://sourceforge.net/p/libmtp/bugs/1608/ - added BLU studio energy x2 phone adjusted the other BLU id to 4017 - added huawei y560-l01 https://sourceforge.net/p/libmtp/feature-requests/177/ - intex aqua fish https://sourceforge.net/p/libmtp/bugs/1613/ - added bq aquarius x5 (another id) https://sourceforge.net/p/libmtp/feature-requests/181/ - added HTC Butterfly x920e https://sourceforge.net/p/libmtp/bugs/1615/ - Motorola Pro+ added https://sourceforge.net/p/libmtp/feature-requests/189/ - added Lenovo A706 https://sourceforge.net/p/libmtp/support-requests/232/ - added sony f5231 https://sourceforge.net/p/libmtp/support-requests/230/ - added Huawei Y360-U61 https://sourceforge.net/p/libmtp/feature-requests/186/ https://bugs.launchpad.net/ubuntu/+source/libmtp/+bug/15 72658 - added acer liquid z220 https://sourceforge.net/p/libmtp/support-requests/228/ - added lenovo k920 https://sourceforge.net/p/libmtp/bugs/1595/ - replace the major.version parsing logic by sscanf, allow a non-minor entry (as seen on Samsung) https://sourceforge.net/p/libmtp/bugs/1593/ - added lenovo b smartphone https://sourceforge.net/p/libmtp/bugs/1624/ - added lenovo P1ma40P https://sourceforge.net/p/libmtp/support-requests/235/ - added HUAWEI Y320-U10 https://sourceforge.net/p/libmtp/bugs/1629/ - added huawei frd l09 https://sourceforge.net/p/libmtp/bugs/1626/ - htc desire 626g dual sim https://sourceforge.net/p/libmtp/bugs/1632/ - render opcodes as opcodes, not ofc. render event names - added Kyocera Hydra Wave (model C6740N, Android version 5.1) https://sourceforge.net/p/libmtp/feature-requests/192/ - added SHARP SHV35 AQUOS U https://sourceforge.net/p/libmtp/feature-requests/192/ - iriver ak70 https://sourceforge.net/p/libmtp/bugs/1634/ - Intex AquaFish SailFish OS https://sourceforge.net/p/libmtp/feature-requests/201/ - added TP-Link Neffos C5 MAX https://sourceforge.net/p/libmtp/feature-requests/197/ - added tp-link neffos y5l https://sourceforge.net/p/libmtp/feature-requests/196/ - added tp-link neffos y5 https://sourceforge.net/p/libmtp/feature-requests/195/ - added Blephone lephone T7+ https://sourceforge.net/p/libmtp/feature-requests/194/ - added Archos 101b Oxygen https://sourceforge.net/p/libmtp/bugs/1637 - Merge /u/drzap/libmtp/ branch gopro_heroplus into master - added Huawei Nova https://sourceforge.net/p/libmtp/bugs/1640/ - added acer liquid zest plus - added sony xperia z5 debug data https://sourceforge.net/p/libmtp/bugs/1631/ - added blu energy x lte data - added lenovo k5 - added Lenovo TAB 2 A10-30 https://sourceforge.net/p/libmtp/feature-requests/204/ - added ASUS ME581CL https://sourceforge.net/p/libmtp/bugs/1642/ - added Nubia Z9 Max
last seen	2020-06-05
modified	2017-07-03
plugin id	101179
published	2017-07-03
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/101179
title	Fedora 25 : libmtp (2017-4c57da6642)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-4c57da6642. # include("compat.inc"); if (description) { script_id(101179); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-9831", "CVE-2017-9832"); script_xref(name:"FEDORA", value:"2017-4c57da6642"); script_name(english:"Fedora 25 : libmtp (2017-4c57da6642)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "libmtp 1.1.13 ============= Christophe Vu-Brugier (1) : - added GoPro HERO5 Black Emeric Grange (2) : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope (2) : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang (1) : - Update Google device strings, add (PTP+ADB) id Marcus Meissner (69) : - added archos diamond s https://sourceforge.net/p/libmtp/support-requests/222/ - added bq aquaris x5 https://sourceforge.net/p/libmtp/support-requests/224/ - added lenovo k910ss https://sourceforge.net/p/libmtp/bugs/1597/ - zuk z1 second id https://sourceforge.net/p/libmtp/bugs/1596/ - zuk z1 log - added cat s60 https://sourceforge.net/p/libmtp/feature-requests/176/ - oneplus one 3 log - added archos diamonds , https://sourceforge.net/p/libmtp/support-requests/222/ - added another alcatel idol 3 id https://sourceforge.net/p/libmtp/bugs/1605/ - added tp-link neffos c5 https://sourceforge.net/p/libmtp/bugs/1606/ - added caterpillar cat s40 https://sourceforge.net/p/libmtp/bugs/1603/ - added lenovo vibe note k5 https://sourceforge.net/p/libmtp/bugs/1608/ - added BLU studio energy x2 phone adjusted the other BLU id to 4017 - added huawei y560-l01 https://sourceforge.net/p/libmtp/feature-requests/177/ - intex aqua fish https://sourceforge.net/p/libmtp/bugs/1613/ - added bq aquarius x5 (another id) https://sourceforge.net/p/libmtp/feature-requests/181/ - added HTC Butterfly x920e https://sourceforge.net/p/libmtp/bugs/1615/ - Motorola Pro+ added https://sourceforge.net/p/libmtp/feature-requests/189/ - added Lenovo A706 https://sourceforge.net/p/libmtp/support-requests/232/ - added sony f5231 https://sourceforge.net/p/libmtp/support-requests/230/ - added Huawei Y360-U61 https://sourceforge.net/p/libmtp/feature-requests/186/ https://bugs.launchpad.net/ubuntu/+source/libmtp/+bug/15 72658 - added acer liquid z220 https://sourceforge.net/p/libmtp/support-requests/228/ - added lenovo k920 https://sourceforge.net/p/libmtp/bugs/1595/ - replace the major.version parsing logic by sscanf, allow a non-minor entry (as seen on Samsung) https://sourceforge.net/p/libmtp/bugs/1593/ - added lenovo b smartphone https://sourceforge.net/p/libmtp/bugs/1624/ - added lenovo P1ma40P https://sourceforge.net/p/libmtp/support-requests/235/ - added HUAWEI Y320-U10 https://sourceforge.net/p/libmtp/bugs/1629/ - added huawei frd l09 https://sourceforge.net/p/libmtp/bugs/1626/ - htc desire 626g dual sim https://sourceforge.net/p/libmtp/bugs/1632/ - render opcodes as opcodes, not ofc. render event names - added Kyocera Hydra Wave (model C6740N, Android version 5.1) https://sourceforge.net/p/libmtp/feature-requests/192/ - added SHARP SHV35 AQUOS U https://sourceforge.net/p/libmtp/feature-requests/192/ - iriver ak70 https://sourceforge.net/p/libmtp/bugs/1634/ - Intex AquaFish SailFish OS https://sourceforge.net/p/libmtp/feature-requests/201/ - added TP-Link Neffos C5 MAX https://sourceforge.net/p/libmtp/feature-requests/197/ - added tp-link neffos y5l https://sourceforge.net/p/libmtp/feature-requests/196/ - added tp-link neffos y5 https://sourceforge.net/p/libmtp/feature-requests/195/ - added Blephone lephone T7+ https://sourceforge.net/p/libmtp/feature-requests/194/ - added Archos 101b Oxygen https://sourceforge.net/p/libmtp/bugs/1637 - Merge /u/drzap/libmtp/ branch gopro_heroplus into master - added Huawei Nova https://sourceforge.net/p/libmtp/bugs/1640/ - added acer liquid zest plus - added sony xperia z5 debug data https://sourceforge.net/p/libmtp/bugs/1631/ - added blu energy x lte data - added lenovo k5 - added Lenovo TAB 2 A10-30 https://sourceforge.net/p/libmtp/feature-requests/204/ - added ASUS ME581CL https://sourceforge.net/p/libmtp/bugs/1642/ - added Nubia Z9 Max 'NX512j' https://sourceforge.net/p/libmtp/bugs/1646/ - added Huawei Y360-U03 https://sourceforge.net/p/libmtp/feature-requests/205/ - nokia lumia 550 - added Sony XPeria XA https://sourceforge.net/p/libmtp/bugs/1649/ - added rim blackberry dtek 60 https://sourceforge.net/p/libmtp/bugs/1658/ - added nextbit robin https://sourceforge.net/p/libmtp/bugs/1663/ - added lenovo k4 vibe https://sourceforge.net/p/libmtp/bugs/1664/ - added archos diamond 55 selfie https://sourceforge.net/p/libmtp/feature-requests/209/ - added yota yotaphone https://sourceforge.net/p/libmtp/bugs/1661/ - added Asus Zenfone Go (ZC500TG) https://sourceforge.net/p/libmtp/feature-requests/208/ - Archos 70b Neon https://sourceforge.net/p/libmtp/bugs/1660/ - added sony xperia xz https://sourceforge.net/p/libmtp/feature-requests/207/ - imported ptp* from libgphoto2 - Merge /u/cvubrugier/libmtp/ branch master into master - added Lenovo S960 https://sourceforge.net/p/libmtp/bugs/1673/ - wrong render command, this is opcode not ofc - Fixed getpartialobject on non-x86_64 systems - Merge branch 'master' of ssh://git.code.sf.net/p/libmtp/code - add casts for varargs from 64bit to 32bit - Reenable MTP GetObjectProplist for Samsung Galaxy Models. (Seems to work on my S7) Reenable also for Motorola G2. added POINT OF VIEW TAB-I847 https://sourceforge.net/p/libmtp/feature-requests/215/ - adjusted G2 entry - release 1.1.13 Stanisław Pitucha (1) : - Add LIBMTP_FILES_AND_FOLDERS_ROOT and fix examples libmtp 1.1.12 ============= - Changes in the 1.1.12 release are mostly USB id additions - A new asynchronous function to check for events has also been added. Jocelyn Mayer (1) : - added Acer Iconia One 10 https://sourceforge.net/p/libmtp/bugs/1568/ Marcus Meissner (69) : - added sony xperia e1 ids https://sourceforge.net/p/libmtp/support-requests/207/ - added debuginfo for marshall london phone https://sourceforge.net/p/libmtp/bugs/1520/ - added iRulu X1si https://sourceforge.net/p/libmtp/bugs/1521/ - hook in travis support - merge accumulated ptp lowlevel changes from libgphoto2. - run autogen.sh instead of configure - avoid question for autoupdateing - always build with a libusb avoid failing autoreconf, as we run autogen.sh - try to find libtoolize - try to find libtool harder - hmm . libtool is there, but libtoolize is not - added xperia m5 https://sourceforge.net/p/libmtp/bugs/1527/ - Caterpillar S50 added https://sourceforge.net/p/libmtp/bugs/1525/ - add cat s50 2nd id - currently dont build for osx - added another m9 id https://sourceforge.net/p/libmtp/bugs/1508/ - added haier ct715 https://sourceforge.net/p/libmtp/support-requests/208/ - added lenovo k900 https://sourceforge.net/p/libmtp/bugs/1529/ - added letv 1s https://sourceforge.net/p/libmtp/support-requests/210/ - amazon fire 8 hd https://sourceforge.net/p/libmtp/feature-requests/158/ - added lenovo vibe x https://sourceforge.net/p/libmtp/bugs/1531/ - added LeTv X800 Android phone (libmtp-discuss) https://sourceforge.net/p/libmtp/bugs/1542/ - added another wileyfox swift id https://sourceforge.net/p/libmtp/feature-requests/159/ - added Sony Xperia C4 Dual https://sourceforge.net/p/libmtp/support-requests/212/ - Motorola Droid Turbo 2 https://sourceforge.net/p/libmtp/bugs/1539/ - added Sony WALKMAN NWZ-E474 https://sourceforge.net/p/libmtp/bugs/1540/ - added BQ Aquaris M5.5 https://sourceforge.net/p/libmtp/bugs/1541/ - asus zenpad 80 added https://sourceforge.net/p/libmtp/bugs/1546/ - acer z530 16GB https://sourceforge.net/p/libmtp/bugs/1534/ - added htc 626 detection log https://sourceforge.net/p/libmtp/bugs/1538/ - zuk z1 added https://sourceforge.net/p/libmtp/bugs/1545/ - added lenovo vibe p1 pro https://sourceforge.net/p/libmtp/support-requests/213/ - htc desire 626s https://sourceforge.net/p/libmtp/bugs/1543/ - added asus fonepad 8 https://sourceforge.net/p/libmtp/bugs/1548/ - fairphone 2 os https://sourceforge.net/p/libmtp/support-requests/214/ - htc desire 626s debug log https://sourceforge.net/p/libmtp/bugs/1543/ - lenovo k3 note debug data https://sourceforge.net/p/libmtp/feature-requests/162/ - added acer z630 https://sourceforge.net/p/libmtp/bugs/1552/ - added lenovo a3500-fl https://sourceforge.net/p/libmtp/bugs/1556/ - BQ Aquaris M10 Ubuntu Edition Full HD https://sourceforge.net/p/libmtp/feature-requests/163/ - added Kazam Trooper 650 4G https://sourceforge.net/p/libmtp/bugs/1554/ - Blackberry Priv https://sourceforge.net/p/libmtp/bugs/1551/ - bq aquarius avila cooler https://sourceforge.net/p/libmtp/bugs/1558/ - lenovo vibe k4 note https://sourceforge.net/p/libmtp/bugs/1562/ - Kyocera Hydro Elite https://sourceforge.net/p/libmtp/feature-requests/164/ - LG V10 https://sourceforge.net/p/libmtp/bugs/1559/ - added infocus m808 https://sourceforge.net/p/libmtp/bugs/1567/ - meizu pro 5 ubuntu phone added https://sourceforge.net/p/libmtp/bugs/1563/ - added another htc m9 variant https://sourceforge.net/p/libmtp/support-requests/217/ - added Recon Instruments Snow2 HUD and Recon Instruments Jet - LeTV X5001s added https://sourceforge.net/p/libmtp/bugs/1574/ - added lenovo phab plus https://sourceforge.net/p/libmtp/bugs/1572/ - Archos 101 xenon lite https://sourceforge.net/p/libmtp/bugs/1573/ - Huawei Android Phone H60-L12 https://sourceforge.net/p/libmtp/bugs/1550/ - bravis a401 neo added https://sourceforge.net/p/libmtp/bugs/1553/ - added lenovo TAB S8-50F https://sourceforge.net/p/libmtp/support-requests/219/ - added BLU STUDIO ENERGY 2 https://sourceforge.net/p/libmtp/bugs/1575/ - nVidia Jetson TX1 https://sourceforge.net/p/libmtp/bugs/1582/ - fix indentation for gcc6 - letv X800 https://sourceforge.net/p/libmtp/support-requests/220/ - Archos 40 Helium phone https://sourceforge.net/p/libmtp/bugs/1581/ - Acer A1-841 https://sourceforge.net/p/libmtp/bugs/1579/ - added Nokia N1 https://sourceforge.net/p/libmtp/support-requests/221/ - added Huawei P9 Plus https://sourceforge.net/p/libmtp/feature-requests/173/ - added archos 50d neon https://sourceforge.net/p/libmtp/bugs/1587/ - fixed c4 dual names - YotaPhone C9660 https://sourceforge.net/p/libmtp/support-requests/127/ - added Cubot X17 https://sourceforge.net/p/libmtp/feature-requests/161/ - 1.1.12 release Philip Langdale (1) : - [events] Add an asynchronous function to check for events Profpatsch (1) : - added jolla sailfish 0a07 id Robert Reardon (1) : - added Jolla phone ---- Support lots of new MTP devices. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-4c57da6642" ); script_set_attribute( attribute:"see_also", value:"https://sourceforge.net/p/libmtp/feature-requests/186/" ); script_set_attribute( attribute:"solution", value:"Update the affected libmtp package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libmtp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/07/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/07/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^25([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC25", reference:"libmtp-1.1.13-1.fc25")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmtp"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-1029.NASL
description	libmtp, a library for communicating with MTP aware devices (like cellular phones and audio players), was found to be vulnerable to several integer overflow vulnerabilities, which allowed malicious devices to cause denial of service crashes and maybe remote code execution. CVE-2017-9831 An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. CVE-2017-9832 An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. For Debian 7
last seen	2020-03-17
modified	2017-07-18
plugin id	101775
published	2017-07-18
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/101775
title	Debian DLA-1029-1 : libmtp security update
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-1029-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(101775); script_version("3.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2017-9831", "CVE-2017-9832"); script_name(english:"Debian DLA-1029-1 : libmtp security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "libmtp, a library for communicating with MTP aware devices (like cellular phones and audio players), was found to be vulnerable to several integer overflow vulnerabilities, which allowed malicious devices to cause denial of service crashes and maybe remote code execution. CVE-2017-9831 An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. CVE-2017-9832 An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. For Debian 7 'Wheezy', these problems have been fixed in version 1.1.3-35-g0ece104-5+deb7u1. We recommend that you upgrade your libmtp packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2017/07/msg00021.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/libmtp" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp-runtime"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmtp9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mtp-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2017/07/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/07/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"7.0", prefix:"libmtp-common", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libmtp-dbg", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libmtp-dev", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libmtp-doc", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libmtp-runtime", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libmtp9", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"mtp-tools", reference:"1.1.3-35-g0ece104-5+deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2452.NASL
description	According to the versions of the libmtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9831) - An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9832) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-12-04
plugin id	131606
published	2019-12-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131606
title	EulerOS 2.0 SP2 : libmtp (EulerOS-SA-2019-2452)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(131606); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07"); script_cve_id( "CVE-2017-9831", "CVE-2017-9832" ); script_name(english:"EulerOS 2.0 SP2 : libmtp (EulerOS-SA-2019-2452)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the libmtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9831) - An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9832) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2452 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9b356485"); script_set_attribute(attribute:"solution", value: "Update the affected libmtp packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/04"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libmtp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) \|\| release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D\|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) \|\| sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["libmtp-1.1.6-3.h1"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmtp"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-69FDB38F3E.NASL
description	libmtp 1.1.13 ============= Christophe Vu-Brugier (1) : - added GoPro HERO5 Black Emeric Grange (2) : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope (2) : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang (1) : - Update Google device strings, add (PTP+ADB) id Marcus Meissner (69) : - added archos diamond s https://sourceforge.net/p/libmtp/support-requests/222/ - added bq aquaris x5 https://sourceforge.net/p/libmtp/support-requests/224/ - added lenovo k910ss https://sourceforge.net/p/libmtp/bugs/1597/ - zuk z1 second id https://sourceforge.net/p/libmtp/bugs/1596/ - zuk z1 log - added cat s60 https://sourceforge.net/p/libmtp/feature-requests/176/ - oneplus one 3 log - added archos diamonds , https://sourceforge.net/p/libmtp/support-requests/222/ - added another alcatel idol 3 id https://sourceforge.net/p/libmtp/bugs/1605/ - added tp-link neffos c5 https://sourceforge.net/p/libmtp/bugs/1606/ - added caterpillar cat s40 https://sourceforge.net/p/libmtp/bugs/1603/ - added lenovo vibe note k5 https://sourceforge.net/p/libmtp/bugs/1608/ - added BLU studio energy x2 phone adjusted the other BLU id to 4017 - added huawei y560-l01 https://sourceforge.net/p/libmtp/feature-requests/177/ - intex aqua fish https://sourceforge.net/p/libmtp/bugs/1613/ - added bq aquarius x5 (another id) https://sourceforge.net/p/libmtp/feature-requests/181/ - added HTC Butterfly x920e https://sourceforge.net/p/libmtp/bugs/1615/ - Motorola Pro+ added https://sourceforge.net/p/libmtp/feature-requests/189/ - added Lenovo A706 https://sourceforge.net/p/libmtp/support-requests/232/ - added sony f5231 https://sourceforge.net/p/libmtp/support-requests/230/ - added Huawei Y360-U61 https://sourceforge.net/p/libmtp/feature-requests/186/ https://bugs.launchpad.net/ubuntu/+source/libmtp/+bug/15 72658 - added acer liquid z220 https://sourceforge.net/p/libmtp/support-requests/228/ - added lenovo k920 https://sourceforge.net/p/libmtp/bugs/1595/ - replace the major.version parsing logic by sscanf, allow a non-minor entry (as seen on Samsung) https://sourceforge.net/p/libmtp/bugs/1593/ - added lenovo b smartphone https://sourceforge.net/p/libmtp/bugs/1624/ - added lenovo P1ma40P https://sourceforge.net/p/libmtp/support-requests/235/ - added HUAWEI Y320-U10 https://sourceforge.net/p/libmtp/bugs/1629/ - added huawei frd l09 https://sourceforge.net/p/libmtp/bugs/1626/ - htc desire 626g dual sim https://sourceforge.net/p/libmtp/bugs/1632/ - render opcodes as opcodes, not ofc. render event names - added Kyocera Hydra Wave (model C6740N, Android version 5.1) https://sourceforge.net/p/libmtp/feature-requests/192/ - added SHARP SHV35 AQUOS U https://sourceforge.net/p/libmtp/feature-requests/192/ - iriver ak70 https://sourceforge.net/p/libmtp/bugs/1634/ - Intex AquaFish SailFish OS https://sourceforge.net/p/libmtp/feature-requests/201/ - added TP-Link Neffos C5 MAX https://sourceforge.net/p/libmtp/feature-requests/197/ - added tp-link neffos y5l https://sourceforge.net/p/libmtp/feature-requests/196/ - added tp-link neffos y5 https://sourceforge.net/p/libmtp/feature-requests/195/ - added Blephone lephone T7+ https://sourceforge.net/p/libmtp/feature-requests/194/ - added Archos 101b Oxygen https://sourceforge.net/p/libmtp/bugs/1637 - Merge /u/drzap/libmtp/ branch gopro_heroplus into master - added Huawei Nova https://sourceforge.net/p/libmtp/bugs/1640/ - added acer liquid zest plus - added sony xperia z5 debug data https://sourceforge.net/p/libmtp/bugs/1631/ - added blu energy x lte data - added lenovo k5 - added Lenovo TAB 2 A10-30 https://sourceforge.net/p/libmtp/feature-requests/204/ - added ASUS ME581CL https://sourceforge.net/p/libmtp/bugs/1642/ - added Nubia Z9 Max
last seen	2020-06-05
modified	2017-07-17
plugin id	101651
published	2017-07-17
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/101651
title	Fedora 26 : libmtp (2017-69fdb38f3e)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-69fdb38f3e. # include("compat.inc"); if (description) { script_id(101651); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-9831", "CVE-2017-9832"); script_xref(name:"FEDORA", value:"2017-69fdb38f3e"); script_name(english:"Fedora 26 : libmtp (2017-69fdb38f3e)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "libmtp 1.1.13 ============= Christophe Vu-Brugier (1) : - added GoPro HERO5 Black Emeric Grange (2) : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope (2) : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang (1) : - Update Google device strings, add (PTP+ADB) id Marcus Meissner (69) : - added archos diamond s https://sourceforge.net/p/libmtp/support-requests/222/ - added bq aquaris x5 https://sourceforge.net/p/libmtp/support-requests/224/ - added lenovo k910ss https://sourceforge.net/p/libmtp/bugs/1597/ - zuk z1 second id https://sourceforge.net/p/libmtp/bugs/1596/ - zuk z1 log - added cat s60 https://sourceforge.net/p/libmtp/feature-requests/176/ - oneplus one 3 log - added archos diamonds , https://sourceforge.net/p/libmtp/support-requests/222/ - added another alcatel idol 3 id https://sourceforge.net/p/libmtp/bugs/1605/ - added tp-link neffos c5 https://sourceforge.net/p/libmtp/bugs/1606/ - added caterpillar cat s40 https://sourceforge.net/p/libmtp/bugs/1603/ - added lenovo vibe note k5 https://sourceforge.net/p/libmtp/bugs/1608/ - added BLU studio energy x2 phone adjusted the other BLU id to 4017 - added huawei y560-l01 https://sourceforge.net/p/libmtp/feature-requests/177/ - intex aqua fish https://sourceforge.net/p/libmtp/bugs/1613/ - added bq aquarius x5 (another id) https://sourceforge.net/p/libmtp/feature-requests/181/ - added HTC Butterfly x920e https://sourceforge.net/p/libmtp/bugs/1615/ - Motorola Pro+ added https://sourceforge.net/p/libmtp/feature-requests/189/ - added Lenovo A706 https://sourceforge.net/p/libmtp/support-requests/232/ - added sony f5231 https://sourceforge.net/p/libmtp/support-requests/230/ - added Huawei Y360-U61 https://sourceforge.net/p/libmtp/feature-requests/186/ https://bugs.launchpad.net/ubuntu/+source/libmtp/+bug/15 72658 - added acer liquid z220 https://sourceforge.net/p/libmtp/support-requests/228/ - added lenovo k920 https://sourceforge.net/p/libmtp/bugs/1595/ - replace the major.version parsing logic by sscanf, allow a non-minor entry (as seen on Samsung) https://sourceforge.net/p/libmtp/bugs/1593/ - added lenovo b smartphone https://sourceforge.net/p/libmtp/bugs/1624/ - added lenovo P1ma40P https://sourceforge.net/p/libmtp/support-requests/235/ - added HUAWEI Y320-U10 https://sourceforge.net/p/libmtp/bugs/1629/ - added huawei frd l09 https://sourceforge.net/p/libmtp/bugs/1626/ - htc desire 626g dual sim https://sourceforge.net/p/libmtp/bugs/1632/ - render opcodes as opcodes, not ofc. render event names - added Kyocera Hydra Wave (model C6740N, Android version 5.1) https://sourceforge.net/p/libmtp/feature-requests/192/ - added SHARP SHV35 AQUOS U https://sourceforge.net/p/libmtp/feature-requests/192/ - iriver ak70 https://sourceforge.net/p/libmtp/bugs/1634/ - Intex AquaFish SailFish OS https://sourceforge.net/p/libmtp/feature-requests/201/ - added TP-Link Neffos C5 MAX https://sourceforge.net/p/libmtp/feature-requests/197/ - added tp-link neffos y5l https://sourceforge.net/p/libmtp/feature-requests/196/ - added tp-link neffos y5 https://sourceforge.net/p/libmtp/feature-requests/195/ - added Blephone lephone T7+ https://sourceforge.net/p/libmtp/feature-requests/194/ - added Archos 101b Oxygen https://sourceforge.net/p/libmtp/bugs/1637 - Merge /u/drzap/libmtp/ branch gopro_heroplus into master - added Huawei Nova https://sourceforge.net/p/libmtp/bugs/1640/ - added acer liquid zest plus - added sony xperia z5 debug data https://sourceforge.net/p/libmtp/bugs/1631/ - added blu energy x lte data - added lenovo k5 - added Lenovo TAB 2 A10-30 https://sourceforge.net/p/libmtp/feature-requests/204/ - added ASUS ME581CL https://sourceforge.net/p/libmtp/bugs/1642/ - added Nubia Z9 Max 'NX512j' https://sourceforge.net/p/libmtp/bugs/1646/ - added Huawei Y360-U03 https://sourceforge.net/p/libmtp/feature-requests/205/ - nokia lumia 550 - added Sony XPeria XA https://sourceforge.net/p/libmtp/bugs/1649/ - added rim blackberry dtek 60 https://sourceforge.net/p/libmtp/bugs/1658/ - added nextbit robin https://sourceforge.net/p/libmtp/bugs/1663/ - added lenovo k4 vibe https://sourceforge.net/p/libmtp/bugs/1664/ - added archos diamond 55 selfie https://sourceforge.net/p/libmtp/feature-requests/209/ - added yota yotaphone https://sourceforge.net/p/libmtp/bugs/1661/ - added Asus Zenfone Go (ZC500TG) https://sourceforge.net/p/libmtp/feature-requests/208/ - Archos 70b Neon https://sourceforge.net/p/libmtp/bugs/1660/ - added sony xperia xz https://sourceforge.net/p/libmtp/feature-requests/207/ - imported ptp* from libgphoto2 - Merge /u/cvubrugier/libmtp/ branch master into master - added Lenovo S960 https://sourceforge.net/p/libmtp/bugs/1673/ - wrong render command, this is opcode not ofc - Fixed getpartialobject on non-x86_64 systems - Merge branch 'master' of ssh://git.code.sf.net/p/libmtp/code - add casts for varargs from 64bit to 32bit - Reenable MTP GetObjectProplist for Samsung Galaxy Models. (Seems to work on my S7) Reenable also for Motorola G2. added POINT OF VIEW TAB-I847 https://sourceforge.net/p/libmtp/feature-requests/215/ - adjusted G2 entry - release 1.1.13 Stanisław Pitucha (1) : - Add LIBMTP_FILES_AND_FOLDERS_ROOT and fix examples libmtp 1.1.12 ============= - Changes in the 1.1.12 release are mostly USB id additions - A new asynchronous function to check for events has also been added. Jocelyn Mayer (1) : - added Acer Iconia One 10 https://sourceforge.net/p/libmtp/bugs/1568/ Marcus Meissner (69) : - added sony xperia e1 ids https://sourceforge.net/p/libmtp/support-requests/207/ - added debuginfo for marshall london phone https://sourceforge.net/p/libmtp/bugs/1520/ - added iRulu X1si https://sourceforge.net/p/libmtp/bugs/1521/ - hook in travis support - merge accumulated ptp lowlevel changes from libgphoto2. - run autogen.sh instead of configure - avoid question for autoupdateing - always build with a libusb avoid failing autoreconf, as we run autogen.sh - try to find libtoolize - try to find libtool harder - hmm . libtool is there, but libtoolize is not - added xperia m5 https://sourceforge.net/p/libmtp/bugs/1527/ - Caterpillar S50 added https://sourceforge.net/p/libmtp/bugs/1525/ - add cat s50 2nd id - currently dont build for osx - added another m9 id https://sourceforge.net/p/libmtp/bugs/1508/ - added haier ct715 https://sourceforge.net/p/libmtp/support-requests/208/ - added lenovo k900 https://sourceforge.net/p/libmtp/bugs/1529/ - added letv 1s https://sourceforge.net/p/libmtp/support-requests/210/ - amazon fire 8 hd https://sourceforge.net/p/libmtp/feature-requests/158/ - added lenovo vibe x https://sourceforge.net/p/libmtp/bugs/1531/ - added LeTv X800 Android phone (libmtp-discuss) https://sourceforge.net/p/libmtp/bugs/1542/ - added another wileyfox swift id https://sourceforge.net/p/libmtp/feature-requests/159/ - added Sony Xperia C4 Dual https://sourceforge.net/p/libmtp/support-requests/212/ - Motorola Droid Turbo 2 https://sourceforge.net/p/libmtp/bugs/1539/ - added Sony WALKMAN NWZ-E474 https://sourceforge.net/p/libmtp/bugs/1540/ - added BQ Aquaris M5.5 https://sourceforge.net/p/libmtp/bugs/1541/ - asus zenpad 80 added https://sourceforge.net/p/libmtp/bugs/1546/ - acer z530 16GB https://sourceforge.net/p/libmtp/bugs/1534/ - added htc 626 detection log https://sourceforge.net/p/libmtp/bugs/1538/ - zuk z1 added https://sourceforge.net/p/libmtp/bugs/1545/ - added lenovo vibe p1 pro https://sourceforge.net/p/libmtp/support-requests/213/ - htc desire 626s https://sourceforge.net/p/libmtp/bugs/1543/ - added asus fonepad 8 https://sourceforge.net/p/libmtp/bugs/1548/ - fairphone 2 os https://sourceforge.net/p/libmtp/support-requests/214/ - htc desire 626s debug log https://sourceforge.net/p/libmtp/bugs/1543/ - lenovo k3 note debug data https://sourceforge.net/p/libmtp/feature-requests/162/ - added acer z630 https://sourceforge.net/p/libmtp/bugs/1552/ - added lenovo a3500-fl https://sourceforge.net/p/libmtp/bugs/1556/ - BQ Aquaris M10 Ubuntu Edition Full HD https://sourceforge.net/p/libmtp/feature-requests/163/ - added Kazam Trooper 650 4G https://sourceforge.net/p/libmtp/bugs/1554/ - Blackberry Priv https://sourceforge.net/p/libmtp/bugs/1551/ - bq aquarius avila cooler https://sourceforge.net/p/libmtp/bugs/1558/ - lenovo vibe k4 note https://sourceforge.net/p/libmtp/bugs/1562/ - Kyocera Hydro Elite https://sourceforge.net/p/libmtp/feature-requests/164/ - LG V10 https://sourceforge.net/p/libmtp/bugs/1559/ - added infocus m808 https://sourceforge.net/p/libmtp/bugs/1567/ - meizu pro 5 ubuntu phone added https://sourceforge.net/p/libmtp/bugs/1563/ - added another htc m9 variant https://sourceforge.net/p/libmtp/support-requests/217/ - added Recon Instruments Snow2 HUD and Recon Instruments Jet - LeTV X5001s added https://sourceforge.net/p/libmtp/bugs/1574/ - added lenovo phab plus https://sourceforge.net/p/libmtp/bugs/1572/ - Archos 101 xenon lite https://sourceforge.net/p/libmtp/bugs/1573/ - Huawei Android Phone H60-L12 https://sourceforge.net/p/libmtp/bugs/1550/ - bravis a401 neo added https://sourceforge.net/p/libmtp/bugs/1553/ - added lenovo TAB S8-50F https://sourceforge.net/p/libmtp/support-requests/219/ - added BLU STUDIO ENERGY 2 https://sourceforge.net/p/libmtp/bugs/1575/ - nVidia Jetson TX1 https://sourceforge.net/p/libmtp/bugs/1582/ - fix indentation for gcc6 - letv X800 https://sourceforge.net/p/libmtp/support-requests/220/ - Archos 40 Helium phone https://sourceforge.net/p/libmtp/bugs/1581/ - Acer A1-841 https://sourceforge.net/p/libmtp/bugs/1579/ - added Nokia N1 https://sourceforge.net/p/libmtp/support-requests/221/ - added Huawei P9 Plus https://sourceforge.net/p/libmtp/feature-requests/173/ - added archos 50d neon https://sourceforge.net/p/libmtp/bugs/1587/ - fixed c4 dual names - YotaPhone C9660 https://sourceforge.net/p/libmtp/support-requests/127/ - added Cubot X17 https://sourceforge.net/p/libmtp/feature-requests/161/ - 1.1.12 release Philip Langdale (1) : - [events] Add an asynchronous function to check for events Profpatsch (1) : - added jolla sailfish 0a07 id Robert Reardon (1) : - added Jolla phone ---- Support lots of new MTP devices. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-69fdb38f3e" ); script_set_attribute( attribute:"see_also", value:"https://sourceforge.net/p/libmtp/feature-requests/186/" ); script_set_attribute( attribute:"solution", value:"Update the affected libmtp package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libmtp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:26"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/07/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/07/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^26([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 26", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC26", reference:"libmtp-1.1.13-1.fc26")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmtp"); }

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2610.NASL
description	According to the versions of the libmtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9832) - An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9831) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-12-18
plugin id	132145
published	2019-12-18
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132145
title	EulerOS 2.0 SP3 : libmtp (EulerOS-SA-2019-2610)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(132145); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07"); script_cve_id( "CVE-2017-9831", "CVE-2017-9832" ); script_name(english:"EulerOS 2.0 SP3 : libmtp (EulerOS-SA-2019-2610)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the libmtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9832) - An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.(CVE-2017-9831) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2610 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?56dcf0b8"); script_set_attribute(attribute:"solution", value: "Update the affected libmtp packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/18"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libmtp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) \|\| release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D\|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) \|\| sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["libmtp-1.1.6-3.h1"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmtp"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-D26266EB32.NASL
description	libmtp 1.1.13 ============= Christophe Vu-Brugier (1) : - added GoPro HERO5 Black Emeric Grange (2) : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope (2) : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang (1) : - Update Google device strings, add (PTP+ADB) id Marcus Meissner (69) : - added archos diamond s https://sourceforge.net/p/libmtp/support-requests/222/ - added bq aquaris x5 https://sourceforge.net/p/libmtp/support-requests/224/ - added lenovo k910ss https://sourceforge.net/p/libmtp/bugs/1597/ - zuk z1 second id https://sourceforge.net/p/libmtp/bugs/1596/ - zuk z1 log - added cat s60 https://sourceforge.net/p/libmtp/feature-requests/176/ - oneplus one 3 log - added archos diamonds , https://sourceforge.net/p/libmtp/support-requests/222/ - added another alcatel idol 3 id https://sourceforge.net/p/libmtp/bugs/1605/ - added tp-link neffos c5 https://sourceforge.net/p/libmtp/bugs/1606/ - added caterpillar cat s40 https://sourceforge.net/p/libmtp/bugs/1603/ - added lenovo vibe note k5 https://sourceforge.net/p/libmtp/bugs/1608/ - added BLU studio energy x2 phone adjusted the other BLU id to 4017 - added huawei y560-l01 https://sourceforge.net/p/libmtp/feature-requests/177/ - intex aqua fish https://sourceforge.net/p/libmtp/bugs/1613/ - added bq aquarius x5 (another id) https://sourceforge.net/p/libmtp/feature-requests/181/ - added HTC Butterfly x920e https://sourceforge.net/p/libmtp/bugs/1615/ - Motorola Pro+ added https://sourceforge.net/p/libmtp/feature-requests/189/ - added Lenovo A706 https://sourceforge.net/p/libmtp/support-requests/232/ - added sony f5231 https://sourceforge.net/p/libmtp/support-requests/230/ - added Huawei Y360-U61 https://sourceforge.net/p/libmtp/feature-requests/186/ https://bugs.launchpad.net/ubuntu/+source/libmtp/+bug/15 72658 - added acer liquid z220 https://sourceforge.net/p/libmtp/support-requests/228/ - added lenovo k920 https://sourceforge.net/p/libmtp/bugs/1595/ - replace the major.version parsing logic by sscanf, allow a non-minor entry (as seen on Samsung) https://sourceforge.net/p/libmtp/bugs/1593/ - added lenovo b smartphone https://sourceforge.net/p/libmtp/bugs/1624/ - added lenovo P1ma40P https://sourceforge.net/p/libmtp/support-requests/235/ - added HUAWEI Y320-U10 https://sourceforge.net/p/libmtp/bugs/1629/ - added huawei frd l09 https://sourceforge.net/p/libmtp/bugs/1626/ - htc desire 626g dual sim https://sourceforge.net/p/libmtp/bugs/1632/ - render opcodes as opcodes, not ofc. render event names - added Kyocera Hydra Wave (model C6740N, Android version 5.1) https://sourceforge.net/p/libmtp/feature-requests/192/ - added SHARP SHV35 AQUOS U https://sourceforge.net/p/libmtp/feature-requests/192/ - iriver ak70 https://sourceforge.net/p/libmtp/bugs/1634/ - Intex AquaFish SailFish OS https://sourceforge.net/p/libmtp/feature-requests/201/ - added TP-Link Neffos C5 MAX https://sourceforge.net/p/libmtp/feature-requests/197/ - added tp-link neffos y5l https://sourceforge.net/p/libmtp/feature-requests/196/ - added tp-link neffos y5 https://sourceforge.net/p/libmtp/feature-requests/195/ - added Blephone lephone T7+ https://sourceforge.net/p/libmtp/feature-requests/194/ - added Archos 101b Oxygen https://sourceforge.net/p/libmtp/bugs/1637 - Merge /u/drzap/libmtp/ branch gopro_heroplus into master - added Huawei Nova https://sourceforge.net/p/libmtp/bugs/1640/ - added acer liquid zest plus - added sony xperia z5 debug data https://sourceforge.net/p/libmtp/bugs/1631/ - added blu energy x lte data - added lenovo k5 - added Lenovo TAB 2 A10-30 https://sourceforge.net/p/libmtp/feature-requests/204/ - added ASUS ME581CL https://sourceforge.net/p/libmtp/bugs/1642/ - added Nubia Z9 Max
last seen	2020-06-05
modified	2017-07-13
plugin id	101512
published	2017-07-13
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/101512
title	Fedora 24 : libmtp (2017-d26266eb32)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-d26266eb32. # include("compat.inc"); if (description) { script_id(101512); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-9831", "CVE-2017-9832"); script_xref(name:"FEDORA", value:"2017-d26266eb32"); script_name(english:"Fedora 24 : libmtp (2017-d26266eb32)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "libmtp 1.1.13 ============= Christophe Vu-Brugier (1) : - added GoPro HERO5 Black Emeric Grange (2) : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope (2) : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang (1) : - Update Google device strings, add (PTP+ADB) id Marcus Meissner (69) : - added archos diamond s https://sourceforge.net/p/libmtp/support-requests/222/ - added bq aquaris x5 https://sourceforge.net/p/libmtp/support-requests/224/ - added lenovo k910ss https://sourceforge.net/p/libmtp/bugs/1597/ - zuk z1 second id https://sourceforge.net/p/libmtp/bugs/1596/ - zuk z1 log - added cat s60 https://sourceforge.net/p/libmtp/feature-requests/176/ - oneplus one 3 log - added archos diamonds , https://sourceforge.net/p/libmtp/support-requests/222/ - added another alcatel idol 3 id https://sourceforge.net/p/libmtp/bugs/1605/ - added tp-link neffos c5 https://sourceforge.net/p/libmtp/bugs/1606/ - added caterpillar cat s40 https://sourceforge.net/p/libmtp/bugs/1603/ - added lenovo vibe note k5 https://sourceforge.net/p/libmtp/bugs/1608/ - added BLU studio energy x2 phone adjusted the other BLU id to 4017 - added huawei y560-l01 https://sourceforge.net/p/libmtp/feature-requests/177/ - intex aqua fish https://sourceforge.net/p/libmtp/bugs/1613/ - added bq aquarius x5 (another id) https://sourceforge.net/p/libmtp/feature-requests/181/ - added HTC Butterfly x920e https://sourceforge.net/p/libmtp/bugs/1615/ - Motorola Pro+ added https://sourceforge.net/p/libmtp/feature-requests/189/ - added Lenovo A706 https://sourceforge.net/p/libmtp/support-requests/232/ - added sony f5231 https://sourceforge.net/p/libmtp/support-requests/230/ - added Huawei Y360-U61 https://sourceforge.net/p/libmtp/feature-requests/186/ https://bugs.launchpad.net/ubuntu/+source/libmtp/+bug/15 72658 - added acer liquid z220 https://sourceforge.net/p/libmtp/support-requests/228/ - added lenovo k920 https://sourceforge.net/p/libmtp/bugs/1595/ - replace the major.version parsing logic by sscanf, allow a non-minor entry (as seen on Samsung) https://sourceforge.net/p/libmtp/bugs/1593/ - added lenovo b smartphone https://sourceforge.net/p/libmtp/bugs/1624/ - added lenovo P1ma40P https://sourceforge.net/p/libmtp/support-requests/235/ - added HUAWEI Y320-U10 https://sourceforge.net/p/libmtp/bugs/1629/ - added huawei frd l09 https://sourceforge.net/p/libmtp/bugs/1626/ - htc desire 626g dual sim https://sourceforge.net/p/libmtp/bugs/1632/ - render opcodes as opcodes, not ofc. render event names - added Kyocera Hydra Wave (model C6740N, Android version 5.1) https://sourceforge.net/p/libmtp/feature-requests/192/ - added SHARP SHV35 AQUOS U https://sourceforge.net/p/libmtp/feature-requests/192/ - iriver ak70 https://sourceforge.net/p/libmtp/bugs/1634/ - Intex AquaFish SailFish OS https://sourceforge.net/p/libmtp/feature-requests/201/ - added TP-Link Neffos C5 MAX https://sourceforge.net/p/libmtp/feature-requests/197/ - added tp-link neffos y5l https://sourceforge.net/p/libmtp/feature-requests/196/ - added tp-link neffos y5 https://sourceforge.net/p/libmtp/feature-requests/195/ - added Blephone lephone T7+ https://sourceforge.net/p/libmtp/feature-requests/194/ - added Archos 101b Oxygen https://sourceforge.net/p/libmtp/bugs/1637 - Merge /u/drzap/libmtp/ branch gopro_heroplus into master - added Huawei Nova https://sourceforge.net/p/libmtp/bugs/1640/ - added acer liquid zest plus - added sony xperia z5 debug data https://sourceforge.net/p/libmtp/bugs/1631/ - added blu energy x lte data - added lenovo k5 - added Lenovo TAB 2 A10-30 https://sourceforge.net/p/libmtp/feature-requests/204/ - added ASUS ME581CL https://sourceforge.net/p/libmtp/bugs/1642/ - added Nubia Z9 Max 'NX512j' https://sourceforge.net/p/libmtp/bugs/1646/ - added Huawei Y360-U03 https://sourceforge.net/p/libmtp/feature-requests/205/ - nokia lumia 550 - added Sony XPeria XA https://sourceforge.net/p/libmtp/bugs/1649/ - added rim blackberry dtek 60 https://sourceforge.net/p/libmtp/bugs/1658/ - added nextbit robin https://sourceforge.net/p/libmtp/bugs/1663/ - added lenovo k4 vibe https://sourceforge.net/p/libmtp/bugs/1664/ - added archos diamond 55 selfie https://sourceforge.net/p/libmtp/feature-requests/209/ - added yota yotaphone https://sourceforge.net/p/libmtp/bugs/1661/ - added Asus Zenfone Go (ZC500TG) https://sourceforge.net/p/libmtp/feature-requests/208/ - Archos 70b Neon https://sourceforge.net/p/libmtp/bugs/1660/ - added sony xperia xz https://sourceforge.net/p/libmtp/feature-requests/207/ - imported ptp* from libgphoto2 - Merge /u/cvubrugier/libmtp/ branch master into master - added Lenovo S960 https://sourceforge.net/p/libmtp/bugs/1673/ - wrong render command, this is opcode not ofc - Fixed getpartialobject on non-x86_64 systems - Merge branch 'master' of ssh://git.code.sf.net/p/libmtp/code - add casts for varargs from 64bit to 32bit - Reenable MTP GetObjectProplist for Samsung Galaxy Models. (Seems to work on my S7) Reenable also for Motorola G2. added POINT OF VIEW TAB-I847 https://sourceforge.net/p/libmtp/feature-requests/215/ - adjusted G2 entry - release 1.1.13 Stanisław Pitucha (1) : - Add LIBMTP_FILES_AND_FOLDERS_ROOT and fix examples libmtp 1.1.12 ============= - Changes in the 1.1.12 release are mostly USB id additions - A new asynchronous function to check for events has also been added. Jocelyn Mayer (1) : - added Acer Iconia One 10 https://sourceforge.net/p/libmtp/bugs/1568/ Marcus Meissner (69) : - added sony xperia e1 ids https://sourceforge.net/p/libmtp/support-requests/207/ - added debuginfo for marshall london phone https://sourceforge.net/p/libmtp/bugs/1520/ - added iRulu X1si https://sourceforge.net/p/libmtp/bugs/1521/ - hook in travis support - merge accumulated ptp lowlevel changes from libgphoto2. - run autogen.sh instead of configure - avoid question for autoupdateing - always build with a libusb avoid failing autoreconf, as we run autogen.sh - try to find libtoolize - try to find libtool harder - hmm . libtool is there, but libtoolize is not - added xperia m5 https://sourceforge.net/p/libmtp/bugs/1527/ - Caterpillar S50 added https://sourceforge.net/p/libmtp/bugs/1525/ - add cat s50 2nd id - currently dont build for osx - added another m9 id https://sourceforge.net/p/libmtp/bugs/1508/ - added haier ct715 https://sourceforge.net/p/libmtp/support-requests/208/ - added lenovo k900 https://sourceforge.net/p/libmtp/bugs/1529/ - added letv 1s https://sourceforge.net/p/libmtp/support-requests/210/ - amazon fire 8 hd https://sourceforge.net/p/libmtp/feature-requests/158/ - added lenovo vibe x https://sourceforge.net/p/libmtp/bugs/1531/ - added LeTv X800 Android phone (libmtp-discuss) https://sourceforge.net/p/libmtp/bugs/1542/ - added another wileyfox swift id https://sourceforge.net/p/libmtp/feature-requests/159/ - added Sony Xperia C4 Dual https://sourceforge.net/p/libmtp/support-requests/212/ - Motorola Droid Turbo 2 https://sourceforge.net/p/libmtp/bugs/1539/ - added Sony WALKMAN NWZ-E474 https://sourceforge.net/p/libmtp/bugs/1540/ - added BQ Aquaris M5.5 https://sourceforge.net/p/libmtp/bugs/1541/ - asus zenpad 80 added https://sourceforge.net/p/libmtp/bugs/1546/ - acer z530 16GB https://sourceforge.net/p/libmtp/bugs/1534/ - added htc 626 detection log https://sourceforge.net/p/libmtp/bugs/1538/ - zuk z1 added https://sourceforge.net/p/libmtp/bugs/1545/ - added lenovo vibe p1 pro https://sourceforge.net/p/libmtp/support-requests/213/ - htc desire 626s https://sourceforge.net/p/libmtp/bugs/1543/ - added asus fonepad 8 https://sourceforge.net/p/libmtp/bugs/1548/ - fairphone 2 os https://sourceforge.net/p/libmtp/support-requests/214/ - htc desire 626s debug log https://sourceforge.net/p/libmtp/bugs/1543/ - lenovo k3 note debug data https://sourceforge.net/p/libmtp/feature-requests/162/ - added acer z630 https://sourceforge.net/p/libmtp/bugs/1552/ - added lenovo a3500-fl https://sourceforge.net/p/libmtp/bugs/1556/ - BQ Aquaris M10 Ubuntu Edition Full HD https://sourceforge.net/p/libmtp/feature-requests/163/ - added Kazam Trooper 650 4G https://sourceforge.net/p/libmtp/bugs/1554/ - Blackberry Priv https://sourceforge.net/p/libmtp/bugs/1551/ - bq aquarius avila cooler https://sourceforge.net/p/libmtp/bugs/1558/ - lenovo vibe k4 note https://sourceforge.net/p/libmtp/bugs/1562/ - Kyocera Hydro Elite https://sourceforge.net/p/libmtp/feature-requests/164/ - LG V10 https://sourceforge.net/p/libmtp/bugs/1559/ - added infocus m808 https://sourceforge.net/p/libmtp/bugs/1567/ - meizu pro 5 ubuntu phone added https://sourceforge.net/p/libmtp/bugs/1563/ - added another htc m9 variant https://sourceforge.net/p/libmtp/support-requests/217/ - added Recon Instruments Snow2 HUD and Recon Instruments Jet - LeTV X5001s added https://sourceforge.net/p/libmtp/bugs/1574/ - added lenovo phab plus https://sourceforge.net/p/libmtp/bugs/1572/ - Archos 101 xenon lite https://sourceforge.net/p/libmtp/bugs/1573/ - Huawei Android Phone H60-L12 https://sourceforge.net/p/libmtp/bugs/1550/ - bravis a401 neo added https://sourceforge.net/p/libmtp/bugs/1553/ - added lenovo TAB S8-50F https://sourceforge.net/p/libmtp/support-requests/219/ - added BLU STUDIO ENERGY 2 https://sourceforge.net/p/libmtp/bugs/1575/ - nVidia Jetson TX1 https://sourceforge.net/p/libmtp/bugs/1582/ - fix indentation for gcc6 - letv X800 https://sourceforge.net/p/libmtp/support-requests/220/ - Archos 40 Helium phone https://sourceforge.net/p/libmtp/bugs/1581/ - Acer A1-841 https://sourceforge.net/p/libmtp/bugs/1579/ - added Nokia N1 https://sourceforge.net/p/libmtp/support-requests/221/ - added Huawei P9 Plus https://sourceforge.net/p/libmtp/feature-requests/173/ - added archos 50d neon https://sourceforge.net/p/libmtp/bugs/1587/ - fixed c4 dual names - YotaPhone C9660 https://sourceforge.net/p/libmtp/support-requests/127/ - added Cubot X17 https://sourceforge.net/p/libmtp/feature-requests/161/ - 1.1.12 release Philip Langdale (1) : - [events] Add an asynchronous function to check for events Profpatsch (1) : - added jolla sailfish 0a07 id Robert Reardon (1) : - added Jolla phone Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-d26266eb32" ); script_set_attribute( attribute:"see_also", value:"https://sourceforge.net/p/libmtp/feature-requests/186/" ); script_set_attribute( attribute:"solution", value:"Update the affected libmtp package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libmtp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/07/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/07/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^24([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC24", reference:"libmtp-1.1.13-1.fc24")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmtp"); }

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

References