 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.12.2023.5882.1 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-5882-1) |
| Summary: | The remote host is missing an update for the 'dcmtk' package(s) announced via the USN-5882-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'dcmtk' package(s) announced via the USN-5882-1 advisory. Vulnerability Insight: Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8979) Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-1010228) Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2021-41687, CVE-2021-41688, CVE-2021-41689, and CVE-2021-41690) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-2119 and CVE-2022-2120) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-2121) It was discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43272) Affected Software/OS: 'dcmtk' package(s) on Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 22.10. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-8979 BugTraq ID: 94951 http://www.securityfocus.com/bid/94951 Debian Security Information: DSA-3749 (Google Search) http://www.debian.org/security/2016/dsa-3749 http://packetstormsecurity.com/files/140191/DCMTK-storescp-DICOM-storage-C-STORE-SCP-Remote-Stack-Buffer-Overflow.html http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php http://www.openwall.com/lists/oss-security/2016/12/18/2 Common Vulnerability Exposure (CVE) ID: CVE-2019-1010228 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBKP2O24CTYIANEJTP4TVEPYEVSYV2RX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQOAULR72EYJQ4HS6YGLK2S6YNEXY2ET/ https://support.dcmtk.org/redmine/issues/858 Common Vulnerability Exposure (CVE) ID: CVE-2021-41687 https://github.com/DCMTK/dcmtk https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb Common Vulnerability Exposure (CVE) ID: CVE-2021-41688 Common Vulnerability Exposure (CVE) ID: CVE-2021-41689 https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d Common Vulnerability Exposure (CVE) ID: CVE-2021-41690 Common Vulnerability Exposure (CVE) ID: CVE-2022-2119 https://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01 Common Vulnerability Exposure (CVE) ID: CVE-2022-2120 Common Vulnerability Exposure (CVE) ID: CVE-2022-2121 Common Vulnerability Exposure (CVE) ID: CVE-2022-43272 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/ https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7 https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw |
| Copyright | Copyright (C) 2023 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |