 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.56031 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Security Advisory RHSA-2005:843 |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing updates announced in advisory RHSA-2005:843. The netpbm package contains a library of functions that support programs for handling various graphics file formats. A stack based buffer overflow bug was found in the way netpbm converts Portable Anymap (PNM) files into Portable Network Graphics (PNG). A specially crafted PNM file could allow an attacker to execute arbitrary code by attempting to convert a PNM file to a PNG file when using pnmtopng with the '-text' option. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3632 to this issue. An off by one bug was found in the way netpbm converts Portable Anymap (PNM) files into Portable Network Graphics (PNG). If a victim attempts to convert a specially crafted 256 color PNM file to a PNG file, then it can cause the pnmtopng utility to crash. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3662 to this issue. All users of netpbm should upgrade to these updated packages, which contain backported patches that resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-843.html Risk factor : Medium CVSS Score: 4.6 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-3632 15514 http://www.securityfocus.com/bid/15514 17544 http://secunia.com/advisories/17544 17671 http://secunia.com/advisories/17671 17679 http://secunia.com/advisories/17679 17828 http://secunia.com/advisories/17828 18186 http://secunia.com/advisories/18186 ADV-2005-2418 http://www.vupen.com/english/advisories/2005/2418 DSA-904 http://www.debian.org/security/2005/dsa-904 MDKSA-2005:217 http://www.mandriva.com/security/advisories?name=MDKSA-2005:217 RHSA-2005:843 http://www.redhat.com/support/errata/RHSA-2005-843.html SUSE-SR:2005:028 http://www.novell.com/linux/security/advisories/2005_28_sr.html USN-218-1 https://usn.ubuntu.com/218-1/ oval:org.mitre.oval:def:11165 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11165 Common Vulnerability Exposure (CVE) ID: CVE-2005-3662 15427 http://www.securityfocus.com/bid/15427 18517 http://secunia.com/advisories/18517 20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://sourceforge.net/project/shownotes.php?release_id=370545 oval:org.mitre.oval:def:9583 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9583 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |