home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-040.nasl < prev    next >
Text File  |  2005-01-14  |  3KB  |  100 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:040
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14139);
  12.  script_bugtraq_id(10244);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2004-0421");
  15.  
  16.  name["english"] = "MDKSA-2004:040: libpng";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2004:040 (libpng).
  22.  
  23.  
  24. Steve Grubb discovered that libpng would access memory that is out of bounds
  25. when creating an error message. The impact of this bug is not clear, but it
  26. could lead to a core dump in a program using libpng, or could result in a DoS
  27. (Denial of Service) condition in a daemon that uses libpng to process PNG
  28. imagaes.
  29. The updated packages are patched to correct the vulnerability.
  30.  
  31.  
  32. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:040
  33. Risk factor : High";
  34.  
  35.  
  36.  
  37.  script_description(english:desc["english"]);
  38.  
  39.  summary["english"] = "Check for the version of the libpng package";
  40.  script_summary(english:summary["english"]);
  41.  
  42.  script_category(ACT_GATHER_INFO);
  43.  
  44.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  45.  family["english"] = "Mandrake Local Security Checks";
  46.  script_family(english:family["english"]);
  47.  
  48.  script_dependencies("ssh_get_info.nasl");
  49.  script_require_keys("Host/Mandrake/rpm-list");
  50.  exit(0);
  51. }
  52.  
  53. include("rpm.inc");
  54. if ( rpm_check( reference:"libpng3-1.2.5-10.2.100mdk", release:"MDK10.0", yank:"mdk") )
  55. {
  56.  security_hole(0);
  57.  exit(0);
  58. }
  59. if ( rpm_check( reference:"libpng3-devel-1.2.5-10.2.100mdk", release:"MDK10.0", yank:"mdk") )
  60. {
  61.  security_hole(0);
  62.  exit(0);
  63. }
  64. if ( rpm_check( reference:"libpng3-1.2.5-2.2.91mdk", release:"MDK9.1", yank:"mdk") )
  65. {
  66.  security_hole(0);
  67.  exit(0);
  68. }
  69. if ( rpm_check( reference:"libpng3-devel-1.2.5-2.2.91mdk", release:"MDK9.1", yank:"mdk") )
  70. {
  71.  security_hole(0);
  72.  exit(0);
  73. }
  74. if ( rpm_check( reference:"libpng3-static-devel-1.2.5-2.2.91mdk", release:"MDK9.1", yank:"mdk") )
  75. {
  76.  security_hole(0);
  77.  exit(0);
  78. }
  79. if ( rpm_check( reference:"libpng3-1.2.5-7.2.92mdk", release:"MDK9.2", yank:"mdk") )
  80. {
  81.  security_hole(0);
  82.  exit(0);
  83. }
  84. if ( rpm_check( reference:"libpng3-devel-1.2.5-7.2.92mdk", release:"MDK9.2", yank:"mdk") )
  85. {
  86.  security_hole(0);
  87.  exit(0);
  88. }
  89. if ( rpm_check( reference:"libpng3-static-devel-1.2.5-7.2.92mdk", release:"MDK9.2", yank:"mdk") )
  90. {
  91.  security_hole(0);
  92.  exit(0);
  93. }
  94. if (rpm_exists(rpm:"libpng-", release:"MDK10.0")
  95.  || rpm_exists(rpm:"libpng-", release:"MDK9.1")
  96.  || rpm_exists(rpm:"libpng-", release:"MDK9.2") )
  97. {
  98.  set_kb_item(name:"CAN-2004-0421", value:TRUE);
  99. }
  100.