Test ID:	1.3.6.1.4.1.25623.1.0.71955
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2011-210-01)
Summary:	The remote host is missing an update for the 'libpng' package(s) announced via the SSA:2011-210-01 advisory.
Description:	Summary: The remote host is missing an update for the 'libpng' package(s) announced via the SSA:2011-210-01 advisory. Vulnerability Insight: New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+ patches/packages/libpng-1.4.8-i486-1_slack13.37.txz: Upgraded. Fixed uninitialized memory read in png_format_buffer() (Bug report by Frank Busse, related to CVE-2004-0421). For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'libpng' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware 13.37, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0421 http://lists.apple.com/mhonarc/security-announce/msg00056.html BugTraq ID: 10244 http://www.securityfocus.com/bid/10244 Bugtraq: 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) (Google Search) http://marc.info/?l=bugtraq&m=108334922320309&w=2 Debian Security Information: DSA-498 (Google Search) http://www.debian.org/security/2004/dsa-498 http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2 http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:040 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971 http://www.redhat.com/support/errata/RHSA-2004-180.html http://www.redhat.com/support/errata/RHSA-2004-181.html http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://marc.info/?l=bugtraq&m=108335030208523&w=2 XForce ISS Database: libpng-png-dos(16022) https://exchange.xforce.ibmcloud.com/vulnerabilities/16022 Common Vulnerability Exposure (CVE) ID: CVE-2011-0421 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html BugTraq ID: 46354 http://www.securityfocus.com/bid/46354 Bugtraq: 20110318 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5) (Google Search) http://www.securityfocus.com/archive/1/517065/100/0/threaded Debian Security Information: DSA-2266 (Google Search) http://www.debian.org/security/2011/dsa-2266 http://www.exploit-db.com/exploits/17004 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html HPdes Security Advisory: HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 HPdes Security Advisory: SSRT100826 http://www.mandriva.com/security/advisories?name=MDVSA-2011:052 http://www.mandriva.com/security/advisories?name=MDVSA-2011:053 http://www.mandriva.com/security/advisories?name=MDVSA-2011:099 http://secunia.com/advisories/43621 http://securityreason.com/securityalert/8146 http://securityreason.com/achievement_securityalert/96 SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.vupen.com/english/advisories/2011/0744 http://www.vupen.com/english/advisories/2011/0764 http://www.vupen.com/english/advisories/2011/0890 XForce ISS Database: libzip-zipnamelocate-dos(66173) https://exchange.xforce.ibmcloud.com/vulnerabilities/66173
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.