Test Kennung:	1.3.6.1.4.1.25623.1.0.880507
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for libtiff CESA-2011:0318 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'libtiff'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the referenced advisory. Vulnerability Insight: The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2011-0192) Red Hat would like to thank Apple Product Security for reporting this issue. All libtiff users should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running applications linked against libtiff must be restarted for this update to take effect. Affected Software/OS: libtiff on CentOS 5 Solution: Please install the updated packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0192 http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html BugTraq ID: 46658 http://www.securityfocus.com/bid/46658 Debian Security Information: DSA-2210 (Google Search) http://www.debian.org/security/2011/dsa-2210 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:043 http://www.redhat.com/support/errata/RHSA-2011-0318.html http://www.securitytracker.com/id?1025153 http://secunia.com/advisories/43585 http://secunia.com/advisories/43593 http://secunia.com/advisories/43664 http://secunia.com/advisories/43934 http://secunia.com/advisories/44117 http://secunia.com/advisories/44135 http://secunia.com/advisories/50726 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.vupen.com/english/advisories/2011/0551 http://www.vupen.com/english/advisories/2011/0599 http://www.vupen.com/english/advisories/2011/0621 http://www.vupen.com/english/advisories/2011/0845 http://www.vupen.com/english/advisories/2011/0905 http://www.vupen.com/english/advisories/2011/0930 http://www.vupen.com/english/advisories/2011/0960
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.