FreeBSD Local Security Checks : FreeBSD Ports: linux-png

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52428

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: linux-png

Resumen: The remote host is missing an update to the system;as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:
linux-png
png

CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and earlier
allows attackers to cause a denial of service (crash) via a malformed
PNG image file that triggers an error that causes an out-of-bounds
read when creating the error message.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0421
http://lists.apple.com/mhonarc/security-announce/msg00056.html
BugTraq ID: 10244
http://www.securityfocus.com/bid/10244
Bugtraq: 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) (Google Search)
http://marc.info/?l=bugtraq&m=108334922320309&w=2
Debian Security Information: DSA-498 (Google Search)
http://www.debian.org/security/2004/dsa-498
http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2
http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:040
http://www.mandriva.com/security/advisories?name=MDKSA-2006:212
http://www.mandriva.com/security/advisories?name=MDKSA-2006:213
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971
http://www.redhat.com/support/errata/RHSA-2004-180.html
http://www.redhat.com/support/errata/RHSA-2004-181.html
http://secunia.com/advisories/22957
http://secunia.com/advisories/22958
http://marc.info/?l=bugtraq&m=108335030208523&w=2
XForce ISS Database: libpng-png-dos(16022)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16022

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52428
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: linux-png
Resumen:	The remote host is missing an update to the system;as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: linux-png png CVE-2004-0421 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0421 http://lists.apple.com/mhonarc/security-announce/msg00056.html BugTraq ID: 10244 http://www.securityfocus.com/bid/10244 Bugtraq: 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) (Google Search) http://marc.info/?l=bugtraq&m=108334922320309&w=2 Debian Security Information: DSA-498 (Google Search) http://www.debian.org/security/2004/dsa-498 http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2 http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:040 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971 http://www.redhat.com/support/errata/RHSA-2004-180.html http://www.redhat.com/support/errata/RHSA-2004-181.html http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://marc.info/?l=bugtraq&m=108335030208523&w=2 XForce ISS Database: libpng-png-dos(16022) https://exchange.xforce.ibmcloud.com/vulnerabilities/16022
Copyright	Copyright (C) 2008 E-Soft Inc.