Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2003:036 (netpbm)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50699

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2003:036 (netpbm)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to netpbm
announced via advisory MDKSA-2003:036.

Several math overflow errors were found in NetPBM by Al Viro and Alan
Cox. While these programs are not installed suid root, they are often
used to prepare data for processing. These errors may permit remote
attackers to cause a denial of service or execute arbitrary code in
any programs or scripts that use these graphics conversion tools.

Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0146

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 6979
Common Vulnerability Exposure (CVE) ID: CVE-2003-0146
http://www.securityfocus.com/bid/6979
Bugtraq: 20030228 NetPBM, multiple vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=104644687816522&w=2
CERT/CC vulnerability note: VU#630433
http://www.kb.cert.org/vuls/id/630433
Conectiva Linux advisory: CLSA-2003:656
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656
Debian Security Information: DSA-263 (Google Search)
http://www.debian.org/security/2003/dsa-263
http://www.redhat.com/support/errata/RHSA-2003-060.html
XForce ISS Database: netpbm-multiple-bo(11463)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11463

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50699
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2003:036 (netpbm)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to netpbm announced via advisory MDKSA-2003:036. Several math overflow errors were found in NetPBM by Al Viro and Alan Cox. While these programs are not installed suid root, they are often used to prepare data for processing. These errors may permit remote attackers to cause a denial of service or execute arbitrary code in any programs or scripts that use these graphics conversion tools. Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:036 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0146 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 6979 Common Vulnerability Exposure (CVE) ID: CVE-2003-0146 http://www.securityfocus.com/bid/6979 Bugtraq: 20030228 NetPBM, multiple vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=104644687816522&w=2 CERT/CC vulnerability note: VU#630433 http://www.kb.cert.org/vuls/id/630433 Conectiva Linux advisory: CLSA-2003:656 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656 Debian Security Information: DSA-263 (Google Search) http://www.debian.org/security/2003/dsa-263 http://www.redhat.com/support/errata/RHSA-2003-060.html XForce ISS Database: netpbm-multiple-bo(11463) https://exchange.xforce.ibmcloud.com/vulnerabilities/11463
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com