Test ID:	1.3.6.1.4.1.25623.1.0.69037
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201101-01 (gif2png)
Summary:	The remote host is missing updates announced in;advisory GLSA 201101-01.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201101-01. Vulnerability Insight: gif2png contains a stack overflow vulnerability when parsing command line arguments. Solution: All gif2png users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/gif2png-2.5.1-r1' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-5018 20091213 [gif2png] long filename Buffer Overrun http://lists.grok.org.uk/pipermail/full-disclosure/2009-December/072009.html 41801 http://www.securityfocus.com/bid/41801 42796 http://secunia.com/advisories/42796 ADV-2010-3036 http://www.vupen.com/english/advisories/2010/3036 ADV-2011-0023 http://www.vupen.com/english/advisories/2011/0023 ADV-2011-0107 http://www.vupen.com/english/advisories/2011/0107 FEDORA-2010-0358 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html GLSA-201101-01 http://security.gentoo.org/glsa/glsa-201101-01.xml MDVSA-2011:009 http://www.mandriva.com/security/advisories?name=MDVSA-2011:009 [oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem http://openwall.com/lists/oss-security/2010/11/21/1 [oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem http://openwall.com/lists/oss-security/2010/11/22/1 http://openwall.com/lists/oss-security/2010/11/22/3 [oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem http://openwall.com/lists/oss-security/2010/11/22/12 gif2png-commandline-bo(64820) https://exchange.xforce.ibmcloud.com/vulnerabilities/64820 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978 http://bugs.gentoo.org/show_bug.cgi?id=346501 http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log https://bugzilla.redhat.com/show_bug.cgi?id=547515
Copyright	Copyright (C) 2011 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.