Test ID:	1.3.6.1.4.1.25623.1.0.63725
Category:	Fedora Local Security Checks
Title:	Fedora Core 9 FEDORA-2009-2688 (glib2)
Summary:	The remote host is missing an update to glib2;announced via advisory FEDORA-2009-2688.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to glib2 announced via advisory FEDORA-2009-2688. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides version 2 of GLib. Update Information: This update fixes possible integer overflows in the base64 handling functions. This has been reported in CVE-2008-4316. ChangeLog: * Thu Mar 12 2009 Matthias Clasen - 2.16.6-3 - Fix integer overflows in the base64 handling functions. CVE-2008-4316 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update glib2' at the command line. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4316 1021884 http://www.securitytracker.com/id?1021884 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.securityfocus.com/archive/1/501712/100/0/threaded 20090312 rPSA-2009-0045-1 glib http://www.securityfocus.com/archive/1/501766/100/0/threaded 34100 http://www.securityfocus.com/bid/34100 34267 http://secunia.com/advisories/34267 34317 http://secunia.com/advisories/34317 34404 http://secunia.com/advisories/34404 34416 http://secunia.com/advisories/34416 34560 http://secunia.com/advisories/34560 34854 http://secunia.com/advisories/34854 34890 http://secunia.com/advisories/34890 38794 http://secunia.com/advisories/38794 38833 http://secunia.com/advisories/38833 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 DSA-1747 http://www.debian.org/security/2009/dsa-1747 FEDORA-2009-2657 http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html FEDORA-2009-2688 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html MDVSA-2009:080 http://www.mandriva.com/security/advisories?name=MDVSA-2009:080 RHSA-2009:0336 http://www.redhat.com/support/errata/RHSA-2009-0336.html SUSE-SA:2009:026 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html USN-738-1 http://www.ubuntu.com/usn/usn-738-1 [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://openwall.com/lists/oss-security/2009/03/12/2 [oss-security] 20090317 Re: [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.openwall.com/lists/oss-security/2009/03/16/2 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html glib-gbase64-bo(49272) https://exchange.xforce.ibmcloud.com/vulnerabilities/49272 http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff http://svn.gnome.org/viewvc/glib?view=revision&revision=7973 http://wiki.rpath.com/Advisories:rPSA-2009-0045 http://www.ocert.org/advisories/ocert-2008-015.html oval:org.mitre.oval:def:11401 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401 oval:org.mitre.oval:def:8360 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.