Lucene search
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2007-230.NASLHistoryNov 26, 2007 - 12:00 a.m.
Mandrake Linux Security Advisory : tetex (MDKSA-2007:230)
2007-11-2600:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
31
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.334 Low
EPSS
Percentile
97.1%
A flaw in the t1lib library where an attacker could create a malicious file that would cause tetex to crash or possibly execute arbitrary code when opened (CVE-2007-4033).
Alin Rad Pop found several flaws in how PDF files are handled in tetex. An attacker could create a malicious PDF file that would cause tetex to crash or potentially execute arbitrary code when opened (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393).
A stack-based buffer overflow in dvips in tetex allows for user-assisted attackers to execute arbitrary code via a DVI file with a long href tag (CVE-2007-5935).
A vulnerability in dvips in tetex allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place (CVE-2007-5936).
Multiple buffer overflows in dviljk in tetext may allow users-assisted attackers to execute arbitrary code via a crafted DVI input file (CVE-2007-5937).
The updated packages have been patched to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2007:230.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(28324);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2007-4033", "CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393", "CVE-2007-5935", "CVE-2007-5936", "CVE-2007-5937");
script_bugtraq_id(25079, 26367, 26469);
script_xref(name:"MDKSA", value:"2007:230");
script_name(english:"Mandrake Linux Security Advisory : tetex (MDKSA-2007:230)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A flaw in the t1lib library where an attacker could create a malicious
file that would cause tetex to crash or possibly execute arbitrary
code when opened (CVE-2007-4033).
Alin Rad Pop found several flaws in how PDF files are handled in
tetex. An attacker could create a malicious PDF file that would cause
tetex to crash or potentially execute arbitrary code when opened
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393).
A stack-based buffer overflow in dvips in tetex allows for
user-assisted attackers to execute arbitrary code via a DVI file with
a long href tag (CVE-2007-5935).
A vulnerability in dvips in tetex allows local users to obtain
sensitive information and modify certain data by creating certain
temporary files before they are processed by dviljk, which can then be
read or modified in place (CVE-2007-5936).
Multiple buffer overflows in dviljk in tetext may allow users-assisted
attackers to execute arbitrary code via a crafted DVI input file
(CVE-2007-5937).
The updated packages have been patched to correct this issue."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(119, 264);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:jadetex");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-afm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-context");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-dvilj");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-dvipdfm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-dvips");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-latex");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-mfwin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-texi2html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-usrlocal");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tetex-xdvi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xmltex");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
script_set_attribute(attribute:"patch_publication_date", value:"2007/11/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/26");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2007.0", reference:"jadetex-3.12-116.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-afm-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-context-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-devel-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-doc-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-dvilj-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-dvipdfm-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-dvips-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-latex-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-mfwin-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-texi2html-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tetex-xdvi-3.0-18.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"xmltex-1.9-64.5mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"jadetex-3.12-129.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-afm-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-context-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-devel-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-doc-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-dvilj-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-dvipdfm-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-dvips-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-latex-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-mfwin-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-texi2html-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-usrlocal-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tetex-xdvi-3.0-31.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"xmltex-1.9-77.4mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"jadetex-3.12-136.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-afm-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-context-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-devel-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-doc-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-dvilj-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-dvipdfm-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-dvips-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-latex-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-mfwin-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-texi2html-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-usrlocal-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tetex-xdvi-3.0-38.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"xmltex-1.9-84.1mdv2008.0", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | jadetex | p-cpe:/a:mandriva:linux:jadetex |
| mandriva | linux | tetex | p-cpe:/a:mandriva:linux:tetex |
| mandriva | linux | tetex-afm | p-cpe:/a:mandriva:linux:tetex-afm |
| mandriva | linux | tetex-context | p-cpe:/a:mandriva:linux:tetex-context |
| mandriva | linux | tetex-devel | p-cpe:/a:mandriva:linux:tetex-devel |
| mandriva | linux | tetex-doc | p-cpe:/a:mandriva:linux:tetex-doc |
| mandriva | linux | tetex-dvilj | p-cpe:/a:mandriva:linux:tetex-dvilj |
| mandriva | linux | tetex-dvipdfm | p-cpe:/a:mandriva:linux:tetex-dvipdfm |
| mandriva | linux | tetex-dvips | p-cpe:/a:mandriva:linux:tetex-dvips |
| mandriva | linux | tetex-latex | p-cpe:/a:mandriva:linux:tetex-latex |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937
Related
nessus
nessus
Fedora 7 : tetex-3.0-40.3.fc7 (2007-3390)
2007-11-26 00:00:00
Fedora 8 : tetex-3.0-44.3.fc8 (2007-3308)
2007-11-26 00:00:00
CentOS 4 : tetex (CESA-2007:1027)
2009-04-23 00:00:00
openvas
openvas
Mandriva Update for tetex MDKSA-2007:230 (tetex)
2009-04-09 00:00:00
Mandriva Update for tetex MDKSA-2007:230 (tetex)
2009-04-09 00:00:00
Fedora Update for tetex FEDORA-2007-3308
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: tetex-3.0-44.3.fc8
2007-11-20 18:04:54
[SECURITY] Fedora 7 Update: tetex-3.0-40.3.fc7
2007-11-20 18:00:44
[SECURITY] Fedora Core 6 Update: tetex-3.0-36.fc6
2007-11-21 22:54:16
redhat
redhat
(RHSA-2007:1027) Important: tetex security update
2007-11-08 00:00:00
(RHSA-2007:1030) Important: xpdf security update
2007-11-07 00:00:00
(RHSA-2007:1024) Important: kdegraphics security update
2007-11-12 00:00:00
centos
centos
tetex security update
2007-11-08 21:17:06
xpdf security update
2007-11-07 20:27:33
gpdf security update
2007-11-07 19:57:28
oraclelinux
oraclelinux
Important: tetex security update
2007-11-08 00:00:00
Important: xpdf security update
2007-11-07 00:00:00
Important: poppler security update
2007-11-23 00:00:00
gentoo
gentoo
teTeX: Multiple vulnerabilities
2007-11-18 00:00:00
Poppler, KDE: User-assisted execution of arbitrary code
2007-11-18 00:00:00
ubuntu
ubuntu
teTeX and TeX Live vulnerabilities
2007-12-06 00:00:00
KOffice vulnerabilities
2007-11-15 00:00:00
poppler vulnerabilities
2007-11-14 00:00:00
debian
debian
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities
2008-04-02 21:25:32
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities
2008-04-02 21:25:32
[SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities
2008-02-25 23:14:40
freebsd
freebsd
xpdf -- multiple remote Stream.CC vulnerabilities
2007-11-07 00:00:00
securityvulns
securityvulns
Xpdf multiple security vulnerabilities
2007-11-08 00:00:00
Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
2007-11-08 00:00:00
suse
suse
remote code execution in xpdf, kdegraphics3-pdf, koffice, libextractor,
2007-11-14 16:50:40
osv
osv
koffice - multiple vulnerabilities
2008-02-25 00:00:00
poppler - several vulnerabilities
2008-02-05 00:00:00
xpdf
2008-04-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.02-alt3
2007-11-12 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.334 Low
EPSS
Percentile
97.1%
Related for MANDRAKE_MDKSA-2007-230.NASL