Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.52892
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2004-19 (libpng)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to libpng
announced via advisory TLSA-2004-19.

The libpng package contains a library of functions for creating and manipulating
PNG (Portable Network Graphics) image format files.

Multiple buffer overflows and a potential NULL pointer dereference in libpng
allow remote attackers to execute arbitrary code via malformed PNG images.

This may allow remote attackers to execute arbitrary code via malformed PNG images.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2004-19

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0421
http://lists.apple.com/mhonarc/security-announce/msg00056.html
BugTraq ID: 10244
http://www.securityfocus.com/bid/10244
Bugtraq: 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) (Google Search)
http://marc.info/?l=bugtraq&m=108334922320309&w=2
Debian Security Information: DSA-498 (Google Search)
http://www.debian.org/security/2004/dsa-498
http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2
http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:040
http://www.mandriva.com/security/advisories?name=MDKSA-2006:212
http://www.mandriva.com/security/advisories?name=MDKSA-2006:213
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971
http://www.redhat.com/support/errata/RHSA-2004-180.html
http://www.redhat.com/support/errata/RHSA-2004-181.html
http://secunia.com/advisories/22957
http://secunia.com/advisories/22958
http://marc.info/?l=bugtraq&m=108335030208523&w=2
XForce ISS Database: libpng-png-dos(16022)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16022
Common Vulnerability Exposure (CVE) ID: CVE-2004-0597
BugTraq ID: 10857
http://www.securityfocus.com/bid/10857
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
Bugtraq: 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) (Google Search)
http://marc.info/?l=bugtraq&m=109163866717909&w=2
Bugtraq: 20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit (Google Search)
http://marc.info/?l=bugtraq&m=110796779903455&w=2
Cert/CC Advisory: TA04-217A
http://www.us-cert.gov/cas/techalerts/TA04-217A.html
Cert/CC Advisory: TA05-039A
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
CERT/CC vulnerability note: VU#388984
http://www.kb.cert.org/vuls/id/388984
CERT/CC vulnerability note: VU#817368
http://www.kb.cert.org/vuls/id/817368
Conectiva Linux advisory: CLA-2004:856
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856
Debian Security Information: DSA-536 (Google Search)
http://www.debian.org/security/2004/dsa-536
https://bugzilla.fedora.us/show_bug.cgi?id=1943
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml
http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml
HPdes Security Advisory: SSRT4778
http://marc.info/?l=bugtraq&m=109181639602978&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:079
http://scary.beasts.org/security/CESA-2004-001.txt
http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10
Microsoft Security Bulletin: MS05-009
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709
http://www.redhat.com/support/errata/RHSA-2004-402.html
http://www.redhat.com/support/errata/RHSA-2004-421.html
http://www.redhat.com/support/errata/RHSA-2004-429.html
SCO Security Bulletin: SCOSA-2004.16
http://marc.info/?l=bugtraq&m=109761239318458&w=2
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1
SuSE Security Announcement: SUSE-SA:2004:023 (Google Search)
http://www.novell.com/linux/security/advisories/2004_23_libpng.html
http://www.trustix.net/errata/2004/0040/
XForce ISS Database: libpng-pnghandle-bo(16894)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16894
Common Vulnerability Exposure (CVE) ID: CVE-2004-0598
CERT/CC vulnerability note: VU#236656
http://www.kb.cert.org/vuls/id/236656
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10203
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2572
XForce ISS Database: libpng-pnghandleiccp-dos(16895)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16895
Common Vulnerability Exposure (CVE) ID: CVE-2004-0599
CERT/CC vulnerability note: VU#160448
http://www.kb.cert.org/vuls/id/160448
CERT/CC vulnerability note: VU#286464
http://www.kb.cert.org/vuls/id/286464
CERT/CC vulnerability note: VU#477512
http://www.kb.cert.org/vuls/id/477512
Debian Security Information: DSA-570 (Google Search)
http://www.debian.org/security/2004/dsa-570
Debian Security Information: DSA-571 (Google Search)
http://www.debian.org/security/2004/dsa-571
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10938
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1479
XForce ISS Database: lilbpng-integer-bo(16896)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16896
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.