Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:708

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55019

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:708

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:708.

The gpdf package is an GNOME based viewer for Portable Document Format
(PDF) files.

Marcus Meissner reported a flaw in gpdf. An attacker could construct a
carefully crafted PDF file that would cause gpdf to consume all available
disk space in /tmp when opened. The Common Vulnerabilities and Exposures
project assigned the name CVE-2005-2097 to this issue.

Note that this issue does not affect the version of gpdf in Red Hat
Enterprise Linux 3 or 2.1.

Users of gpdf should upgrade to this updated package, which contains a
backported patch to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-708.html

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: BugTraq ID: 14529
Common Vulnerability Exposure (CVE) ID: CVE-2005-2097
102972
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
14529
http://www.securityfocus.com/bid/14529
17277
http://secunia.com/advisories/17277
18398
http://secunia.com/advisories/18398
18407
http://secunia.com/advisories/18407
21339
http://secunia.com/advisories/21339
25729
http://secunia.com/advisories/25729
ADV-2007-2280
http://www.vupen.com/english/advisories/2007/2280
DSA-1136
http://www.debian.org/security/2006/dsa-1136
DSA-780
http://www.debian.org/security/2005/dsa-780
DSA-936
http://www.debian.org/security/2006/dsa-936
FLSA-2006:176751
http://www.securityfocus.com/archive/1/427053/100/0/threaded
FLSA:175404
http://www.securityfocus.com/archive/1/427990/100/0/threaded
MDKSA-2005:138
http://www.mandriva.com/security/advisories?name=MDKSA-2005:138
RHSA-2005:670
http://www.redhat.com/support/errata/RHSA-2005-670.html
RHSA-2005:671
http://www.redhat.com/support/errata/RHSA-2005-671.html
RHSA-2005:706
http://www.redhat.com/support/errata/RHSA-2005-706.html
RHSA-2005:708
http://www.redhat.com/support/errata/RHSA-2005-708.html
SCOSA-2005.42
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
SUSE-SR:2005:019
http://www.novell.com/linux/security/advisories/2005_19_sr.html
USN-163-1
https://usn.ubuntu.com/163-1/
oval:org.mitre.oval:def:10280
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55019
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:708
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:708. The gpdf package is an GNOME based viewer for Portable Document Format (PDF) files. Marcus Meissner reported a flaw in gpdf. An attacker could construct a carefully crafted PDF file that would cause gpdf to consume all available disk space in /tmp when opened. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2097 to this issue. Note that this issue does not affect the version of gpdf in Red Hat Enterprise Linux 3 or 2.1. Users of gpdf should upgrade to this updated package, which contains a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-708.html Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 14529 Common Vulnerability Exposure (CVE) ID: CVE-2005-2097 102972 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 14529 http://www.securityfocus.com/bid/14529 17277 http://secunia.com/advisories/17277 18398 http://secunia.com/advisories/18398 18407 http://secunia.com/advisories/18407 21339 http://secunia.com/advisories/21339 25729 http://secunia.com/advisories/25729 ADV-2007-2280 http://www.vupen.com/english/advisories/2007/2280 DSA-1136 http://www.debian.org/security/2006/dsa-1136 DSA-780 http://www.debian.org/security/2005/dsa-780 DSA-936 http://www.debian.org/security/2006/dsa-936 FLSA-2006:176751 http://www.securityfocus.com/archive/1/427053/100/0/threaded FLSA:175404 http://www.securityfocus.com/archive/1/427990/100/0/threaded MDKSA-2005:138 http://www.mandriva.com/security/advisories?name=MDKSA-2005:138 RHSA-2005:670 http://www.redhat.com/support/errata/RHSA-2005-670.html RHSA-2005:671 http://www.redhat.com/support/errata/RHSA-2005-671.html RHSA-2005:706 http://www.redhat.com/support/errata/RHSA-2005-706.html RHSA-2005:708 http://www.redhat.com/support/errata/RHSA-2005-708.html SCOSA-2005.42 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt SUSE-SR:2005:019 http://www.novell.com/linux/security/advisories/2005_19_sr.html USN-163-1 https://usn.ubuntu.com/163-1/ oval:org.mitre.oval:def:10280 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com