Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200407-06 (libpng)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54613

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200407-06 (libpng)

Resumen: The remote host is missing updates announced in;advisory GLSA 200407-06.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200407-06.

Vulnerability Insight:
libpng contains a buffer overflow vulnerability potentially allowing an
attacker to perform a Denial of Service attack or even execute arbitrary
code.

Solution:
All libpng users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=media-libs/libpng-1.2.5-r7'
# emerge '>=media-libs/libpng-1.2.5-r7'

You should also run revdep-rebuild to rebuild any packages that depend on
older versions of libpng :

# revdep-rebuild

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-1363
BugTraq ID: 6431
http://www.securityfocus.com/bid/6431
Debian Security Information: DSA-213 (Google Search)
http://www.debian.org/security/2002/dsa-213
https://bugzilla.fedora.us/show_bug.cgi?id=1943
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657
http://www.redhat.com/support/errata/RHSA-2003-006.html
http://www.redhat.com/support/errata/RHSA-2003-007.html
http://www.redhat.com/support/errata/RHSA-2003-119.html
http://www.redhat.com/support/errata/RHSA-2003-157.html
http://www.redhat.com/support/errata/RHSA-2004-249.html
http://www.redhat.com/support/errata/RHSA-2004-402.html
SuSE Security Announcement: SUSE-SA:2003:0004 (Google Search)
http://www.novell.com/linux/security/advisories/2003_004_libpng.html
XForce ISS Database: libpng-file-offset-bo(10925)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10925

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54613
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200407-06 (libpng)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200407-06.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200407-06. Vulnerability Insight: libpng contains a buffer overflow vulnerability potentially allowing an attacker to perform a Denial of Service attack or even execute arbitrary code. Solution: All libpng users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=media-libs/libpng-1.2.5-r7' # emerge '>=media-libs/libpng-1.2.5-r7' You should also run revdep-rebuild to rebuild any packages that depend on older versions of libpng : # revdep-rebuild CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1363 BugTraq ID: 6431 http://www.securityfocus.com/bid/6431 Debian Security Information: DSA-213 (Google Search) http://www.debian.org/security/2002/dsa-213 https://bugzilla.fedora.us/show_bug.cgi?id=1943 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657 http://www.redhat.com/support/errata/RHSA-2003-006.html http://www.redhat.com/support/errata/RHSA-2003-007.html http://www.redhat.com/support/errata/RHSA-2003-119.html http://www.redhat.com/support/errata/RHSA-2003-157.html http://www.redhat.com/support/errata/RHSA-2004-249.html http://www.redhat.com/support/errata/RHSA-2004-402.html SuSE Security Announcement: SUSE-SA:2003:0004 (Google Search) http://www.novell.com/linux/security/advisories/2003_004_libpng.html XForce ISS Database: libpng-file-offset-bo(10925) https://exchange.xforce.ibmcloud.com/vulnerabilities/10925
Copyright	Copyright (C) 2008 E-Soft Inc.