home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2002-071.nasl < prev    next >
Text File  |  2005-01-14  |  2KB  |  89 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2002:071
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(13971);
  12.  script_version ("$Revision: 1.2 $");
  13.  script_cve_id("CAN-2002-0836");
  14.  
  15.  name["english"] = "MDKSA-2002:071: kdegraphics";
  16.  
  17.  script_name(english:name["english"]);
  18.  
  19.  desc["english"] = "
  20. The remote host is missing the patch for the advisory MDKSA-2002:071 (kdegraphics).
  21.  
  22.  
  23. A vulnerability exists in KGhostview, part of the kdegraphics package. It
  24. includes a DSC 3.0 parser from GSview then is vulnerable to a buffer overflow
  25. while parsing a specially crafted .ps file. It also contains code from gv which
  26. is vulnerable to a similar buffer overflow triggered by malformed PostScript and
  27. PDF files. This has been fixed in KDE 3.0.4 and patches have been applied to
  28. correct these packages.
  29.  
  30.  
  31. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071
  32. Risk factor : High";
  33.  
  34.  
  35.  
  36.  script_description(english:desc["english"]);
  37.  
  38.  summary["english"] = "Check for the version of the kdegraphics package";
  39.  script_summary(english:summary["english"]);
  40.  
  41.  script_category(ACT_GATHER_INFO);
  42.  
  43.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  44.  family["english"] = "Mandrake Local Security Checks";
  45.  script_family(english:family["english"]);
  46.  
  47.  script_dependencies("ssh_get_info.nasl");
  48.  script_require_keys("Host/Mandrake/rpm-list");
  49.  exit(0);
  50. }
  51.  
  52. include("rpm.inc");
  53. if ( rpm_check( reference:"kdegraphics-2.2.1-2.1mdk", release:"MDK8.1", yank:"mdk") )
  54. {
  55.  security_hole(0);
  56.  exit(0);
  57. }
  58. if ( rpm_check( reference:"kdegraphics-static-devel-2.2.1-2.1mdk", release:"MDK8.1", yank:"mdk") )
  59. {
  60.  security_hole(0);
  61.  exit(0);
  62. }
  63. if ( rpm_check( reference:"kdegraphics-2.2.2-15.1mdk", release:"MDK8.2", yank:"mdk") )
  64. {
  65.  security_hole(0);
  66.  exit(0);
  67. }
  68. if ( rpm_check( reference:"kdegraphics-devel-2.2.2-15.1mdk", release:"MDK8.2", yank:"mdk") )
  69. {
  70.  security_hole(0);
  71.  exit(0);
  72. }
  73. if ( rpm_check( reference:"kdegraphics-3.0.3-11.1mdk", release:"MDK9.0", yank:"mdk") )
  74. {
  75.  security_hole(0);
  76.  exit(0);
  77. }
  78. if ( rpm_check( reference:"kdegraphics-devel-3.0.3-11.1mdk", release:"MDK9.0", yank:"mdk") )
  79. {
  80.  security_hole(0);
  81.  exit(0);
  82. }
  83. if (rpm_exists(rpm:"kdegraphics-", release:"MDK8.1")
  84.  || rpm_exists(rpm:"kdegraphics-", release:"MDK8.2")
  85.  || rpm_exists(rpm:"kdegraphics-", release:"MDK9.0") )
  86. {
  87.  set_kb_item(name:"CAN-2002-0836", value:TRUE);
  88. }
  89.