English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61869
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-665-1 (netpbm-free)
Summary:Ubuntu USN-665-1 (netpbm-free)
Description:
The remote host is missing an update to netpbm-free
announced via advisory USN-665-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Details follow:

It was discovered that Netpbm could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted
GIF image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
netpbm 2:10.0-10ubuntu1.1

Ubuntu 7.10:
netpbm 2:10.0-11ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-665-1

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-0554
https://issues.rpath.com/browse/RPL-2216
Debian Security Information: DSA-1579 (Google Search)
http://www.debian.org/security/2008/dsa-1579
http://www.mandriva.com/security/advisories?name=MDVSA-2008:039
http://www.redhat.com/support/errata/RHSA-2008-0131.html
http://ubuntu.com/usn/usn-665-1
BugTraq ID: 27682
http://www.securityfocus.com/bid/27682
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10975
http://secunia.com/advisories/32607
http://www.vupen.com/english/advisories/2008/0460
http://www.securitytracker.com/id?1019358
http://secunia.com/advisories/29079
http://secunia.com/advisories/30280
Common Vulnerability Exposure (CVE) ID: CVE-2008-3443
http://www.milw0rm.com/exploits/6239
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
Debian Security Information: DSA-1695 (Google Search)
http://www.debian.org/security/2009/dsa-1695
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
http://www.redhat.com/support/errata/RHSA-2008-0895.html
http://www.redhat.com/support/errata/RHSA-2008-0897.html
http://www.ubuntulinux.org/support/documentation/usn/usn-691-1
http://www.ubuntulinux.org/support/documentation/usn/usn-651-1
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
BugTraq ID: 30682
http://www.securityfocus.com/bid/30682
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9570
http://www.securitytracker.com/id?1021075
http://secunia.com/advisories/33185
http://secunia.com/advisories/31430
http://secunia.com/advisories/33398
http://secunia.com/advisories/32165
http://secunia.com/advisories/32219
http://secunia.com/advisories/32371
http://secunia.com/advisories/32372
http://secunia.com/advisories/35074
http://securityreason.com/securityalert/4158
http://www.vupen.com/english/advisories/2009/1297
XForce ISS Database: ruby-regex-dos(44688)
http://xforce.iss.net/xforce/xfdb/44688
Common Vulnerability Exposure (CVE) ID: CVE-2008-3655
Bugtraq: 20080831 rPSA-2008-0264-1 ruby (Google Search)
http://www.securityfocus.com/archive/1/archive/1/495884/100/0/threaded
Debian Security Information: DSA-1651 (Google Search)
http://www.debian.org/security/2008/dsa-1651
Debian Security Information: DSA-1652 (Google Search)
http://www.debian.org/security/2008/dsa-1652
http://security.gentoo.org/glsa/glsa-200812-17.xml
BugTraq ID: 30644
http://www.securityfocus.com/bid/30644
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11602
http://www.vupen.com/english/advisories/2008/2334
http://www.securitytracker.com/id?1020656
http://secunia.com/advisories/31697
http://secunia.com/advisories/32255
http://secunia.com/advisories/32256
http://secunia.com/advisories/33178
XForce ISS Database: ruby-safelevel-security-bypass(44369)
http://xforce.iss.net/xforce/xfdb/44369
Common Vulnerability Exposure (CVE) ID: CVE-2008-3656
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9682
http://www.securitytracker.com/id?1020654
XForce ISS Database: ruby-webrick-dos(44371)
http://xforce.iss.net/xforce/xfdb/44371
Common Vulnerability Exposure (CVE) ID: CVE-2008-3657
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9793
http://www.securitytracker.com/id?1020652
XForce ISS Database: ruby-dl-security-bypass(44372)
http://xforce.iss.net/xforce/xfdb/44372
Common Vulnerability Exposure (CVE) ID: CVE-2008-3790
http://www.openwall.com/lists/oss-security/2008/08/25/4
http://www.openwall.com/lists/oss-security/2008/08/26/1
http://www.openwall.com/lists/oss-security/2008/08/26/4
http://groups.google.com/group/comp.lang.ruby/browse_thread/thread/19f69e8a081fc0d1/e138e014b74352ca
BugTraq ID: 30802
http://www.securityfocus.com/bid/30802
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10393
http://www.vupen.com/english/advisories/2008/2483
http://www.vupen.com/english/advisories/2008/2428
http://www.securitytracker.com/id?1020735
http://secunia.com/advisories/31602
XForce ISS Database: ruby-rexml-dos(44628)
http://xforce.iss.net/xforce/xfdb/44628
Common Vulnerability Exposure (CVE) ID: CVE-2008-3905
http://www.openwall.com/lists/oss-security/2008/09/03/3
http://www.openwall.com/lists/oss-security/2008/09/04/9
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754
BugTraq ID: 31699
http://www.securityfocus.com/bid/31699
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10034
http://secunia.com/advisories/32948
XForce ISS Database: ruby-resolv-dns-spoofing(45935)
http://xforce.iss.net/xforce/xfdb/45935
Common Vulnerability Exposure (CVE) ID: CVE-2008-4395
http://www.mail-archive.com/frugalware-git@frugalware.org/msg22366.html
SuSE Security Announcement: SUSE-SA:2008:057 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html
http://www.ubuntu.com/usn/usn-662-1
http://www.ubuntu.com/usn/usn-662-2
BugTraq ID: 32118
http://www.securityfocus.com/bid/32118
http://www.securitytracker.com/id?1021142
http://secunia.com/advisories/32509
XForce ISS Database: linux-kernel-ndiswrapper-bo(46437)
http://xforce.iss.net/xforce/xfdb/46437
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2013 E-Soft Inc. All rights reserved.