Test Kennung:	1.3.6.1.4.1.25623.1.0.53918
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2004-223-02)
Zusammenfassung:	The remote host is missing an update for the 'imagemagick' package(s) announced via the SSA:2004-223-02 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'imagemagick' package(s) announced via the SSA:2004-223-02 advisory. Vulnerability Insight: New imagemagick packages are available for Slackware 9.1, 10.0, and -current to fix security issues with PNG images. More details about the issues with PNG may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ Sat Aug 7 17:17:20 AKDT 2004 patches/packages/imagemagick-6.0.4_3-i486-1.tgz: Upgraded to ImageMagick-6.0.4-3. Fixes PNG security issues. (* Security fix *) +--------------------------+ Affected Software/OS: 'imagemagick' package(s) on Slackware 9.1, Slackware 10.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0597 http://lists.apple.com/mhonarc/security-announce/msg00056.html BugTraq ID: 10857 http://www.securityfocus.com/bid/10857 BugTraq ID: 15495 http://www.securityfocus.com/bid/15495 Bugtraq: 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) (Google Search) http://marc.info/?l=bugtraq&m=109163866717909&w=2 Bugtraq: 20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit (Google Search) http://marc.info/?l=bugtraq&m=110796779903455&w=2 Cert/CC Advisory: TA04-217A http://www.us-cert.gov/cas/techalerts/TA04-217A.html Cert/CC Advisory: TA05-039A http://www.us-cert.gov/cas/techalerts/TA05-039A.html CERT/CC vulnerability note: VU#388984 http://www.kb.cert.org/vuls/id/388984 CERT/CC vulnerability note: VU#817368 http://www.kb.cert.org/vuls/id/817368 Conectiva Linux advisory: CLA-2004:856 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 Debian Security Information: DSA-536 (Google Search) http://www.debian.org/security/2004/dsa-536 https://bugzilla.fedora.us/show_bug.cgi?id=1943 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml HPdes Security Advisory: SSRT4778 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:079 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 http://scary.beasts.org/security/CESA-2004-001.txt http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10 Microsoft Security Bulletin: MS05-009 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709 http://www.redhat.com/support/errata/RHSA-2004-402.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.redhat.com/support/errata/RHSA-2004-429.html SCO Security Bulletin: SCOSA-2004.16 http://marc.info/?l=bugtraq&m=109761239318458&w=2 SCO Security Bulletin: SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1 SuSE Security Announcement: SUSE-SA:2004:023 (Google Search) http://www.novell.com/linux/security/advisories/2004_23_libpng.html http://www.trustix.net/errata/2004/0040/ XForce ISS Database: libpng-pnghandle-bo(16894) https://exchange.xforce.ibmcloud.com/vulnerabilities/16894 Common Vulnerability Exposure (CVE) ID: CVE-2004-0598 CERT/CC vulnerability note: VU#236656 http://www.kb.cert.org/vuls/id/236656 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2572 XForce ISS Database: libpng-pnghandleiccp-dos(16895) https://exchange.xforce.ibmcloud.com/vulnerabilities/16895 Common Vulnerability Exposure (CVE) ID: CVE-2004-0599 CERT/CC vulnerability note: VU#160448 http://www.kb.cert.org/vuls/id/160448 CERT/CC vulnerability note: VU#286464 http://www.kb.cert.org/vuls/id/286464 CERT/CC vulnerability note: VU#477512 http://www.kb.cert.org/vuls/id/477512 Debian Security Information: DSA-570 (Google Search) http://www.debian.org/security/2004/dsa-570 Debian Security Information: DSA-571 (Google Search) http://www.debian.org/security/2004/dsa-571 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10938 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1479 XForce ISS Database: lilbpng-integer-bo(16896) https://exchange.xforce.ibmcloud.com/vulnerabilities/16896
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.