 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.57024 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandrake Security Advisory MDKSA-2006:113 (tetex) |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing an update to tetex announced via advisory MDKSA-2006:113. Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Tetex contains an embedded copy of the GD library code. (CAN-2004-0941) The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop. Tetex contains an embedded copy of the GD library code. (CVE-2006-2906) Updated packages have been patched to address both issues. Affected: 10.2, 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:113 Risk factor : High CVSS Score: 5.4 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-2906 BugTraq ID: 18294 http://www.securityfocus.com/bid/18294 Bugtraq: 20060606 libgd 2.0.33 infinite loop in GIF decoding ? (Google Search) http://www.securityfocus.com/archive/1/436132 Debian Security Information: DSA-1117 (Google Search) http://www.debian.org/security/2006/dsa-1117 http://www.mandriva.com/security/advisories?name=MDKSA-2006:112 http://www.mandriva.com/security/advisories?name=MDKSA-2006:113 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://secunia.com/advisories/20500 http://secunia.com/advisories/20571 http://secunia.com/advisories/20676 http://secunia.com/advisories/20853 http://secunia.com/advisories/20866 http://secunia.com/advisories/20887 http://secunia.com/advisories/21050 http://secunia.com/advisories/21186 http://secunia.com/advisories/23783 http://securityreason.com/securityalert/1067 SuSE Security Announcement: SUSE-SA:2006:031 (Google Search) http://www.novell.com/linux/security/advisories/2006_31_php.html http://www.trustix.org/errata/2006/0038 https://usn.ubuntu.com/298-1/ http://www.vupen.com/english/advisories/2006/2174 XForce ISS Database: gdgraphicslibrary-gif-dos(26976) https://exchange.xforce.ibmcloud.com/vulnerabilities/26976 |
| Copyright | Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |