ID de Prueba:	1.3.6.1.4.1.25623.1.0.53901
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2004-305-02)
Resumen:	The remote host is missing an update for the 'libtiff' package(s) announced via the SSA:2004-305-02 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the SSA:2004-305-02 advisory. Vulnerability Insight: New libtiff packages are available for Slackware 8.1, 9.0, 9.1, 10.1, and -current to fix security issues that could lead to application crashes, or possibly execution of arbitrary code. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ patches/packages/libtiff-3.7.0-i486-1.tgz: Upgraded to libtiff-3.7.0. This fixes several bugs that could lead to crashes, or could possibly allow arbitrary code to be executed. For more details, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'libtiff' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0803 BugTraq ID: 11406 http://www.securityfocus.com/bid/11406 Bugtraq: 20041013 CESA-2004-006: libtiff (Google Search) http://marc.info/?l=bugtraq&m=109778785107450&w=2 CERT/CC vulnerability note: VU#948752 http://www.kb.cert.org/vuls/id/948752 Conectiva Linux advisory: CLA-2004:888 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 Debian Security Information: DSA-567 (Google Search) http://www.debian.org/security/2004/dsa-567 http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 http://scary.beasts.org/security/CESA-2004-006.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896 http://www.redhat.com/support/errata/RHSA-2004-577.html http://www.redhat.com/support/errata/RHSA-2005-021.html http://www.redhat.com/support/errata/RHSA-2005-354.html http://secunia.com/advisories/12818 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 SuSE Security Announcement: SUSE-SA:2004:038 (Google Search) http://www.novell.com/linux/security/advisories/2004_38_libtiff.html XForce ISS Database: libtiff-library-decoding-bo(17703) https://exchange.xforce.ibmcloud.com/vulnerabilities/17703 Common Vulnerability Exposure (CVE) ID: CVE-2004-0804 CERT/CC vulnerability note: VU#555304 http://www.kb.cert.org/vuls/id/555304 http://bugzilla.remotesensing.org/show_bug.cgi?id=111 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100115 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11711 XForce ISS Database: libtiff-dos(17755) https://exchange.xforce.ibmcloud.com/vulnerabilities/17755 Common Vulnerability Exposure (CVE) ID: CVE-2004-0886 CERT/CC vulnerability note: VU#687568 http://www.kb.cert.org/vuls/id/687568 Computer Incident Advisory Center Bulletin: P-015 http://www.ciac.org/ciac/bulletins/p-015.shtml http://marc.info/?l=bugtraq&m=109779465621929&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907 http://securitytracker.com/id?1011674 http://www.trustix.org/errata/2004/0054/ XForce ISS Database: libtiff-bo(17715) https://exchange.xforce.ibmcloud.com/vulnerabilities/17715
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.