Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.52820
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2005-4 (libtiff)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to libtiff
announced via advisory TLSA-2005-4.

The libtiff package contains a library of functions for manipulating TIFF
(Tagged Image File Format) image format files.

Multiple issues exist in libtiff:
- Multiple vulnerabilities in libtiff's RLE (run length encoding) decoders
- Vulnerability in tif_dirread.c
- Multiple integer overflows
- Integer overflow in tif_dirread.c and tif_fax3.c

These vulnerabilities may allow remote attackers to execute arbitrary
code via malformed TIFF image files.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-4

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0803
BugTraq ID: 11406
http://www.securityfocus.com/bid/11406
Bugtraq: 20041013 CESA-2004-006: libtiff (Google Search)
http://marc.info/?l=bugtraq&m=109778785107450&w=2
CERT/CC vulnerability note: VU#948752
http://www.kb.cert.org/vuls/id/948752
Conectiva Linux advisory: CLA-2004:888
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888
Debian Security Information: DSA-567 (Google Search)
http://www.debian.org/security/2004/dsa-567
http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:109
http://www.mandriva.com/security/advisories?name=MDKSA-2005:052
http://scary.beasts.org/security/CESA-2004-006.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896
http://www.redhat.com/support/errata/RHSA-2004-577.html
http://www.redhat.com/support/errata/RHSA-2005-021.html
http://www.redhat.com/support/errata/RHSA-2005-354.html
http://secunia.com/advisories/12818
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1
SuSE Security Announcement: SUSE-SA:2004:038 (Google Search)
http://www.novell.com/linux/security/advisories/2004_38_libtiff.html
XForce ISS Database: libtiff-library-decoding-bo(17703)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17703
Common Vulnerability Exposure (CVE) ID: CVE-2004-0804
CERT/CC vulnerability note: VU#555304
http://www.kb.cert.org/vuls/id/555304
http://bugzilla.remotesensing.org/show_bug.cgi?id=111
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100115
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11711
XForce ISS Database: libtiff-dos(17755)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17755
Common Vulnerability Exposure (CVE) ID: CVE-2004-0886
CERT/CC vulnerability note: VU#687568
http://www.kb.cert.org/vuls/id/687568
Computer Incident Advisory Center Bulletin: P-015
http://www.ciac.org/ciac/bulletins/p-015.shtml
http://marc.info/?l=bugtraq&m=109779465621929&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907
http://securitytracker.com/id?1011674
http://www.trustix.org/errata/2004/0054/
XForce ISS Database: libtiff-bo(17715)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17715
Common Vulnerability Exposure (CVE) ID: CVE-2004-1183
BugTraq ID: 12173
http://www.securityfocus.com/bid/12173
Bugtraq: 20050106 [USN-54-1] TIFF library tool vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=110503635113419&w=2
Conectiva Linux advisory: CLA-2005:920
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920
Debian Security Information: DSA-626 (Google Search)
http://www.debian.org/security/2004/dsa-626
http://security.gentoo.org/glsa/glsa-200501-06.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:001
http://www.mandriva.com/security/advisories?name=MDKSA-2005:002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9743
http://www.redhat.com/support/errata/RHSA-2005-019.html
http://www.redhat.com/support/errata/RHSA-2005-035.html
http://secunia.com/advisories/13728/
http://secunia.com/advisories/13776
SuSE Security Announcement: SUSE-SA:2005:001 (Google Search)
http://www.novell.com/linux/security/advisories/2005_01_libtiff_tiff.html
XForce ISS Database: libtiff-tiffdump-bo(18782)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18782
Common Vulnerability Exposure (CVE) ID: CVE-2004-1308
http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
Cert/CC Advisory: TA05-136A
http://www.us-cert.gov/cas/techalerts/TA05-136A.html
CERT/CC vulnerability note: VU#125598
http://www.kb.cert.org/vuls/id/125598
Debian Security Information: DSA-617 (Google Search)
http://www.debian.org/security/2004/dsa-617
http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9392
XForce ISS Database: libtiff-tiff-tdircount-bo(18637)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18637
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.