ID de Prueba:	1.3.6.1.4.1.25623.1.0.55861
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:810
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:810. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. A bug was found in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3186 to this issue. Ludwig Nussel discovered an integer overflow bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code or crash when the file was opened by a victim. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2976 to this issue. Ludwig Nussel also discovered an infinite-loop denial of service bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to stop responding when the file was opened by a victim. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2975 to this issue. Users of gdk-pixbuf are advised to upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-810.html Risk factor : High CVSS Score: 7.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3186 BugTraq ID: 15435 http://www.securityfocus.com/bid/15435 Debian Security Information: DSA-911 (Google Search) http://www.debian.org/security/2005/dsa-911 Debian Security Information: DSA-913 (Google Search) http://www.debian.org/security/2005/dsa-913 http://www.securityfocus.com/archive/1/428052/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml http://www.idefense.com/application/poi/display?id=339&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503 http://www.redhat.com/support/errata/RHSA-2005-810.html http://www.redhat.com/support/errata/RHSA-2005-811.html SCO Security Bulletin: SCOSA-2006.8 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt http://securitytracker.com/id?1015216 http://secunia.com/advisories/17522 http://secunia.com/advisories/17538 http://secunia.com/advisories/17562 http://secunia.com/advisories/17588 http://secunia.com/advisories/17591 http://secunia.com/advisories/17592 http://secunia.com/advisories/17594 http://secunia.com/advisories/17615 http://secunia.com/advisories/17657 http://secunia.com/advisories/17710 http://secunia.com/advisories/17770 http://secunia.com/advisories/17791 http://secunia.com/advisories/18509 http://securityreason.com/securityalert/188 SuSE Security Announcement: SUSE-SA:2005:065 (Google Search) http://www.novell.com/linux/security/advisories/2005_65_gtk2.html http://www.ubuntu.com/usn/usn-216-1 http://www.vupen.com/english/advisories/2005/2433 Common Vulnerability Exposure (CVE) ID: CVE-2005-2976 1015216 15428 http://www.securityfocus.com/bid/15428 17522 17538 17562 17592 17594 17615 17657 17710 17770 17791 ADV-2005-2433 DSA-911 DSA-913 FLSA:173274 GLSA-200511-14 MDKSA-2005:214 RHSA-2005:810 SUSE-SA:2005:065 USN-216-1 http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf oval:org.mitre.oval:def:11370 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370 Common Vulnerability Exposure (CVE) ID: CVE-2005-2975 15429 http://www.securityfocus.com/bid/15429 17588 17591 RHSA-2005:811 oval:org.mitre.oval:def:9697 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.