Test ID:	1.3.6.1.4.1.25623.1.0.63890
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory for glib2 (SUSE-SA:2009:026)
Summary:	The remote host is missing updates announced in;advisory SUSE-SA:2009:026.
Description:	Summary: The remote host is missing updates announced in advisory SUSE-SA:2009:026. Vulnerability Insight: The advisory was resent because the previous one contained the wrong Announcement ID. The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4316 1021884 http://www.securitytracker.com/id?1021884 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.securityfocus.com/archive/1/501712/100/0/threaded 20090312 rPSA-2009-0045-1 glib http://www.securityfocus.com/archive/1/501766/100/0/threaded 34100 http://www.securityfocus.com/bid/34100 34267 http://secunia.com/advisories/34267 34317 http://secunia.com/advisories/34317 34404 http://secunia.com/advisories/34404 34416 http://secunia.com/advisories/34416 34560 http://secunia.com/advisories/34560 34854 http://secunia.com/advisories/34854 34890 http://secunia.com/advisories/34890 38794 http://secunia.com/advisories/38794 38833 http://secunia.com/advisories/38833 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 DSA-1747 http://www.debian.org/security/2009/dsa-1747 FEDORA-2009-2657 http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html FEDORA-2009-2688 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html MDVSA-2009:080 http://www.mandriva.com/security/advisories?name=MDVSA-2009:080 RHSA-2009:0336 http://www.redhat.com/support/errata/RHSA-2009-0336.html SUSE-SA:2009:026 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html USN-738-1 http://www.ubuntu.com/usn/usn-738-1 [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://openwall.com/lists/oss-security/2009/03/12/2 [oss-security] 20090317 Re: [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.openwall.com/lists/oss-security/2009/03/16/2 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html glib-gbase64-bo(49272) https://exchange.xforce.ibmcloud.com/vulnerabilities/49272 http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff http://svn.gnome.org/viewvc/glib?view=revision&revision=7973 http://wiki.rpath.com/Advisories:rPSA-2009-0045 http://www.ocert.org/advisories/ocert-2008-015.html oval:org.mitre.oval:def:11401 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401 oval:org.mitre.oval:def:8360 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.