English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59652
Category:Trustix Local Security Checks
Title:Trustix Security Advisory TSLSA-2007-0013 (Multiple packages)
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory TSLSA-2007-0013.

clamav < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- New Upstream.
- SECURITY Fix: A file descriptor leak error in the
chm_decompress_stream() [libclamav/chmunpack.c] function, which
could be exploited by attackers to crash an affected system via a
specially crafted CHM file.
- A buffer overflow error in the cab_unstore() [libclamav/cab.c]
function when processing a negative value read from a CAB file,
which could be exploited by attackers to crash an affected
application or compromise a vulnerable system via a specially
crafted CAB file.

The Common Vulnerabilities and Exposures project has assigned the
names CVE-2007-1745 and CVE-2007-1997 to these issues.

freeradius < TSL 3.0.5 > < TSL 3.0 >
- New upstream.
- SECURITY Fix: A security issue has been reported in FreeRADIUS,
caused due to a memory leak within the handling of certain
malformed diameter format values inside an EAP-TTLS tunnel. This
can be exploited to exhaust all available memory by sending a
large number of malformed authentication requests to a vulnerable
server.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2007-2028 to this issue.

freetype < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: A vulnerability has been reported in FreeType, caused
due to an integer overflow when parsing BDF fonts. This can be
exploited to cause a heap-based buffer overflow via a specially
crafted BDF font.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-1351 to this issue.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2007-0013

Risk factor : Critical

CVSS Score:
8.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-1745
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BugTraq ID: 23473
http://www.securityfocus.com/bid/23473
Debian Security Information: DSA-1281 (Google Search)
http://www.debian.org/security/2007/dsa-1281
http://security.gentoo.org/glsa/glsa-200704-21.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:098
http://osvdb.org/34913
http://secunia.com/advisories/24891
http://secunia.com/advisories/24920
http://secunia.com/advisories/24946
http://secunia.com/advisories/24996
http://secunia.com/advisories/25022
http://secunia.com/advisories/25028
http://secunia.com/advisories/25189
http://secunia.com/advisories/29420
SuSE Security Announcement: SUSE-SA:2007:026 (Google Search)
http://www.novell.com/linux/security/advisories/2007_26_clamav.html
http://www.trustix.org/errata/2007/0013/
http://www.vupen.com/english/advisories/2007/1378
http://www.vupen.com/english/advisories/2008/0924/references
XForce ISS Database: clamav-chmdecompressstream-dos(33636)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33636
Common Vulnerability Exposure (CVE) ID: CVE-2007-1997
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=513
http://www.securitytracker.com/id?1017921
XForce ISS Database: clamav-cabunstore-cabextract-bo(33637)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33637
Common Vulnerability Exposure (CVE) ID: CVE-2007-2028
1018042
http://www.securitytracker.com/id?1018042
2007-0013
23466
http://www.securityfocus.com/bid/23466
24849
http://secunia.com/advisories/24849
24907
http://secunia.com/advisories/24907
24917
http://secunia.com/advisories/24917
24996
25201
http://secunia.com/advisories/25201
25220
http://secunia.com/advisories/25220
ADV-2007-1369
http://www.vupen.com/english/advisories/2007/1369
GLSA-200704-14
http://security.gentoo.org/glsa/glsa-200704-14.xml
MDKSA-2007:085
http://www.mandriva.com/security/advisories?name=MDKSA-2007:085
RHSA-2007:0338
http://rhn.redhat.com/errata/RHSA-2007-0338.html
SUSE-SR:2007:010
http://www.novell.com/linux/security/advisories/2007_10_sr.html
http://www.freeradius.org/security.html
oval:org.mitre.oval:def:11156
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156
Common Vulnerability Exposure (CVE) ID: CVE-2007-1351
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
BugTraq ID: 23283
http://www.securityfocus.com/bid/23283
BugTraq ID: 23300
http://www.securityfocus.com/bid/23300
BugTraq ID: 23402
http://www.securityfocus.com/bid/23402
Bugtraq: 20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search)
http://www.securityfocus.com/archive/1/464686/100/0/threaded
Bugtraq: 20070405 FLEA-2007-0009-1: xorg-x11 freetype (Google Search)
http://www.securityfocus.com/archive/1/464816/100/0/threaded
Debian Security Information: DSA-1294 (Google Search)
http://www.debian.org/security/2007/dsa-1294
Debian Security Information: DSA-1454 (Google Search)
http://www.debian.org/security/2008/dsa-1454
http://security.gentoo.org/glsa/glsa-200705-02.xml
http://security.gentoo.org/glsa/glsa-200705-10.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501
http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
http://www.mandriva.com/security/advisories?name=MDKSA-2007:081
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
OpenBSD Security Advisory: [3.9] 021: SECURITY FIX: April 4, 2007
http://www.openbsd.org/errata39.html#021_xorg
OpenBSD Security Advisory: [4.0] 011: SECURITY FIX: April 4, 2007
http://www.openbsd.org/errata40.html#011_xorg
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810
RedHat Security Advisories: RHSA-2007:0125
http://rhn.redhat.com/errata/RHSA-2007-0125.html
http://www.redhat.com/support/errata/RHSA-2007-0126.html
http://www.redhat.com/support/errata/RHSA-2007-0132.html
http://www.redhat.com/support/errata/RHSA-2007-0150.html
http://www.securitytracker.com/id?1017857
http://secunia.com/advisories/24741
http://secunia.com/advisories/24745
http://secunia.com/advisories/24756
http://secunia.com/advisories/24758
http://secunia.com/advisories/24765
http://secunia.com/advisories/24768
http://secunia.com/advisories/24770
http://secunia.com/advisories/24771
http://secunia.com/advisories/24772
http://secunia.com/advisories/24776
http://secunia.com/advisories/24791
http://secunia.com/advisories/24885
http://secunia.com/advisories/24889
http://secunia.com/advisories/24921
http://secunia.com/advisories/25004
http://secunia.com/advisories/25006
http://secunia.com/advisories/25096
http://secunia.com/advisories/25195
http://secunia.com/advisories/25216
http://secunia.com/advisories/25305
http://secunia.com/advisories/25495
http://secunia.com/advisories/28333
http://secunia.com/advisories/30161
http://secunia.com/advisories/33937
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
SuSE Security Announcement: SUSE-SA:2007:027 (Google Search)
http://www.novell.com/linux/security/advisories/2007_27_x.html
SuSE Security Announcement: SUSE-SR:2007:006 (Google Search)
http://www.novell.com/linux/security/advisories/2007_6_sr.html
http://www.ubuntu.com/usn/usn-448-1
http://www.vupen.com/english/advisories/2007/1217
http://www.vupen.com/english/advisories/2007/1264
http://www.vupen.com/english/advisories/2007/1548
XForce ISS Database: xorg-bdf-font-bo(33417)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.