Ubuntu Local Security Checks : Ubuntu Update for tiff USN-3864-1

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.843877

Categoría: Ubuntu Local Security Checks

Título: Ubuntu Update for tiff USN-3864-1

Resumen: The remote host is missing an update for the 'tiff'; package(s) announced via the USN-3864-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'tiff'
package(s) announced via the USN-3864-1 advisory.

Vulnerability Insight:
It was discovered that LibTIFF incorrectly handled
certain malformed images. If a user or automated system were tricked into opening a specially
crafted image, a remote attacker could crash the application, leading to a
denial of service, or possibly execute arbitrary code with user privileges.

Affected Software/OS:
tiff on Ubuntu 18.10,
Ubuntu 18.04 LTS,
Ubuntu 16.04 LTS,
Ubuntu 14.04 LTS.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-7456
Debian Security Information: DSA-4349 (Google Search)
https://www.debian.org/security/2018/dsa-4349
http://bugzilla.maptools.org/show_bug.cgi?id=2778
https://github.com/xiaoqx/pocs/tree/master/libtiff
https://lists.debian.org/debian-lts-announce/2018/04/msg00010.html
https://lists.debian.org/debian-lts-announce/2018/04/msg00011.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html
RedHat Security Advisories: RHSA-2019:2051
https://access.redhat.com/errata/RHSA-2019:2051
RedHat Security Advisories: RHSA-2019:2053
https://access.redhat.com/errata/RHSA-2019:2053
https://usn.ubuntu.com/3864-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8905
http://bugzilla.maptools.org/show_bug.cgi?id=2780
https://github.com/halfbitteam/POCs/tree/master/libtiff-4.08_tiff2ps_heap_overflow
https://lists.debian.org/debian-lts-announce/2018/05/msg00008.html
https://lists.debian.org/debian-lts-announce/2018/05/msg00009.html

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.843877
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for tiff USN-3864-1
Resumen:	The remote host is missing an update for the 'tiff'; package(s) announced via the USN-3864-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tiff' package(s) announced via the USN-3864-1 advisory. Vulnerability Insight: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Affected Software/OS: tiff on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-7456 Debian Security Information: DSA-4349 (Google Search) https://www.debian.org/security/2018/dsa-4349 http://bugzilla.maptools.org/show_bug.cgi?id=2778 https://github.com/xiaoqx/pocs/tree/master/libtiff https://lists.debian.org/debian-lts-announce/2018/04/msg00010.html https://lists.debian.org/debian-lts-announce/2018/04/msg00011.html https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html RedHat Security Advisories: RHSA-2019:2051 https://access.redhat.com/errata/RHSA-2019:2051 RedHat Security Advisories: RHSA-2019:2053 https://access.redhat.com/errata/RHSA-2019:2053 https://usn.ubuntu.com/3864-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8905 http://bugzilla.maptools.org/show_bug.cgi?id=2780 https://github.com/halfbitteam/POCs/tree/master/libtiff-4.08_tiff2ps_heap_overflow https://lists.debian.org/debian-lts-announce/2018/05/msg00008.html https://lists.debian.org/debian-lts-announce/2018/05/msg00009.html
Copyright	Copyright (C) 2019 Greenbone Networks GmbH