Test ID:	1.3.6.1.4.1.25623.1.0.64318
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-789-1 (gst-plugins-good0.10)
Summary:	Ubuntu USN-789-1 (gst-plugins-good0.10)
Description:	The remote host is missing an update to gst-plugins-good0.10 announced via advisory USN-789-1. Details follow: Tielei Wang discovered that GStreamer Good Plugins did not correctly handle malformed PNG image files. If a user were tricked into opening a crafted PNG image file with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: gstreamer0.10-plugins-good 0.10.3-0ubuntu4.2 Ubuntu 8.04 LTS: gstreamer0.10-plugins-good 0.10.7-3ubuntu0.3 Ubuntu 8.10: gstreamer0.10-plugins-good 0.10.10.4-1ubuntu1.2 Ubuntu 9.04: gstreamer0.10-plugins-good 0.10.14-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-789-1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1932 Debian Security Information: DSA-1839 (Google Search) http://www.debian.org/security/2009/dsa-1839 http://security.gentoo.org/glsa/glsa-200907-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:130 http://www.redhat.com/support/errata/RHSA-2009-1123.html BugTraq ID: 35172 http://www.securityfocus.com/bid/35172 http://osvdb.org/54827 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10798 http://secunia.com/advisories/35205 http://secunia.com/advisories/35583 http://secunia.com/advisories/35777 http://secunia.com/advisories/35897 http://www.vupen.com/english/advisories/2009/1506 Common Vulnerability Exposure (CVE) ID: CVE-2008-5515 Bugtraq: 20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/504170/100/0/threaded Bugtraq: 20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/504202/100/0/threaded Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html Debian Security Information: DSA-2207 (Google Search) http://www.debian.org/security/2011/dsa-2207 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html HPdes Security Advisory: HPSBUX02579 http://marc.info/?l=bugtraq&m=129070310906557&w=2 HPdes Security Advisory: SSRT100203 http://www.mandriva.com/security/advisories?name=MDVSA-2009:136 http://www.mandriva.com/security/advisories?name=MDVSA-2009:138 http://www.mandriva.com/security/advisories?name=MDVSA-2010:176 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html SuSE Security Announcement: SUSE-SR:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html http://jvn.jp/en/jp/JVN63832775/index.html BugTraq ID: 35263 http://www.securityfocus.com/bid/35263 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10422 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6445 http://secunia.com/advisories/35393 http://secunia.com/advisories/35685 http://secunia.com/advisories/35788 http://secunia.com/advisories/37460 http://secunia.com/advisories/39317 http://secunia.com/advisories/42368 http://secunia.com/advisories/44183 http://www.vupen.com/english/advisories/2009/1520 http://www.vupen.com/english/advisories/2009/1535 http://www.vupen.com/english/advisories/2009/1856 http://www.vupen.com/english/advisories/2009/3316 http://www.vupen.com/english/advisories/2010/3056 Common Vulnerability Exposure (CVE) ID: CVE-2009-0033 Bugtraq: 20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector (Google Search) http://www.securityfocus.com/archive/1/archive/1/504044/100/0/threaded http://jvn.jp/en/jp/JVN87272440/index.html BugTraq ID: 35193 http://www.securityfocus.com/bid/35193 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10231 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5739 http://securitytracker.com/id?1022331 http://secunia.com/advisories/35326 http://secunia.com/advisories/35344 http://www.vupen.com/english/advisories/2009/1496 XForce ISS Database: tomcat-ajp-dos(50928) http://xforce.iss.net/xforce/xfdb/50928 Common Vulnerability Exposure (CVE) ID: CVE-2009-0580 Bugtraq: 20090603 [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search) http://www.securityfocus.com/archive/1/archive/1/504045/100/0/threaded Bugtraq: 20090604 Re: [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search) http://www.securityfocus.com/archive/1/archive/1/504108/100/0/threaded Bugtraq: 20090605 [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search) http://www.securityfocus.com/archive/1/archive/1/504125/100/0/threaded BugTraq ID: 35196 http://www.securityfocus.com/bid/35196 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6628 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9101 http://securitytracker.com/id?1022332 XForce ISS Database: tomcat-jsecuritycheck-info-disclosure(50930) http://xforce.iss.net/xforce/xfdb/50930 Common Vulnerability Exposure (CVE) ID: CVE-2009-0781 Bugtraq: 20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application (Google Search) http://www.securityfocus.com/archive/1/archive/1/501538/100/0/threaded http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11041 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6564 XForce ISS Database: tomcat-cal2-xss(49213) http://xforce.iss.net/xforce/xfdb/49213 Common Vulnerability Exposure (CVE) ID: CVE-2009-0783 Bugtraq: 20090604 [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure (Google Search) http://www.securityfocus.com/archive/1/archive/1/504090/100/0/threaded BugTraq ID: 35416 http://www.securityfocus.com/bid/35416 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10716 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6450 http://www.securitytracker.com/id?1022336 XForce ISS Database: tomcat-xml-information-disclosure(51195) http://xforce.iss.net/xforce/xfdb/51195 Common Vulnerability Exposure (CVE) ID: CVE-2009-1440 http://www.openwall.com/lists/oss-security/2009/04/22/1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078 Debian Security Information: DSA-1821 (Google Search) http://www.debian.org/security/2009/dsa-1821 BugTraq ID: 34683 http://www.securityfocus.com/bid/34683 http://secunia.com/advisories/34839 XForce ISS Database: amule-downloadlistctrl-command-execution(50205) http://xforce.iss.net/xforce/xfdb/50205 Common Vulnerability Exposure (CVE) ID: CVE-2009-1201 Bugtraq: 20090624 Trustwave's SpiderLabs Security Advisory TWSL2009-002 (Google Search) http://www.securityfocus.com/archive/1/archive/1/504516/100/0/threaded https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt BugTraq ID: 35476 http://www.securityfocus.com/bid/35476 http://www.securitytracker.com/id?1022457 http://secunia.com/advisories/35511 http://www.vupen.com/english/advisories/2009/1713 Common Vulnerability Exposure (CVE) ID: CVE-2009-1202 BugTraq ID: 35480 http://www.securityfocus.com/bid/35480 Common Vulnerability Exposure (CVE) ID: CVE-2009-1203 BugTraq ID: 35475 http://www.securityfocus.com/bid/35475 Common Vulnerability Exposure (CVE) ID: CVE-2009-1760 Bugtraq: 20090608 Rasterbar libtorrent arbitrary file overwrite vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/504151/100/0/threaded http://census-labs.com/news/2009/06/08/libtorrent-rasterbar/ Debian Security Information: DSA-1815 (Google Search) http://www.debian.org/security/2009/dsa-1815 http://security.gentoo.org/glsa/glsa-200907-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:139 BugTraq ID: 35262 http://www.securityfocus.com/bid/35262 http://secunia.com/advisories/35277 http://secunia.com/advisories/35848 http://www.vupen.com/english/advisories/2009/1534 XForce ISS Database: libtorrent-path-element-dir-traversal(51008) http://xforce.iss.net/xforce/xfdb/51008 Common Vulnerability Exposure (CVE) ID: CVE-2009-1163 Cisco Security Advisory: 20090624 Cisco Physical Access Gateway Denial of Service Vulnerability http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8b.shtml BugTraq ID: 35477 http://www.securityfocus.com/bid/35477 http://www.securitytracker.com/id?1022444 Common Vulnerability Exposure (CVE) ID: CVE-2009-2045 Cisco Security Advisory: 20090624 Vulnerabilities in Cisco Video Surveillance Products http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml http://www.securitytracker.com/id?1022446 Common Vulnerability Exposure (CVE) ID: CVE-2009-2046 BugTraq ID: 35478 http://www.securityfocus.com/bid/35478 http://www.securitytracker.com/id?1022445 Common Vulnerability Exposure (CVE) ID: CVE-2009-0688 Debian Security Information: DSA-1807 (Google Search) http://www.debian.org/security/2009/dsa-1807 http://security.gentoo.org/glsa/glsa-200907-09.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:113 http://www.redhat.com/support/errata/RHSA-2009-1116.html http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834 http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://www.ubuntu.com/usn/usn-790-1 Cert/CC Advisory: TA10-103B http://www.us-cert.gov/cas/techalerts/TA10-103B.html CERT/CC vulnerability note: VU#238019 http://www.kb.cert.org/vuls/id/238019 BugTraq ID: 34961 http://www.securityfocus.com/bid/34961 http://osvdb.org/54514 http://osvdb.org/54515 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10687 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6136 http://www.securitytracker.com/id?1022231 http://secunia.com/advisories/35094 http://secunia.com/advisories/35097 http://secunia.com/advisories/35102 http://secunia.com/advisories/35206 http://secunia.com/advisories/35239 http://secunia.com/advisories/35321 http://secunia.com/advisories/35416 http://secunia.com/advisories/35497 http://secunia.com/advisories/35746 http://secunia.com/advisories/39428 http://www.vupen.com/english/advisories/2009/1313 http://www.vupen.com/english/advisories/2009/2012 XForce ISS Database: solaris-sasl-saslencode64-bo(50554) http://xforce.iss.net/xforce/xfdb/50554
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: