Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57215
Category:Trustix Local Security Checks
Title:Trustix Security Advisory TSLSA-2006-0044 (Multiple packages)
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory TSLSA-2006-0044.

apache < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- SECURITY Fix: A vulnerability has been reported in Apache HTTP Server,
which potentially can be exploited by malicious people to compromise
a vulnerable system. The vulnerability is caused by a off-by-one error
in mod_rewrite within the ldap scheme handling and can be exploited
to cause a one-byte buffer overflow.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-3747 to this issue.


gnupg < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- SECURITY Fix: Evgeny Legerov has reported a vulnerability in GnuPG,
caused due to an input validation error in parse_packet.c when
handling certain message packets. This can be exploited to cause
GnuPG to consume large amounts of memory or crash via an overly
long comment length in a message packet. This can further be
exploited to cause an integer overflow, which leads to possible
memory corruption and crashes GnuPG.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-3746 to this issue.

libtiff < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- SECURITY Fix: Tavis Ormandy, Google Security Team has reported some
vulnerabilities in libTIFF, which can be exploited by malicious people
to cause a DoS or potentially compromise a vulnerable system. The
vulnerabilities are caused due to various heap and integer overflows
when processing TIFF images and can be exploited via a specially
crafted TIFF image.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-3459, CVE-2006-3460, CVE-2006-3461,
CVE-2006-3462, CVE-2006-3463, CVE-2006-3464 and CVE-2006-3465
these issues.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0044

Risk factor : High

CVSS Score:
7.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-3747
AIX APAR: PK27875
http://www-1.ibm.com/support/docview.wss?uid=swg24013080
AIX APAR: PK29154
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154
AIX APAR: PK29156
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
BugTraq ID: 19204
http://www.securityfocus.com/bid/19204
Bugtraq: 20060728 Apache mod_rewrite Buffer Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/441487/100/0/threaded
Bugtraq: 20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released (Google Search)
http://www.securityfocus.com/archive/1/441485/100/0/threaded
Bugtraq: 20060728 rPSA-2006-0139-1 httpd mod_ssl (Google Search)
http://www.securityfocus.com/archive/1/441526/100/200/threaded
Bugtraq: 20060820 POC & exploit for Apache mod_rewrite off-by-one (Google Search)
http://www.securityfocus.com/archive/1/443870/100/0/threaded
Cert/CC Advisory: TA08-150A
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
CERT/CC vulnerability note: VU#395412
http://www.kb.cert.org/vuls/id/395412
Debian Security Information: DSA-1131 (Google Search)
http://www.debian.org/security/2006/dsa-1131
Debian Security Information: DSA-1132 (Google Search)
http://www.debian.org/security/2006/dsa-1132
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html
http://security.gentoo.org/glsa/glsa-200608-01.xml
HPdes Security Advisory: HPSBMA02250
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
HPdes Security Advisory: HPSBMA02328
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: HPSBUX02145
http://www.securityfocus.com/archive/1/445206/100/0/threaded
HPdes Security Advisory: HPSBUX02164
http://www.securityfocus.com/archive/1/450321/100/0/threaded
HPdes Security Advisory: SSRT061202
HPdes Security Advisory: SSRT061265
HPdes Security Advisory: SSRT061275
HPdes Security Advisory: SSRT071293
HPdes Security Advisory: SSRT090208
http://www.mandriva.com/security/advisories?name=MDKSA-2006:133
http://kbase.redhat.com/faq/FAQ_68_8653.shtm
http://svn.apache.org/viewvc?view=rev&revision=426144
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html
http://www.osvdb.org/27588
http://securitytracker.com/id?1016601
http://secunia.com/advisories/21197
http://secunia.com/advisories/21241
http://secunia.com/advisories/21245
http://secunia.com/advisories/21247
http://secunia.com/advisories/21266
http://secunia.com/advisories/21273
http://secunia.com/advisories/21284
http://secunia.com/advisories/21307
http://secunia.com/advisories/21313
http://secunia.com/advisories/21315
http://secunia.com/advisories/21346
http://secunia.com/advisories/21478
http://secunia.com/advisories/21509
http://secunia.com/advisories/22262
http://secunia.com/advisories/22368
http://secunia.com/advisories/22388
http://secunia.com/advisories/22523
http://secunia.com/advisories/23028
http://secunia.com/advisories/23260
http://secunia.com/advisories/26329
http://secunia.com/advisories/29420
http://secunia.com/advisories/29849
http://secunia.com/advisories/30430
http://securityreason.com/securityalert/1312
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1
SuSE Security Announcement: SUSE-SA:2006:043 (Google Search)
http://www.novell.com/linux/security/advisories/2006_43_apache.html
http://lwn.net/Alerts/194228/
http://www.ubuntu.com/usn/usn-328-1
http://www.vupen.com/english/advisories/2006/3017
http://www.vupen.com/english/advisories/2006/3264
http://www.vupen.com/english/advisories/2006/3282
http://www.vupen.com/english/advisories/2006/3884
http://www.vupen.com/english/advisories/2006/3995
http://www.vupen.com/english/advisories/2006/4015
http://www.vupen.com/english/advisories/2006/4207
http://www.vupen.com/english/advisories/2006/4300
http://www.vupen.com/english/advisories/2006/4868
http://www.vupen.com/english/advisories/2007/2783
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2008/1246/references
http://www.vupen.com/english/advisories/2008/1697
XForce ISS Database: apache-modrewrite-offbyone-bo(28063)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28063
Common Vulnerability Exposure (CVE) ID: CVE-2006-3746
BugTraq ID: 19110
http://www.securityfocus.com/bid/19110
Bugtraq: 20060802 rPSA-2006-0143-1 gnupg (Google Search)
http://www.securityfocus.com/archive/1/442012/100/0/threaded
Bugtraq: 20060808 ERRATA: [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability (Google Search)
http://www.securityfocus.com/archive/1/442621/100/100/threaded
Debian Security Information: DSA-1140 (Google Search)
http://www.debian.org/security/2006/dsa-1140
Debian Security Information: DSA-1141 (Google Search)
http://www.debian.org/security/2006/dsa-1141
http://security.gentoo.org/glsa/glsa-200608-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:141
http://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204;msg=15;att=1
http://issues.rpath.com/browse/RPL-560
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502
http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.html
http://www.gossamer-threads.com/lists/gnupg/devel/37623
http://www.osvdb.org/27664
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11347
http://www.redhat.com/support/errata/RHSA-2006-0615.html
http://securitytracker.com/id?1016622
http://secunia.com/advisories/21297
http://secunia.com/advisories/21300
http://secunia.com/advisories/21306
http://secunia.com/advisories/21326
http://secunia.com/advisories/21329
http://secunia.com/advisories/21333
http://secunia.com/advisories/21351
http://secunia.com/advisories/21378
http://secunia.com/advisories/21467
http://secunia.com/advisories/21522
http://secunia.com/advisories/21524
http://secunia.com/advisories/21598
SGI Security Advisory: 20060801-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
SuSE Security Announcement: SUSE-SR:2006:020 (Google Search)
http://www.novell.com/linux/security/advisories/2006_20_sr.html
http://www.ubuntu.com/usn/usn-332-1
http://www.vupen.com/english/advisories/2006/3123
XForce ISS Database: gnupg-parsecomment-bo(28220)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28220
Common Vulnerability Exposure (CVE) ID: CVE-2006-3459
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
BugTraq ID: 19283
http://www.securityfocus.com/bid/19283
BugTraq ID: 19289
http://www.securityfocus.com/bid/19289
Cert/CC Advisory: TA06-214A
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
Debian Security Information: DSA-1137 (Google Search)
http://www.debian.org/security/2006/dsa-1137
http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
http://secunia.com/blog/76
http://www.osvdb.org/27723
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
http://www.redhat.com/support/errata/RHSA-2006-0603.html
http://www.redhat.com/support/errata/RHSA-2006-0648.html
http://securitytracker.com/id?1016628
http://securitytracker.com/id?1016671
http://secunia.com/advisories/21253
http://secunia.com/advisories/21274
http://secunia.com/advisories/21290
http://secunia.com/advisories/21304
http://secunia.com/advisories/21319
http://secunia.com/advisories/21334
http://secunia.com/advisories/21338
http://secunia.com/advisories/21370
http://secunia.com/advisories/21392
http://secunia.com/advisories/21501
http://secunia.com/advisories/21537
http://secunia.com/advisories/21632
http://secunia.com/advisories/22036
http://secunia.com/advisories/27181
http://secunia.com/advisories/27222
http://secunia.com/advisories/27832
SGI Security Advisory: 20060901-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
SuSE Security Announcement: SUSE-SA:2006:044 (Google Search)
http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
http://www.ubuntu.com/usn/usn-330-1
http://www.vupen.com/english/advisories/2006/3101
http://www.vupen.com/english/advisories/2006/3105
http://www.vupen.com/english/advisories/2007/3486
http://www.vupen.com/english/advisories/2007/4034
Common Vulnerability Exposure (CVE) ID: CVE-2006-3460
BugTraq ID: 19288
http://www.securityfocus.com/bid/19288
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11265
Common Vulnerability Exposure (CVE) ID: CVE-2006-3461
BugTraq ID: 19290
http://www.securityfocus.com/bid/19290
http://www.osvdb.org/27725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9910
Common Vulnerability Exposure (CVE) ID: CVE-2006-3462
BugTraq ID: 19282
http://www.securityfocus.com/bid/19282
http://docs.info.apple.com/article.html?artnum=304063
http://www.osvdb.org/27726
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11301
Common Vulnerability Exposure (CVE) ID: CVE-2006-3463
BugTraq ID: 19284
http://www.securityfocus.com/bid/19284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10639
Common Vulnerability Exposure (CVE) ID: CVE-2006-3464
BugTraq ID: 19286
http://www.securityfocus.com/bid/19286
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10916
Common Vulnerability Exposure (CVE) ID: CVE-2006-3465
BugTraq ID: 19287
http://www.securityfocus.com/bid/19287
http://www.osvdb.org/27729
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9067
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.