CentOS Local Security Checks : CentOS Update for libtiff CESA-2017:0225 centos6

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882648

Categoría: CentOS Local Security Checks

Título: CentOS Update for libtiff CESA-2017:0225 centos6

Resumen: Check the version of libtiff

Descripción: Summary:
Check the version of libtiff

Vulnerability Insight:
The libtiff packages contain a library of
functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* Multiple flaws have been discovered in libtiff. A remote attacker could
exploit these flaws to cause a crash or memory corruption and, possibly,
execute arbitrary code by tricking an application linked against libtiff
into processing specially crafted files. (CVE-2016-9533, CVE-2016-9534,
CVE-2016-9535)

* Multiple flaws have been discovered in various libtiff tools (tiff2pdf,
tiffcrop, tiffcp, bmp2tiff). By tricking a user into processing a specially
crafted file, a remote attacker could exploit these flaws to cause a crash
or memory corruption and, possibly, execute arbitrary code with the
privileges of the user running the libtiff tool. (CVE-2015-8870,
CVE-2016-5652, CVE-2016-9540, CVE-2016-9537, CVE-2016-9536)

Affected Software/OS:
libtiff on CentOS 6

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-8870
BugTraq ID: 94717
http://www.securityfocus.com/bid/94717
http://www.floyd.ch/?p=874BMP
RedHat Security Advisories: RHSA-2017:0225
http://rhn.redhat.com/errata/RHSA-2017-0225.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5652
BugTraq ID: 93902
http://www.securityfocus.com/bid/93902
Debian Security Information: DSA-3762 (Google Search)
http://www.debian.org/security/2017/dsa-3762
https://security.gentoo.org/glsa/201701-16
http://www.talosintelligence.com/reports/TALOS-2016-0187/
Common Vulnerability Exposure (CVE) ID: CVE-2016-9533
BugTraq ID: 94484
http://www.securityfocus.com/bid/94484
BugTraq ID: 94742
http://www.securityfocus.com/bid/94742
Common Vulnerability Exposure (CVE) ID: CVE-2016-9534
BugTraq ID: 94743
http://www.securityfocus.com/bid/94743
Common Vulnerability Exposure (CVE) ID: CVE-2016-9535
BugTraq ID: 94744
http://www.securityfocus.com/bid/94744
Debian Security Information: DSA-3844 (Google Search)
http://www.debian.org/security/2017/dsa-3844
Common Vulnerability Exposure (CVE) ID: CVE-2016-9536
BugTraq ID: 94745
http://www.securityfocus.com/bid/94745
Common Vulnerability Exposure (CVE) ID: CVE-2016-9537
BugTraq ID: 94746
http://www.securityfocus.com/bid/94746
Common Vulnerability Exposure (CVE) ID: CVE-2016-9540
BugTraq ID: 94747
http://www.securityfocus.com/bid/94747

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882648
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for libtiff CESA-2017:0225 centos6
Resumen:	Check the version of libtiff
Descripción:	Summary: Check the version of libtiff Vulnerability Insight: The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2016-9533, CVE-2016-9534, CVE-2016-9535) * Multiple flaws have been discovered in various libtiff tools (tiff2pdf, tiffcrop, tiffcp, bmp2tiff). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2015-8870, CVE-2016-5652, CVE-2016-9540, CVE-2016-9537, CVE-2016-9536) Affected Software/OS: libtiff on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8870 BugTraq ID: 94717 http://www.securityfocus.com/bid/94717 http://www.floyd.ch/?p=874BMP RedHat Security Advisories: RHSA-2017:0225 http://rhn.redhat.com/errata/RHSA-2017-0225.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5652 BugTraq ID: 93902 http://www.securityfocus.com/bid/93902 Debian Security Information: DSA-3762 (Google Search) http://www.debian.org/security/2017/dsa-3762 https://security.gentoo.org/glsa/201701-16 http://www.talosintelligence.com/reports/TALOS-2016-0187/ Common Vulnerability Exposure (CVE) ID: CVE-2016-9533 BugTraq ID: 94484 http://www.securityfocus.com/bid/94484 BugTraq ID: 94742 http://www.securityfocus.com/bid/94742 Common Vulnerability Exposure (CVE) ID: CVE-2016-9534 BugTraq ID: 94743 http://www.securityfocus.com/bid/94743 Common Vulnerability Exposure (CVE) ID: CVE-2016-9535 BugTraq ID: 94744 http://www.securityfocus.com/bid/94744 Debian Security Information: DSA-3844 (Google Search) http://www.debian.org/security/2017/dsa-3844 Common Vulnerability Exposure (CVE) ID: CVE-2016-9536 BugTraq ID: 94745 http://www.securityfocus.com/bid/94745 Common Vulnerability Exposure (CVE) ID: CVE-2016-9537 BugTraq ID: 94746 http://www.securityfocus.com/bid/94746 Common Vulnerability Exposure (CVE) ID: CVE-2016-9540 BugTraq ID: 94747 http://www.securityfocus.com/bid/94747
Copyright	Copyright (C) 2017 Greenbone AG