ID de Prueba:	1.3.6.1.4.1.25623.1.0.880909
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for gpdf CESA-2009:1503 centos4 i386
Resumen:	The remote host is missing an update for the 'gpdf'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'gpdf' package(s) announced via the referenced advisory. Vulnerability Insight: GPdf is a viewer for Portable Document Format (PDF) files. Multiple integer overflow flaws were found in GPdf. An attacker could create a malicious PDF file that would cause GPdf to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188, CVE-2009-3604, CVE-2009-3608, CVE-2009-3609) Red Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604 issue, and Chris Rohlf for reporting the CVE-2009-3608 issue. Users are advised to upgrade to this updated package, which contains a backported patch to correct these issues. Affected Software/OS: gpdf on CentOS 4 Solution: Please install the updated packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0791 BugTraq ID: 35195 http://www.securityfocus.com/bid/35195 http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534 http://www.redhat.com/support/errata/RHSA-2009-1083.html RedHat Security Advisories: RHSA-2009:1500 https://rhn.redhat.com/errata/RHSA-2009-1500.html RedHat Security Advisories: RHSA-2009:1501 https://rhn.redhat.com/errata/RHSA-2009-1501.html RedHat Security Advisories: RHSA-2009:1502 https://rhn.redhat.com/errata/RHSA-2009-1502.html RedHat Security Advisories: RHSA-2009:1503 https://rhn.redhat.com/errata/RHSA-2009-1503.html RedHat Security Advisories: RHSA-2009:1512 https://rhn.redhat.com/errata/RHSA-2009-1512.html http://securitytracker.com/id?1022326 http://secunia.com/advisories/35340 http://secunia.com/advisories/35685 http://secunia.com/advisories/37023 http://secunia.com/advisories/37028 http://secunia.com/advisories/37037 http://secunia.com/advisories/37043 http://secunia.com/advisories/37077 http://secunia.com/advisories/37079 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.vupen.com/english/advisories/2009/1488 http://www.vupen.com/english/advisories/2009/2928 XForce ISS Database: cups-pdftops-filter-bo(50941) https://exchange.xforce.ibmcloud.com/vulnerabilities/50941 Common Vulnerability Exposure (CVE) ID: CVE-2009-1188 BugTraq ID: 34568 http://www.securityfocus.com/bid/34568 Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search) http://www.securityfocus.com/archive/1/502761/100/0/threaded CERT/CC vulnerability note: VU#196617 http://www.kb.cert.org/vuls/id/196617 Debian Security Information: DSA-2028 (Google Search) http://www.debian.org/security/2010/dsa-2028 Debian Security Information: DSA-2050 (Google Search) http://www.debian.org/security/2010/dsa-2050 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957 http://www.redhat.com/support/errata/RHSA-2009-0480.html http://secunia.com/advisories/34746 http://secunia.com/advisories/35064 http://secunia.com/advisories/35618 http://secunia.com/advisories/37053 http://secunia.com/advisories/39327 http://secunia.com/advisories/39938 http://www.vupen.com/english/advisories/2009/1076 http://www.vupen.com/english/advisories/2010/0802 http://www.vupen.com/english/advisories/2010/1040 http://www.vupen.com/english/advisories/2010/1220 XForce ISS Database: poppler-jbig2-splashbitmap-code-execution(50185) https://exchange.xforce.ibmcloud.com/vulnerabilities/50185 Common Vulnerability Exposure (CVE) ID: CVE-2009-3604 BugTraq ID: 36703 http://www.securityfocus.com/bid/36703 https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:287 http://site.pi3.com.pl/adv/xpdf.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969 http://securitytracker.com/id?1023029 http://secunia.com/advisories/37042 http://secunia.com/advisories/37114 http://secunia.com/advisories/37159 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 SuSE Security Announcement: SUSE-SR:2009:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://www.ubuntu.com/usn/USN-850-1 http://www.ubuntu.com/usn/USN-850-3 http://www.vupen.com/english/advisories/2009/2924 XForce ISS Database: xpdf-splashdrawimage-bo(53795) https://exchange.xforce.ibmcloud.com/vulnerabilities/53795 Common Vulnerability Exposure (CVE) ID: CVE-2009-3608 Debian Security Information: DSA-1941 (Google Search) http://www.debian.org/security/2009/dsa-1941 http://www.ocert.org/advisories/ocert-2009-016.html http://www.openwall.com/lists/oss-security/2009/12/01/1 http://www.openwall.com/lists/oss-security/2009/12/01/5 http://www.openwall.com/lists/oss-security/2009/12/01/6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536 RedHat Security Advisories: RHSA-2009:1504 https://rhn.redhat.com/errata/RHSA-2009-1504.html RedHat Security Advisories: RHSA-2009:1513 https://rhn.redhat.com/errata/RHSA-2009-1513.html http://secunia.com/advisories/37034 http://secunia.com/advisories/37051 http://secunia.com/advisories/37054 http://secunia.com/advisories/37061 http://www.vupen.com/english/advisories/2009/2925 http://www.vupen.com/english/advisories/2009/2926 XForce ISS Database: xpdf-objectstream-bo(53794) https://exchange.xforce.ibmcloud.com/vulnerabilities/53794 Common Vulnerability Exposure (CVE) ID: CVE-2009-3609 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134 http://www.redhat.com/support/errata/RHSA-2010-0755.html XForce ISS Database: xpdf-imagestream-dos(53800) https://exchange.xforce.ibmcloud.com/vulnerabilities/53800
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.