ID de Prueba:	1.3.6.1.4.1.25623.1.0.55663
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:802
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:802. The xloadimage utility displays images in an X Window System window, loads images into the root window, or writes images into a file. Xloadimage supports many image types (including GIF, TIFF, JPEG, XPM, and XBM). A flaw was discovered in xloadimage via which an attacker can construct a NIFF image with a very long embedded image title. This image can cause a buffer overflow. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-3178 to this issue. All users of xloadimage should upgrade to this erratum package, which contains backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-802.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3178 Risk factor : High CVSS Score: 5.1
Referencia Cruzada:	BugTraq ID: 15051 Common Vulnerability Exposure (CVE) ID: CVE-2005-3178 http://www.securityfocus.com/bid/15051 Bugtraq: 20051005 xloadimage buffer overflow. (Google Search) http://marc.info/?l=bugtraq&m=112862493918840&w=2 Debian Security Information: DSA-858 (Google Search) http://www.debian.org/security/2005/dsa-858 Debian Security Information: DSA-859 (Google Search) http://www.debian.org/security/2005/dsa-859 http://www.securityfocus.com/archive/1/433935/30/5010/threaded http://www.gentoo.org/security/en/glsa/glsa-200510-26.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:192 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10590 http://www.redhat.com/support/errata/RHSA-2005-802.html SCO Security Bulletin: SCOSA-2005.56 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.56/SCOSA-2005.56.txt SCO Security Bulletin: SCOSA-2005.62 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62/SCOSA-2005.62.txt http://securitytracker.com/id?1015072 http://secunia.com/advisories/17087/ http://secunia.com/advisories/17124 http://secunia.com/advisories/17139 http://secunia.com/advisories/17140 http://secunia.com/advisories/17143 http://secunia.com/advisories/17206 http://secunia.com/advisories/17273 http://secunia.com/advisories/17282 http://secunia.com/advisories/17369 http://secunia.com/advisories/18050 http://secunia.com/advisories/18170 http://secunia.com/advisories/18491 SuSE Security Announcement: SUSE-SR:2005:024 (Google Search) http://www.novell.com/linux/security/advisories/2005_24_sr.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.