Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.831750 |
Kategorie: | Mandrake Local Security Checks |
Titel: | Mandriva Update for libtiff MDVSA-2012:174 (libtiff) |
Zusammenfassung: | The remote host is missing an update for the 'libtiff'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities was found and corrected in libtiff: Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format (CVE-2012-4447). ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow (CVE-2012-4564). The updated packages have been patched to correct these issues. Affected Software/OS: libtiff on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-4447 BugTraq ID: 55673 http://www.securityfocus.com/bid/55673 Debian Security Information: DSA-2561 (Google Search) http://www.debian.org/security/2012/dsa-2561 http://www.remotesensing.org/libtiff/v4.0.3.html https://bugzilla.redhat.com/show_bug.cgi?id=860198 http://www.openwall.com/lists/oss-security/2012/09/25/9 http://www.openwall.com/lists/oss-security/2012/09/25/14 RedHat Security Advisories: RHSA-2012:1590 http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/51049 SuSE Security Announcement: openSUSE-SU-2013:0187 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://www.ubuntu.com/usn/USN-1631-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-4564 BugTraq ID: 56372 http://www.securityfocus.com/bid/56372 Debian Security Information: DSA-2575 (Google Search) http://www.debian.org/security/2012/dsa-2575 http://www.openwall.com/lists/oss-security/2012/11/02/7 http://www.openwall.com/lists/oss-security/2012/11/02/3 http://www.osvdb.org/86878 http://secunia.com/advisories/51133 XForce ISS Database: libtiff-ppm2tiff-bo(79750) https://exchange.xforce.ibmcloud.com/vulnerabilities/79750 |
Copyright | Copyright (c) 2012 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |