Executive Summary

Summary
Title	Updated netpbm packages fix buffer overflow vulnerability

Informations
Name	MDVSA-2008:039	First vendor Publication	2008-02-07
Vendor	Mandriva	Last vendor Modification	2008-02-07
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A buffer overflow in the giftopnm utility in netpbm prior to version 10.27 could allow attackers to have an unknown impact via a specially crafted GIF file. The updated packages have been patched to correct this issue.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:039

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

 

Definition Id: oval:org.mitre.oval:def:10975
Oval ID:	oval:org.mitre.oval:def:10975
Title:	Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
Description:	Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-0554	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section netpbm is earlier than 0:9.24-11.30.5 AND netpbm-progs is earlier than 0:9.24-11.30.5 AND netpbm-devel is earlier than 0:9.24-11.30.5 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section netpbm is earlier than 0:10.25-2.EL4.6.el4_6.1 AND netpbm-progs is earlier than 0:10.25-2.EL4.6.el4_6.1 AND netpbm-devel is earlier than 0:10.25-2.EL4.6.el4_6.1

 

Definition Id: oval:org.mitre.oval:def:16895
Oval ID:	oval:org.mitre.oval:def:16895
Title:	USN-665-1 -- netpbm-free vulnerability
Description:	It was discovered that Netpbm could be made to overrun a buffer when loading certain images.
Family:	unix	Class:	patch
Reference(s):	USN-665-1 CVE-2008-0554	Version:	5
Platform(s):	Ubuntu 6.06 Ubuntu 7.10	Product(s):	netpbm-free
Definition Synopsis:
Release section Ubuntu 6.06 is installed AND netpbm DPKG is earlier than 2:10.0-10ubuntu1.1 AND Release section Ubuntu 7.10 is installed AND netpbm DPKG is earlier than 2:10.0-11ubuntu0.1

 

Definition Id: oval:org.mitre.oval:def:20299
Oval ID:	oval:org.mitre.oval:def:20299
Title:	DSA-1579-1 netpbm-free - arbitrary code execution
Description:	A vulnerability was discovered in the GIF reader implementation in netpbm-free, a suite of image manipulation utilities. Insufficient input data validation could allow a maliciously-crafted GIF file to overrun a stack buffer, potentially permitting the execution of arbitrary code.
Family:	unix	Class:	patch
Reference(s):	DSA-1579-1 CVE-2008-0554	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	netpbm-free
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND netpbm-free DPKG is earlier than 2:10.0-11.1+etch1

 

Definition Id: oval:org.mitre.oval:def:7962
Oval ID:	oval:org.mitre.oval:def:7962
Title:	DSA-1579 netpbm-free -- insufficient input sanitising
Description:	A vulnerability was discovered in the GIF reader implementation in netpbm-free, a suite of image manipulation utilities. Insufficient input data validation could allow a maliciously-crafted GIF file to overrun a stack buffer, potentially permitting the execution of arbitrary code.
Family:	unix	Class:	patch
Reference(s):	DSA-1579 CVE-2008-0554	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	netpbm-free
Definition Synopsis:
Debian GNU/Linux 4.0 is installed.  Packages section libnetpbm9 is earlier than 10.0-11.1+etch1 AND netpbm is earlier than 10.0-11.1+etch1 AND libnetpbm10-dev is earlier than 10.0-11.1+etch1 AND libnetpbm10 is earlier than 10.0-11.1+etch1 AND libnetpbm9-dev is earlier than 10.0-11.1+etch1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Netpbm cpe:2.3:a:netpbm:netpbm:10.9:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.8:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.7:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.6:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.5:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.4:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.3:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.26:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.25:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.24:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.23:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.22:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.21:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.20:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.2:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.19:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.18:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.17:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.16:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.15:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.14:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.13:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.12:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.11:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.10:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.1:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:10.0:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.9:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.8:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.7:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.6:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.5:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.4:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.3:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.25:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.24:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.23:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.22:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.21:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.20:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.2:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.19:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.18:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.17:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.16:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.15:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.14:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.13:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.12:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.11:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.10:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.1:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:9.0:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:8.4:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:8.3:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:8.2:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:8.1:*:*:*:*:*:*:* cpe:2.3:a:netpbm:netpbm:2.10.0.8:*:*:*:*:*:*:*	58

OpenVAS Exploits

Date	Description
2009-10-10	Name : SLES9: Security update for netpbm File : nvt/sles9p5023048.nasl
2009-03-23	Name : Ubuntu Update for netpbm-free vulnerability USN-665-1 File : nvt/gb_ubuntu_USN_665_1.nasl
2009-03-06	Name : RedHat Update for netpbm RHSA-2008:0131-01 File : nvt/gb_RHSA-2008_0131-01_netpbm.nasl
2009-02-27	Name : CentOS Update for netpbm CESA-2008:0131-01 centos2 i386 File : nvt/gb_CESA-2008_0131-01_netpbm_centos2_i386.nasl
2009-02-27	Name : CentOS Update for netpbm CESA-2008:0131 centos3 i386 File : nvt/gb_CESA-2008_0131_netpbm_centos3_i386.nasl
2009-02-27	Name : CentOS Update for netpbm CESA-2008:0131 centos3 x86_64 File : nvt/gb_CESA-2008_0131_netpbm_centos3_x86_64.nasl
2009-02-27	Name : CentOS Update for netpbm CESA-2008:0131 centos4 i386 File : nvt/gb_CESA-2008_0131_netpbm_centos4_i386.nasl
2009-02-27	Name : CentOS Update for netpbm CESA-2008:0131 centos4 x86_64 File : nvt/gb_CESA-2008_0131_netpbm_centos4_x86_64.nasl
2008-05-27	Name : Debian Security Advisory DSA 1579-1 (netpbm-free) File : nvt/deb_1579_1.nasl
2008-03-19	Name : Debian Security Advisory DSA 1493-2 (sdl-image1.2) File : nvt/deb_1493_2.nasl
2008-02-15	Name : Debian Security Advisory DSA 1493-1 (sdl-image1.2) File : nvt/deb_1493_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
41651	netpbm giftopnm.c readImageData Function Crafted GIF File Handling Overflow

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0131.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080228_netpbm_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12068.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-665-1.nasl - Type : ACT_GATHER_INFO
2008-05-19	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1579.nasl - Type : ACT_GATHER_INFO
2008-02-28	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0131.nasl - Type : ACT_GATHER_INFO
2008-02-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0131.nasl - Type : ACT_GATHER_INFO