Test Kennung:	1.3.6.1.4.1.25623.1.0.50921
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2005:002 (wxGTK2)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to wxGTK2 announced via advisory MDKSA-2005:002. Several vulnerabilities have been discovered in the libtiff package wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities: iDefense reported the possibility of remote exploitation of an integer overflow in libtiff that may allow for the execution of arbitrary code. The overflow occurs in the parsing of TIFF files set with the STRIPOFFSETS flag. iDefense also reported a heap-based buffer overflow vulnerability within the LibTIFF package could allow attackers to execute arbitrary code. (CVE-2004-1308) The vulnerability specifically exists due to insufficient validation of user-supplied data when calculating the size of a directory entry. The updated packages are patched to protect against these vulnerabilities. Affected versions: 10.0, 10.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1308 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1308 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html Cert/CC Advisory: TA05-136A http://www.us-cert.gov/cas/techalerts/TA05-136A.html CERT/CC vulnerability note: VU#125598 http://www.kb.cert.org/vuls/id/125598 Conectiva Linux advisory: CLA-2005:920 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920 Debian Security Information: DSA-617 (Google Search) http://www.debian.org/security/2004/dsa-617 http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9392 http://www.redhat.com/support/errata/RHSA-2005-019.html http://www.redhat.com/support/errata/RHSA-2005-035.html http://secunia.com/advisories/13776 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 SuSE Security Announcement: SUSE-SA:2005:001 (Google Search) http://www.novell.com/linux/security/advisories/2005_01_libtiff_tiff.html XForce ISS Database: libtiff-tiff-tdircount-bo(18637) https://exchange.xforce.ibmcloud.com/vulnerabilities/18637 Common Vulnerability Exposure (CVE) ID: CVE-2004-1183 BugTraq ID: 12173 http://www.securityfocus.com/bid/12173 Bugtraq: 20050106 [USN-54-1] TIFF library tool vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110503635113419&w=2 Debian Security Information: DSA-626 (Google Search) http://www.debian.org/security/2004/dsa-626 http://security.gentoo.org/glsa/glsa-200501-06.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:001 http://www.mandriva.com/security/advisories?name=MDKSA-2005:002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9743 http://secunia.com/advisories/13728/ XForce ISS Database: libtiff-tiffdump-bo(18782) https://exchange.xforce.ibmcloud.com/vulnerabilities/18782
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.