Test ID:	1.3.6.1.4.1.25623.1.0.842827
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3030-1)
Summary:	The remote host is missing an update for the 'libgd2' package(s) announced via the USN-3030-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libgd2' package(s) announced via the USN-3030-1 advisory. Vulnerability Insight: It was discovered that the GD library incorrectly handled memory when using gdImageScaleTwoPass(). A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7456) It was discovered that the GD library incorrectly handled certain malformed XBM images. If a user or automated system were tricked into processing a specially crafted XBM image, an attacker could cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-5116) It was discovered that the GD library incorrectly handled memory when using _gd2GetHeader(). A remote attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2016-5766) It was discovered that the GD library incorrectly handled certain color indexes. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-6128) It was discovered that the GD library incorrectly handled memory when encoding a GIF image. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6161) Affected Software/OS: 'libgd2' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 15.10, Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7456 BugTraq ID: 90859 http://www.securityfocus.com/bid/90859 Debian Security Information: DSA-3587 (Google Search) http://www.debian.org/security/2016/dsa-3587 Debian Security Information: DSA-3602 (Google Search) http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/26/3 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.ubuntu.com/usn/USN-3030-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5116 Debian Security Information: DSA-3619 (Google Search) http://www.debian.org/security/2016/dsa-3619 http://www.openwall.com/lists/oss-security/2016/05/29/5 SuSE Security Announcement: openSUSE-SU-2016:2363 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5766 https://security.gentoo.org/glsa/201612-09 http://www.openwall.com/lists/oss-security/2016/06/23/4 RedHat Security Advisories: RHSA-2016:2598 http://rhn.redhat.com/errata/RHSA-2016-2598.html SuSE Security Announcement: SUSE-SU-2016:2013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html SuSE Security Announcement: openSUSE-SU-2016:1761 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:1922 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6128 BugTraq ID: 91509 http://www.securityfocus.com/bid/91509 http://www.openwall.com/lists/oss-security/2016/06/30/1 http://www.securitytracker.com/id/1036276 SuSE Security Announcement: openSUSE-SU-2016:2117 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6161 http://www.openwall.com/lists/oss-security/2016/07/05/6 http://www.openwall.com/lists/oss-security/2016/07/05/7
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.