Test Kennung:	1.3.6.1.4.1.25623.1.0.72004
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Security Advisory MDVSA-2011:147 (cups)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to cups announced via advisory MDVSA-2011:147. A vulnerability has been discovered and corrected in cups: The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896 (CVE-2011-3170). The updated packages have been patched to correct this issue. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:147 Risk factor : High
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2896 1025929 http://www.securitytracker.com/id?1025929 45621 http://secunia.com/advisories/45621 45900 http://secunia.com/advisories/45900 45945 http://secunia.com/advisories/45945 45948 http://secunia.com/advisories/45948 46024 http://secunia.com/advisories/46024 48236 http://secunia.com/advisories/48236 48308 http://secunia.com/advisories/48308 49148 http://www.securityfocus.com/bid/49148 50737 http://secunia.com/advisories/50737 DSA-2354 http://www.debian.org/security/2011/dsa-2354 DSA-2426 http://www.debian.org/security/2012/dsa-2426 FEDORA-2011-11173 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html FEDORA-2011-11197 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html FEDORA-2011-11221 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html FEDORA-2011-11229 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html FEDORA-2011-11305 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html FEDORA-2011-11318 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html GLSA-201209-23 http://security.gentoo.org/glsa/glsa-201209-23.xml MDVSA-2011:146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 MDVSA-2011:167 http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 RHSA-2011:1635 http://www.redhat.com/support/errata/RHSA-2011-1635.html RHSA-2012:1180 http://rhn.redhat.com/errata/RHSA-2012-1180.html RHSA-2012:1181 http://rhn.redhat.com/errata/RHSA-2012-1181.html USN-1207-1 http://www.ubuntu.com/usn/USN-1207-1 USN-1214-1 http://www.ubuntu.com/usn/USN-1214-1 [oss-security] 20110810 LZW decompression issues http://www.openwall.com/lists/oss-security/2011/08/10/10 http://cups.org/str.php?L3867 http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 https://bugzilla.redhat.com/show_bug.cgi?id=727800 https://bugzilla.redhat.com/show_bug.cgi?id=730338 Common Vulnerability Exposure (CVE) ID: CVE-2011-3170 BugTraq ID: 49323 http://www.securityfocus.com/bid/49323 Debian Security Information: DSA-2354 (Google Search) http://security.gentoo.org/glsa/glsa-201207-10.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:147 http://www.securitytracker.com/id?1025980 http://secunia.com/advisories/45796 XForce ISS Database: cups-gifreadlzw-function-bo(69380) https://exchange.xforce.ibmcloud.com/vulnerabilities/69380
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.