Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0075)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0075

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0075)

Resumen: The remote host is missing an update for the 'libpng, libpng12' package(s) announced via the MGASA-2014-0075 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libpng, libpng12' package(s) announced via the MGASA-2014-0075 advisory.

Vulnerability Insight:
The png_do_expand_palette function in libpng before 1.6.8 allows remote
attackers to cause a denial of service (NULL pointer dereference and
application crash) via a PLTE chunk of zero bytes or a NULL palette, related
to pngrtran.c and pngset.c (CVE-2013-6954).

Affected Software/OS:
'libpng, libpng12' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-6954
BugTraq ID: 64493
http://www.securityfocus.com/bid/64493
CERT/CC vulnerability note: VU#650142
http://www.kb.cert.org/vuls/id/650142
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBUX03091
http://marc.info/?l=bugtraq&m=140852886808946&w=2
HPdes Security Advisory: HPSBUX03092
http://marc.info/?l=bugtraq&m=140852974709252&w=2
HPdes Security Advisory: SSRT101667
HPdes Security Advisory: SSRT101668
http://www.mandriva.com/security/advisories?name=MDVSA-2014:035
http://www.libpng.org/pub/png/libpng.html
RedHat Security Advisories: RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0413
RedHat Security Advisories: RHSA-2014:0414
https://access.redhat.com/errata/RHSA-2014:0414
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
SuSE Security Announcement: openSUSE-SU-2014:0100 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0075
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0075)
Resumen:	The remote host is missing an update for the 'libpng, libpng12' package(s) announced via the MGASA-2014-0075 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libpng, libpng12' package(s) announced via the MGASA-2014-0075 advisory. Vulnerability Insight: The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c (CVE-2013-6954). Affected Software/OS: 'libpng, libpng12' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6954 BugTraq ID: 64493 http://www.securityfocus.com/bid/64493 CERT/CC vulnerability note: VU#650142 http://www.kb.cert.org/vuls/id/650142 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBUX03091 http://marc.info/?l=bugtraq&m=140852886808946&w=2 HPdes Security Advisory: HPSBUX03092 http://marc.info/?l=bugtraq&m=140852974709252&w=2 HPdes Security Advisory: SSRT101667 HPdes Security Advisory: SSRT101668 http://www.mandriva.com/security/advisories?name=MDVSA-2014:035 http://www.libpng.org/pub/png/libpng.html RedHat Security Advisories: RHSA-2014:0413 https://access.redhat.com/errata/RHSA-2014:0413 RedHat Security Advisories: RHSA-2014:0414 https://access.redhat.com/errata/RHSA-2014:0414 http://secunia.com/advisories/58974 http://secunia.com/advisories/59058 SuSE Security Announcement: openSUSE-SU-2014:0100 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html
Copyright	Copyright (C) 2022 Greenbone AG