Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2009-1159)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122467

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2009-1159)

Resumen: The remote host is missing an update for the 'libtiff' package(s) announced via the ELSA-2009-1159 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libtiff' package(s) announced via the ELSA-2009-1159 advisory.

Vulnerability Insight:
[3.8.2-7.el5.4]
- Fix buffer overrun risks caused by unchecked integer overflow (CVE-2009-2347)
Resolves: #507725

[3.8.2-7.el5.3]
- Fix some more LZW decoding vulnerabilities (CVE-2009-2285)
Resolves: #507725
- Update upstream URL

Affected Software/OS:
'libtiff' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2285
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html
Debian Security Information: DSA-1835 (Google Search)
http://www.debian.org/security/2009/dsa-1835
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00142.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00161.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00230.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00655.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00714.html
http://security.gentoo.org/glsa/glsa-200908-03.xml
http://www.lan.st/showthread.php?t=1856&page=3
http://www.openwall.com/lists/oss-security/2009/06/22/1
http://www.openwall.com/lists/oss-security/2009/06/23/1
http://www.openwall.com/lists/oss-security/2009/06/29/5
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10145
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7049
http://www.redhat.com/support/errata/RHSA-2009-1159.html
http://secunia.com/advisories/35695
http://secunia.com/advisories/35716
http://secunia.com/advisories/35866
http://secunia.com/advisories/35883
http://secunia.com/advisories/35912
http://secunia.com/advisories/36194
http://secunia.com/advisories/36831
http://secunia.com/advisories/38241
http://secunia.com/advisories/39135
http://sunsolve.sun.com/search/document.do?assetkey=1-66-267808-1
https://usn.ubuntu.com/797-1/
http://www.vupen.com/english/advisories/2009/1637
http://www.vupen.com/english/advisories/2009/2727
http://www.vupen.com/english/advisories/2009/3184
http://www.vupen.com/english/advisories/2010/0173
Common Vulnerability Exposure (CVE) ID: CVE-2009-2347
BugTraq ID: 35652
http://www.securityfocus.com/bid/35652
Bugtraq: 20090713 [oCERT-2009-012] libtiff tools integer overflows (Google Search)
http://www.securityfocus.com/archive/1/504892/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00663.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00724.html
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:150
http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
http://www.ocert.org/advisories/ocert-2009-012.html
http://osvdb.org/55821
http://osvdb.org/55822
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10988
http://www.securitytracker.com/id?1022539
http://secunia.com/advisories/35811
http://secunia.com/advisories/35817
http://secunia.com/advisories/35911
http://secunia.com/advisories/50726
http://www.ubuntu.com/usn/USN-801-1
http://www.vupen.com/english/advisories/2009/1870
http://www.vupen.com/english/advisories/2011/0621
XForce ISS Database: libtiff-rgb2ycbcr-tiff2rgba-bo(51688)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51688

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122467
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2009-1159)
Resumen:	The remote host is missing an update for the 'libtiff' package(s) announced via the ELSA-2009-1159 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the ELSA-2009-1159 advisory. Vulnerability Insight: [3.8.2-7.el5.4] - Fix buffer overrun risks caused by unchecked integer overflow (CVE-2009-2347) Resolves: #507725 [3.8.2-7.el5.3] - Fix some more LZW decoding vulnerabilities (CVE-2009-2285) Resolves: #507725 - Update upstream URL Affected Software/OS: 'libtiff' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2285 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html Debian Security Information: DSA-1835 (Google Search) http://www.debian.org/security/2009/dsa-1835 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00142.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00161.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00230.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00655.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00714.html http://security.gentoo.org/glsa/glsa-200908-03.xml http://www.lan.st/showthread.php?t=1856&page=3 http://www.openwall.com/lists/oss-security/2009/06/22/1 http://www.openwall.com/lists/oss-security/2009/06/23/1 http://www.openwall.com/lists/oss-security/2009/06/29/5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10145 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7049 http://www.redhat.com/support/errata/RHSA-2009-1159.html http://secunia.com/advisories/35695 http://secunia.com/advisories/35716 http://secunia.com/advisories/35866 http://secunia.com/advisories/35883 http://secunia.com/advisories/35912 http://secunia.com/advisories/36194 http://secunia.com/advisories/36831 http://secunia.com/advisories/38241 http://secunia.com/advisories/39135 http://sunsolve.sun.com/search/document.do?assetkey=1-66-267808-1 https://usn.ubuntu.com/797-1/ http://www.vupen.com/english/advisories/2009/1637 http://www.vupen.com/english/advisories/2009/2727 http://www.vupen.com/english/advisories/2009/3184 http://www.vupen.com/english/advisories/2010/0173 Common Vulnerability Exposure (CVE) ID: CVE-2009-2347 BugTraq ID: 35652 http://www.securityfocus.com/bid/35652 Bugtraq: 20090713 [oCERT-2009-012] libtiff tools integer overflows (Google Search) http://www.securityfocus.com/archive/1/504892/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00663.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00724.html http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:150 http://www.mandriva.com/security/advisories?name=MDVSA-2011:043 http://www.ocert.org/advisories/ocert-2009-012.html http://osvdb.org/55821 http://osvdb.org/55822 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10988 http://www.securitytracker.com/id?1022539 http://secunia.com/advisories/35811 http://secunia.com/advisories/35817 http://secunia.com/advisories/35911 http://secunia.com/advisories/50726 http://www.ubuntu.com/usn/USN-801-1 http://www.vupen.com/english/advisories/2009/1870 http://www.vupen.com/english/advisories/2011/0621 XForce ISS Database: libtiff-rgb2ycbcr-tiff2rgba-bo(51688) https://exchange.xforce.ibmcloud.com/vulnerabilities/51688
Copyright	Copyright (C) 2015 Greenbone AG