ID de Prueba:	1.3.6.1.4.1.25623.1.0.58966
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0992
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0992. The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. Several flaws were discovered in the way libpng handled various PNG image chunks. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was manipulated. (CVE-2007-5269) Users should update to these updated packages which contain a backported patch to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0992.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5269 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html BugTraq ID: 25956 http://www.securityfocus.com/bid/25956 BugTraq ID: 28276 http://www.securityfocus.com/bid/28276 Bugtraq: 20071112 FLEA-2007-0065-1 libpng (Google Search) http://www.securityfocus.com/archive/1/483582/100/0/threaded Bugtraq: 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK (Google Search) http://www.securityfocus.com/archive/1/489135/100/0/threaded Bugtraq: 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues (Google Search) http://www.securityfocus.com/archive/1/489739/100/0/threaded Bugtraq: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. (Google Search) http://www.securityfocus.com/archive/1/495869/100/0/threaded Cert/CC Advisory: TA08-150A http://www.us-cert.gov/cas/techalerts/TA08-150A.html Debian Security Information: DSA-1750 (Google Search) http://www.debian.org/security/2009/dsa-1750 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00353.html https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00356.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00072.html http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 http://www.coresecurity.com/?action=item&id=2148 http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement http://lists.vmware.com/pipermail/security-announce/2008/000008.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10614 http://www.redhat.com/support/errata/RHSA-2007-0992.html http://www.securitytracker.com/id?1018849 http://secunia.com/advisories/27093 http://secunia.com/advisories/27284 http://secunia.com/advisories/27369 http://secunia.com/advisories/27391 http://secunia.com/advisories/27405 http://secunia.com/advisories/27492 http://secunia.com/advisories/27529 http://secunia.com/advisories/27629 http://secunia.com/advisories/27662 http://secunia.com/advisories/27746 http://secunia.com/advisories/27965 http://secunia.com/advisories/29420 http://secunia.com/advisories/30161 http://secunia.com/advisories/30430 http://secunia.com/advisories/31712 http://secunia.com/advisories/31713 http://secunia.com/advisories/34388 http://secunia.com/advisories/35302 http://secunia.com/advisories/35386 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 SuSE Security Announcement: SUSE-SR:2007:025 (Google Search) http://www.novell.com/linux/security/advisories/2007_25_sr.html http://www.ubuntu.com/usn/usn-538-1 http://www.vupen.com/english/advisories/2007/3390 http://www.vupen.com/english/advisories/2008/0905/references http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/advisories/2008/2466 http://www.vupen.com/english/advisories/2009/1462 http://www.vupen.com/english/advisories/2009/1560
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.