Test ID:	1.3.6.1.4.1.25623.1.0.63884
Category:	Fedora Local Security Checks
Title:	Fedora Core 10 FEDORA-2009-2657 (glib2)
Summary:	The remote host is missing an update to glib2;announced via advisory FEDORA-2009-2657.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to glib2 announced via advisory FEDORA-2009-2657. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: Update Information: This update fixes possible integer overflows in the base64 handling code. This has been reported in CVE-2008-4316. ChangeLog: * Thu Mar 12 2009 Matthias Clasen - 2.18.4-2 - Fix integer overflows in the base64 handling functions. CVE-2008-4316 * Fri Jan 9 2009 Matthias Clasen - 2.18.4-1 - Update to 2.18.4 * Mon Nov 24 2008 Matthias Clasen - 2.18.3-2 - Update to 2.18.3 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update glib2' at the command line. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4316 1021884 http://www.securitytracker.com/id?1021884 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.securityfocus.com/archive/1/501712/100/0/threaded 20090312 rPSA-2009-0045-1 glib http://www.securityfocus.com/archive/1/501766/100/0/threaded 34100 http://www.securityfocus.com/bid/34100 34267 http://secunia.com/advisories/34267 34317 http://secunia.com/advisories/34317 34404 http://secunia.com/advisories/34404 34416 http://secunia.com/advisories/34416 34560 http://secunia.com/advisories/34560 34854 http://secunia.com/advisories/34854 34890 http://secunia.com/advisories/34890 38794 http://secunia.com/advisories/38794 38833 http://secunia.com/advisories/38833 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 DSA-1747 http://www.debian.org/security/2009/dsa-1747 FEDORA-2009-2657 http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html FEDORA-2009-2688 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html MDVSA-2009:080 http://www.mandriva.com/security/advisories?name=MDVSA-2009:080 RHSA-2009:0336 http://www.redhat.com/support/errata/RHSA-2009-0336.html SUSE-SA:2009:026 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html USN-738-1 http://www.ubuntu.com/usn/usn-738-1 [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://openwall.com/lists/oss-security/2009/03/12/2 [oss-security] 20090317 Re: [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.openwall.com/lists/oss-security/2009/03/16/2 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html glib-gbase64-bo(49272) https://exchange.xforce.ibmcloud.com/vulnerabilities/49272 http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff http://svn.gnome.org/viewvc/glib?view=revision&revision=7973 http://wiki.rpath.com/Advisories:rPSA-2009-0045 http://www.ocert.org/advisories/ocert-2008-015.html oval:org.mitre.oval:def:11401 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401 oval:org.mitre.oval:def:8360 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.