ID de Prueba:	1.3.6.1.4.1.25623.1.0.50612
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:132 (gd)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to gd announced via advisory MDKSA-2004:132. Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. The updated packages have been patched to prevent these issues. Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:132 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0990 http://www.securityfocus.com/archive/1/379382/2004-10-24/2004-10-30/0 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	BugTraq ID: 11523 Common Vulnerability Exposure (CVE) ID: CVE-2004-0990 http://www.securityfocus.com/bid/11523 Bugtraq: 20041026 libgd integer overflow (Google Search) http://marc.info/?l=bugtraq&m=109882489302099&w=2 Computer Incident Advisory Center Bulletin: P-071 http://www.ciac.org/ciac/bulletins/p-071.shtml Debian Security Information: DSA-589 (Google Search) http://www.debian.org/security/2004/dsa-589 Debian Security Information: DSA-591 (Google Search) http://www.debian.org/security/2004/dsa-591 Debian Security Information: DSA-601 (Google Search) http://www.debian.org/security/2004/dsa-601 Debian Security Information: DSA-602 (Google Search) http://www.debian.org/security/2004/dsa-602 http://www.mandriva.com/security/advisories?name=MDKSA-2004:132 http://www.mandriva.com/security/advisories?name=MDKSA-2006:113 http://www.mandriva.com/security/advisories?name=MDKSA-2006:114 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.osvdb.org/11190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1260 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9952 http://www.redhat.com/support/errata/RHSA-2004-638.html http://secunia.com/advisories/18717 http://secunia.com/advisories/20824 http://secunia.com/advisories/20866 http://secunia.com/advisories/21050 http://secunia.com/advisories/23783 SuSE Security Announcement: SUSE-SR:2006:003 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html http://www.trustix.org/errata/2004/0058 https://www.ubuntu.com/usn/usn-11-1/ https://www.ubuntu.com/usn/usn-25-1/ XForce ISS Database: gd-png-bo(17866) https://exchange.xforce.ibmcloud.com/vulnerabilities/17866
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.