Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200409-28 (gtk+)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54684

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200409-28 (gtk+)

Resumen: The remote host is missing updates announced in;advisory GLSA 200409-28.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200409-28.

Vulnerability Insight:
The GdkPixbuf library, which is also included in GTK+ 2, contains several
vulnerabilities that could lead to a Denial of Service or the execution of
arbitrary code.

Solution:
All GTK+ 2 users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=x11-libs/gtk+-2.4.9-r1'
# emerge '>=x11-libs/gtk+-2.4.9-r1'

All GdkPixbuf users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=media-libs/gdk-pixbuf-0.22.0-r3'
# emerge '>=media-libs/gdk-pixbuf-0.22.0-r3'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0753
BugTraq ID: 11195
http://www.securityfocus.com/bid/11195
CERT/CC vulnerability note: VU#825374
http://www.kb.cert.org/vuls/id/825374
Conectiva Linux advisory: CLA-2004:875
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875
Debian Security Information: DSA-546 (Google Search)
http://www.debian.org/security/2004/dsa-546
http://www.securityfocus.com/archive/1/419771/100/0/threaded
https://bugzilla.fedora.us/show_bug.cgi?id=2005
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095
http://www.mandriva.com/security/advisories?name=MDKSA-2005:214
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585
http://www.redhat.com/support/errata/RHSA-2004-447.html
http://www.redhat.com/support/errata/RHSA-2004-466.html
http://secunia.com/advisories/17657
XForce ISS Database: gtk-bmp-dos(17383)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17383
Common Vulnerability Exposure (CVE) ID: CVE-2004-0782
Bugtraq: 20040915 CESA-2004-005: gtk+ XPM decoder (Google Search)
http://marc.info/?l=bugtraq&m=109528994916275&w=2
CERT/CC vulnerability note: VU#729894
http://www.kb.cert.org/vuls/id/729894
http://scary.beasts.org/security/CESA-2004-005.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1
XForce ISS Database: gtk-xpm-pixbufcreatefromxpm-bo(17386)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17386
Common Vulnerability Exposure (CVE) ID: CVE-2004-0783
CERT/CC vulnerability note: VU#369358
http://www.kb.cert.org/vuls/id/369358
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348
XForce ISS Database: gtk-xpm-xpmextractcolor-bo(17385)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17385
Common Vulnerability Exposure (CVE) ID: CVE-2004-0788
CERT/CC vulnerability note: VU#577654
http://www.kb.cert.org/vuls/id/577654
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506
XForce ISS Database: gtk-ico-integer-bo(17387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17387

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54684
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200409-28 (gtk+)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200409-28.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200409-28. Vulnerability Insight: The GdkPixbuf library, which is also included in GTK+ 2, contains several vulnerabilities that could lead to a Denial of Service or the execution of arbitrary code. Solution: All GTK+ 2 users should upgrade to the latest version: # emerge sync # emerge -pv '>=x11-libs/gtk+-2.4.9-r1' # emerge '>=x11-libs/gtk+-2.4.9-r1' All GdkPixbuf users should upgrade to the latest version: # emerge sync # emerge -pv '>=media-libs/gdk-pixbuf-0.22.0-r3' # emerge '>=media-libs/gdk-pixbuf-0.22.0-r3' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0753 BugTraq ID: 11195 http://www.securityfocus.com/bid/11195 CERT/CC vulnerability note: VU#825374 http://www.kb.cert.org/vuls/id/825374 Conectiva Linux advisory: CLA-2004:875 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875 Debian Security Information: DSA-546 (Google Search) http://www.debian.org/security/2004/dsa-546 http://www.securityfocus.com/archive/1/419771/100/0/threaded https://bugzilla.fedora.us/show_bug.cgi?id=2005 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095 http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585 http://www.redhat.com/support/errata/RHSA-2004-447.html http://www.redhat.com/support/errata/RHSA-2004-466.html http://secunia.com/advisories/17657 XForce ISS Database: gtk-bmp-dos(17383) https://exchange.xforce.ibmcloud.com/vulnerabilities/17383 Common Vulnerability Exposure (CVE) ID: CVE-2004-0782 Bugtraq: 20040915 CESA-2004-005: gtk+ XPM decoder (Google Search) http://marc.info/?l=bugtraq&m=109528994916275&w=2 CERT/CC vulnerability note: VU#729894 http://www.kb.cert.org/vuls/id/729894 http://scary.beasts.org/security/CESA-2004-005.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1 XForce ISS Database: gtk-xpm-pixbufcreatefromxpm-bo(17386) https://exchange.xforce.ibmcloud.com/vulnerabilities/17386 Common Vulnerability Exposure (CVE) ID: CVE-2004-0783 CERT/CC vulnerability note: VU#369358 http://www.kb.cert.org/vuls/id/369358 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348 XForce ISS Database: gtk-xpm-xpmextractcolor-bo(17385) https://exchange.xforce.ibmcloud.com/vulnerabilities/17385 Common Vulnerability Exposure (CVE) ID: CVE-2004-0788 CERT/CC vulnerability note: VU#577654 http://www.kb.cert.org/vuls/id/577654 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506 XForce ISS Database: gtk-ico-integer-bo(17387) https://exchange.xforce.ibmcloud.com/vulnerabilities/17387
Copyright	Copyright (C) 2008 E-Soft Inc.