ID de Prueba:	1.3.6.1.4.1.25623.1.0.62964
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200812-15 (povray)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200812-15.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200812-15. Vulnerability Insight: POV-Ray includes a version of libpng that might allow for the execution of arbitrary code when reading a specially crafted PNG file Solution: All POV-Ray users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/povray-3.6.1-r4' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0768 Debian Security Information: DSA-536 (Google Search) http://www.debian.org/security/2004/dsa-536 https://bugzilla.fedora.us/show_bug.cgi?id=1943 http://security.gentoo.org/glsa/glsa-200812-15.xml http://secunia.com/advisories/33137 XForce ISS Database: libpng-offset-bo(16914) https://exchange.xforce.ibmcloud.com/vulnerabilities/16914 Common Vulnerability Exposure (CVE) ID: CVE-2006-0481 1015615 http://securitytracker.com/id?1015615 1015617 http://securitytracker.com/id?1015617 16626 http://www.securityfocus.com/bid/16626 18654 http://secunia.com/advisories/18654 18863 http://secunia.com/advisories/18863 33137 ADV-2006-0393 http://www.vupen.com/english/advisories/2006/0393 GLSA-200812-15 RHSA-2006:0205 http://www.redhat.com/support/errata/RHSA-2006-0205.html ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.8-README.txt https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179455 libpng-pngsetstripalpha-bo(24396) https://exchange.xforce.ibmcloud.com/vulnerabilities/24396 oval:org.mitre.oval:def:10780 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10780 Common Vulnerability Exposure (CVE) ID: CVE-2006-3334 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 18698 http://www.securityfocus.com/bid/18698 Bugtraq: 20060719 rPSA-2006-0133-1 libpng (Google Search) http://www.securityfocus.com/archive/1/440594/100/0/threaded http://security.gentoo.org/glsa/glsa-200607-06.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:209 http://www.mandriva.com/security/advisories?name=MDKSA-2006:210 http://www.mandriva.com/security/advisories?name=MDKSA-2006:211 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 http://secunia.com/advisories/20960 http://secunia.com/advisories/22956 http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://secunia.com/advisories/23335 http://secunia.com/advisories/29420 SuSE Security Announcement: SUSE-SR:2006:016 (Google Search) http://www.novell.com/linux/security/advisories/2006_16_sr.html SuSE Security Announcement: SUSE-SR:2006:028 (Google Search) http://www.novell.com/linux/security/advisories/2006_28_sr.html http://www.vupen.com/english/advisories/2006/2585 http://www.vupen.com/english/advisories/2008/0924/references XForce ISS Database: libpng-pngdecompresschunk-bo(27468) https://exchange.xforce.ibmcloud.com/vulnerabilities/27468 Common Vulnerability Exposure (CVE) ID: CVE-2008-1382 http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 28770 http://www.securityfocus.com/bid/28770 Bugtraq: 20080414 [oCERT-2008-003] libpng zero-length chunks incorrect handling (Google Search) http://www.securityfocus.com/archive/1/490823/100/0/threaded Bugtraq: 20080429 rPSA-2008-0151-1 libpng (Google Search) http://www.securityfocus.com/archive/1/491424/100/0/threaded Bugtraq: 20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues (Google Search) http://www.securityfocus.com/archive/1/503912/100/0/threaded Cert/CC Advisory: TA08-260A http://www.us-cert.gov/cas/techalerts/TA08-260A.html Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1750 (Google Search) http://www.debian.org/security/2009/dsa-1750 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00721.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00960.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00951.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00033.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00080.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00111.html http://security.gentoo.org/glsa/glsa-200804-15.xml http://security.gentoo.org/glsa/glsa-200805-10.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:156 http://www.ocert.org/advisories/ocert-2008-003.html http://www.osvdb.org/44364 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10326 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6275 http://www.redhat.com/support/errata/RHSA-2009-0333.html http://www.securitytracker.com/id?1019840 http://secunia.com/advisories/29678 http://secunia.com/advisories/29792 http://secunia.com/advisories/29957 http://secunia.com/advisories/29992 http://secunia.com/advisories/30009 http://secunia.com/advisories/30157 http://secunia.com/advisories/30174 http://secunia.com/advisories/30402 http://secunia.com/advisories/30486 http://secunia.com/advisories/31882 http://secunia.com/advisories/34152 http://secunia.com/advisories/34388 http://secunia.com/advisories/35074 http://secunia.com/advisories/35258 http://secunia.com/advisories/35302 http://secunia.com/advisories/35386 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.541247 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 SuSE Security Announcement: SUSE-SR:2008:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html http://www.vupen.com/english/advisories/2008/1225/references http://www.vupen.com/english/advisories/2008/2584 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/1451 http://www.vupen.com/english/advisories/2009/1462 http://www.vupen.com/english/advisories/2009/1560 XForce ISS Database: libpng-zero-length-code-execution(41800) https://exchange.xforce.ibmcloud.com/vulnerabilities/41800 Common Vulnerability Exposure (CVE) ID: CVE-2008-3964 BugTraq ID: 31049 http://www.securityfocus.com/bid/31049 CERT/CC vulnerability note: VU#889484 http://www.kb.cert.org/vuls/id/889484 http://www.mandriva.com/security/advisories?name=MDVSA-2009:051 http://www.openwall.com/lists/oss-security/2008/09/09/3 http://www.openwall.com/lists/oss-security/2008/09/09/8 http://sourceforge.net/mailarchive/forum.php?thread_name=e56ccc8f0809180317u6a5306fg14683947affb3e1b%40mail.gmail.com&forum_name=png-mng-implement http://secunia.com/advisories/31781 http://www.vupen.com/english/advisories/2008/2512 XForce ISS Database: libpng-pngpushreadztxt-dos(44928) https://exchange.xforce.ibmcloud.com/vulnerabilities/44928
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.