Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201101-01 (gif2png)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69037

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201101-01 (gif2png)

Resumen: The remote host is missing updates announced in;advisory GLSA 201101-01.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201101-01.

Vulnerability Insight:
gif2png contains a stack overflow vulnerability when parsing command line
arguments.

Solution:
All gif2png users should upgrade to the latest stable version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-gfx/gif2png-2.5.1-r1'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-5018
20091213 [gif2png] long filename Buffer Overrun
http://lists.grok.org.uk/pipermail/full-disclosure/2009-December/072009.html
41801
http://www.securityfocus.com/bid/41801
42796
http://secunia.com/advisories/42796
ADV-2010-3036
http://www.vupen.com/english/advisories/2010/3036
ADV-2011-0023
http://www.vupen.com/english/advisories/2011/0023
ADV-2011-0107
http://www.vupen.com/english/advisories/2011/0107
FEDORA-2010-0358
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html
GLSA-201101-01
http://security.gentoo.org/glsa/glsa-201101-01.xml
MDVSA-2011:009
http://www.mandriva.com/security/advisories?name=MDVSA-2011:009
[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem
http://openwall.com/lists/oss-security/2010/11/21/1
[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem
http://openwall.com/lists/oss-security/2010/11/22/1
http://openwall.com/lists/oss-security/2010/11/22/3
[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem
http://openwall.com/lists/oss-security/2010/11/22/12
gif2png-commandline-bo(64820)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64820
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978
http://bugs.gentoo.org/show_bug.cgi?id=346501
http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log
https://bugzilla.redhat.com/show_bug.cgi?id=547515

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69037
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201101-01 (gif2png)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201101-01.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201101-01. Vulnerability Insight: gif2png contains a stack overflow vulnerability when parsing command line arguments. Solution: All gif2png users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/gif2png-2.5.1-r1' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-5018 20091213 [gif2png] long filename Buffer Overrun http://lists.grok.org.uk/pipermail/full-disclosure/2009-December/072009.html 41801 http://www.securityfocus.com/bid/41801 42796 http://secunia.com/advisories/42796 ADV-2010-3036 http://www.vupen.com/english/advisories/2010/3036 ADV-2011-0023 http://www.vupen.com/english/advisories/2011/0023 ADV-2011-0107 http://www.vupen.com/english/advisories/2011/0107 FEDORA-2010-0358 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html GLSA-201101-01 http://security.gentoo.org/glsa/glsa-201101-01.xml MDVSA-2011:009 http://www.mandriva.com/security/advisories?name=MDVSA-2011:009 [oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem http://openwall.com/lists/oss-security/2010/11/21/1 [oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem http://openwall.com/lists/oss-security/2010/11/22/1 http://openwall.com/lists/oss-security/2010/11/22/3 [oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem http://openwall.com/lists/oss-security/2010/11/22/12 gif2png-commandline-bo(64820) https://exchange.xforce.ibmcloud.com/vulnerabilities/64820 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978 http://bugs.gentoo.org/show_bug.cgi?id=346501 http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log https://bugzilla.redhat.com/show_bug.cgi?id=547515
Copyright	Copyright (C) 2011 E-Soft Inc.