| Description: | Description:
The remote host is missing updates announced in
advisory TSLSA-2006-0048.
imagemagick < TSL 3.0 > < TSL 2.2 >
- New Upstream.
- SECURITY Fix: Tavis Ormandy has reported some vulnerabilities in
ImageMagick, which potentially can be exploited by malicious people
to compromise a vulnerable system.
- Fix boundary errors within the DecodeBitmap() function and the
ReadSUNImage() function in sun.c which can be exploited to cause
heap-based buffer overflows when processing specially crafted
Sun Rasterfile images.
- Fix boundary errors within the XCF image decoder which can be
exploited to cause a stack-based and a heap-based overflow when
processing specially crafted XCF image files.
- Damian Put has discovered a vulnerability in ImageMagick, which can
be exploited by malicious people to cause a DoS (Denial of Service)
or potentially compromise a user's system. The vulnerability is
caused due to an integer overflow in the ReadSGIImage() function
when decoding SGI image files.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-3744, CVE-2006-3743 and CVE-2006-4144
to these issues.
kernel < TSL 3.0 >
- New upstream.
- SECURITY FIX: A vulnerability has been identified caused due to
an error in the SCTP module within the sctp_make_abort_user()
function and can be exploited to execute arbitrary code with
escalated privileges.
- A vulnerability has been identified in Linux Kernel, which is due
to an error in the Universal Disk Format (UDF) module when
truncating certain files, which could be exploited by malicious
users to panic a vulnerable system, creating a denial of service
condition.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-3745 and CVE-2006-4145 to
these issues.
php < TSL 3.0 > < TSL 2.2 >
- New Upstream
- SECURITY Fix: Added missing safe_mode/open_basedir checks inside the
error_log(), file_exists(), imap_open() and imap_reopen() functions.
- Fixed overflows inside str_repeat() and wordwrap() functions on
64bit systems.
- Fixed possible open_basedir/safe_mode bypass in cURL extension and
with realpath cache.
- Fixed overflow in GD extension on invalid GIF images.
- Fixed a buffer overflow inside sscanf() function.
- Fixed an out of bounds read inside stripos() function.
- Fixed memory_limit restriction on 64 bit system.
php4 < TSL 2.2 >
- New Upstream.
- SECURITY Fix: Fixed overflows inside str_repeat() and wordwrap()
functions on 64bit systems.
- Fixed overflow in GD extension on invalid GIF images.
- Fixed possible open_basedir/safe_mode bypass in cURL extension.
- Fixed overflows inside str_repeat() and wordwrap() functions on
64bit systems.
- Fixed a buffer overflow inside sscanf() function.
- Fixed memory_limit restriction on 64 bit system.
Solution:
Update your system with the packages as indicated in
the referenced security advisory.
http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0048
Risk factor : High
CVSS Score:
7.2
|
