ID de Prueba:	1.3.6.1.4.1.25623.1.0.69579
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2011-098-01)
Resumen:	The remote host is missing an update for the 'libtiff' package(s) announced via the SSA:2011-098-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the SSA:2011-098-01 advisory. Vulnerability Insight: New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/libtiff-3.9.4-i486-2_slack13.1.txz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'libtiff' package(s) on Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0192 http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html BugTraq ID: 46658 http://www.securityfocus.com/bid/46658 Debian Security Information: DSA-2210 (Google Search) http://www.debian.org/security/2011/dsa-2210 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:043 http://www.redhat.com/support/errata/RHSA-2011-0318.html http://www.securitytracker.com/id?1025153 http://secunia.com/advisories/43585 http://secunia.com/advisories/43593 http://secunia.com/advisories/43664 http://secunia.com/advisories/43934 http://secunia.com/advisories/44117 http://secunia.com/advisories/44135 http://secunia.com/advisories/50726 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.vupen.com/english/advisories/2011/0551 http://www.vupen.com/english/advisories/2011/0599 http://www.vupen.com/english/advisories/2011/0621 http://www.vupen.com/english/advisories/2011/0845 http://www.vupen.com/english/advisories/2011/0905 http://www.vupen.com/english/advisories/2011/0930 http://www.vupen.com/english/advisories/2011/0960 Common Vulnerability Exposure (CVE) ID: CVE-2011-1167 1025257 http://www.securitytracker.com/id?1025257 20110321 ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability http://www.securityfocus.com/archive/1/517101/100/0/threaded 43900 http://secunia.com/advisories/43900 43934 43974 http://secunia.com/advisories/43974 44117 44135 46951 http://www.securityfocus.com/bid/46951 50726 71256 http://www.osvdb.org/71256 8165 http://securityreason.com/securityalert/8165 ADV-2011-0795 http://www.vupen.com/english/advisories/2011/0795 ADV-2011-0845 ADV-2011-0859 http://www.vupen.com/english/advisories/2011/0859 ADV-2011-0860 http://www.vupen.com/english/advisories/2011/0860 ADV-2011-0905 ADV-2011-0930 ADV-2011-0960 APPLE-SA-2012-02-01-1 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html APPLE-SA-2012-09-19-1 http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html DSA-2210 FEDORA-2011-3827 FEDORA-2011-3836 GLSA-201209-02 MDVSA-2011:064 http://www.mandriva.com/security/advisories?name=MDVSA-2011:064 RHSA-2011:0392 http://www.redhat.com/support/errata/RHSA-2011-0392.html SSA:2011-098-01 SUSE-SR:2011:009 USN-1102-1 http://ubuntu.com/usn/usn-1102-1 http://blackberry.com/btsc/KB27244 http://bugzilla.maptools.org/show_bug.cgi?id=2300 http://support.apple.com/kb/HT5130 http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5503 http://www.zerodayinitiative.com/advisories/ZDI-11-107 https://bugzilla.redhat.com/show_bug.cgi?id=684939 libtiff-thundercode-decoder-bo(66247) https://exchange.xforce.ibmcloud.com/vulnerabilities/66247
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.