Debian Local Security Checks : Debian: Security Advisory (DLA-692-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.1.2.2016.692

Categoría: Debian Local Security Checks

Título: Debian: Security Advisory (DLA-692-1)

Resumen: The remote host is missing an update for the Debian 'tiff3' package(s) announced via the DLA-692-1 advisory.

Descripción: Summary:
The remote host is missing an update for the Debian 'tiff3' package(s) announced via the DLA-692-1 advisory.

Vulnerability Insight:
Applications using libtiff can trigger buffer overflows through TIFFGetField() when processing TIFF images with unknown tags.

For Debian 7 Wheezy, these problems have been fixed in version 3.9.6-11+deb7u2.

We recommend that you upgrade your tiff3 packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references]

Affected Software/OS:
'tiff3' package(s) on Debian 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-7554
20151226 libtiff: invalid write (CVE-2015-7554)
http://seclists.org/fulldisclosure/2015/Dec/119
http://www.securityfocus.com/archive/1/537205/100/0/threaded
79699
http://www.securityfocus.com/bid/79699
GLSA-201701-16
https://security.gentoo.org/glsa/201701-16
RHSA-2016:1546
http://rhn.redhat.com/errata/RHSA-2016-1546.html
RHSA-2016:1547
http://rhn.redhat.com/errata/RHSA-2016-1547.html
[oss-security] 20151226 libtiff: invalid write (CVE-2015-7554)
http://www.openwall.com/lists/oss-security/2015/12/26/7
http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
openSUSE-SU-2016:0212
http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html
openSUSE-SU-2016:0215
http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html
openSUSE-SU-2016:0252
http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5318
BugTraq ID: 88604
http://www.securityfocus.com/bid/88604
http://www.openwall.com/lists/oss-security/2016/04/27/6
http://www.openwall.com/lists/oss-security/2016/06/07/1
https://usn.ubuntu.com/3606-1/

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.1.2.2016.692
Categoría:	Debian Local Security Checks
Título:	Debian: Security Advisory (DLA-692-1)
Resumen:	The remote host is missing an update for the Debian 'tiff3' package(s) announced via the DLA-692-1 advisory.
Descripción:	Summary: The remote host is missing an update for the Debian 'tiff3' package(s) announced via the DLA-692-1 advisory. Vulnerability Insight: Applications using libtiff can trigger buffer overflows through TIFFGetField() when processing TIFF images with unknown tags. For Debian 7 Wheezy, these problems have been fixed in version 3.9.6-11+deb7u2. We recommend that you upgrade your tiff3 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'tiff3' package(s) on Debian 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7554 20151226 libtiff: invalid write (CVE-2015-7554) http://seclists.org/fulldisclosure/2015/Dec/119 http://www.securityfocus.com/archive/1/537205/100/0/threaded 79699 http://www.securityfocus.com/bid/79699 GLSA-201701-16 https://security.gentoo.org/glsa/201701-16 RHSA-2016:1546 http://rhn.redhat.com/errata/RHSA-2016-1546.html RHSA-2016:1547 http://rhn.redhat.com/errata/RHSA-2016-1547.html [oss-security] 20151226 libtiff: invalid write (CVE-2015-7554) http://www.openwall.com/lists/oss-security/2015/12/26/7 http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html openSUSE-SU-2016:0212 http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html openSUSE-SU-2016:0215 http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html openSUSE-SU-2016:0252 http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5318 BugTraq ID: 88604 http://www.securityfocus.com/bid/88604 http://www.openwall.com/lists/oss-security/2016/04/27/6 http://www.openwall.com/lists/oss-security/2016/06/07/1 https://usn.ubuntu.com/3606-1/
Copyright	Copyright (C) 2023 Greenbone AG