Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2003:036 (netpbm)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.50699

Kategorie: Mandrake Local Security Checks

Titel: Mandrake Security Advisory MDKSA-2003:036 (netpbm)

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote host is missing an update to netpbm
announced via advisory MDKSA-2003:036.

Several math overflow errors were found in NetPBM by Al Viro and Alan
Cox. While these programs are not installed suid root, they are often
used to prepare data for processing. These errors may permit remote
attackers to cause a denial of service or execute arbitrary code in
any programs or scripts that use these graphics conversion tools.

Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0146

Risk factor : High

CVSS Score:
7.5

Querverweis: BugTraq ID: 6979
Common Vulnerability Exposure (CVE) ID: CVE-2003-0146
http://www.securityfocus.com/bid/6979
Bugtraq: 20030228 NetPBM, multiple vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=104644687816522&w=2
CERT/CC vulnerability note: VU#630433
http://www.kb.cert.org/vuls/id/630433
Conectiva Linux advisory: CLSA-2003:656
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656
Debian Security Information: DSA-263 (Google Search)
http://www.debian.org/security/2003/dsa-263
http://www.redhat.com/support/errata/RHSA-2003-060.html
XForce ISS Database: netpbm-multiple-bo(11463)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11463

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.50699
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2003:036 (netpbm)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to netpbm announced via advisory MDKSA-2003:036. Several math overflow errors were found in NetPBM by Al Viro and Alan Cox. While these programs are not installed suid root, they are often used to prepare data for processing. These errors may permit remote attackers to cause a denial of service or execute arbitrary code in any programs or scripts that use these graphics conversion tools. Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:036 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0146 Risk factor : High CVSS Score: 7.5
Querverweis:	BugTraq ID: 6979 Common Vulnerability Exposure (CVE) ID: CVE-2003-0146 http://www.securityfocus.com/bid/6979 Bugtraq: 20030228 NetPBM, multiple vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=104644687816522&w=2 CERT/CC vulnerability note: VU#630433 http://www.kb.cert.org/vuls/id/630433 Conectiva Linux advisory: CLSA-2003:656 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656 Debian Security Information: DSA-263 (Google Search) http://www.debian.org/security/2003/dsa-263 http://www.redhat.com/support/errata/RHSA-2003-060.html XForce ISS Database: netpbm-multiple-bo(11463) https://exchange.xforce.ibmcloud.com/vulnerabilities/11463
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com