Test ID:	1.3.6.1.4.1.25623.1.0.64405
Category:	Fedora Local Security Checks
Title:	Fedora Core 10 FEDORA-2009-7717 (mingw32-libtiff)
Summary:	The remote host is missing an update to mingw32-libtiff;announced via advisory FEDORA-2009-7717.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to mingw32-libtiff announced via advisory FEDORA-2009-7717. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF format image files. Update Information: - update upstream URL - Fix some more LZW decoding vulnerabilities (CVE-2009-2285) Bugzilla: #511015 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update mingw32-libtiff' at the command line. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2285 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html Debian Security Information: DSA-1835 (Google Search) http://www.debian.org/security/2009/dsa-1835 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00142.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00161.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00230.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00655.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00714.html http://security.gentoo.org/glsa/glsa-200908-03.xml http://www.lan.st/showthread.php?t=1856&page=3 http://www.openwall.com/lists/oss-security/2009/06/22/1 http://www.openwall.com/lists/oss-security/2009/06/23/1 http://www.openwall.com/lists/oss-security/2009/06/29/5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10145 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7049 http://www.redhat.com/support/errata/RHSA-2009-1159.html http://secunia.com/advisories/35695 http://secunia.com/advisories/35716 http://secunia.com/advisories/35866 http://secunia.com/advisories/35883 http://secunia.com/advisories/35912 http://secunia.com/advisories/36194 http://secunia.com/advisories/36831 http://secunia.com/advisories/38241 http://secunia.com/advisories/39135 http://sunsolve.sun.com/search/document.do?assetkey=1-66-267808-1 https://usn.ubuntu.com/797-1/ http://www.vupen.com/english/advisories/2009/1637 http://www.vupen.com/english/advisories/2009/2727 http://www.vupen.com/english/advisories/2009/3184 http://www.vupen.com/english/advisories/2010/0173
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.