Test Kennung:	1.3.6.1.4.1.25623.1.0.880696
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for giflib CESA-2009:0444 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'giflib'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'giflib' package(s) announced via the referenced advisory. Vulnerability Insight: The giflib packages contain a shared library of functions for loading and saving GIF image files. This library is API and ABI compatible with libungif, the library that supported uncompressed GIF image files while the Unisys LZW patent was in effect. Several flaws were discovered in the way giflib decodes GIF images. An attacker could create a carefully crafted GIF image that could cause an application using giflib to crash or, possibly, execute arbitrary code when opened by a victim. (CVE-2005-2974, CVE-2005-3350) All users of giflib are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications using giflib must be restarted for the update to take effect. Affected Software/OS: giflib on CentOS 5 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2974 BugTraq ID: 15304 http://www.securityfocus.com/bid/15304 Debian Security Information: DSA-890 (Google Search) http://www.debian.org/security/2005/dsa-890 http://www.securityfocus.com/advisories/9636 http://www.securityfocus.com/advisories/9637 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00771.html http://www.securityfocus.com/archive/1/428059/30/6300/threaded http://www.securityfocus.com/archive/1/428059/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200511-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:207 http://bugs.gentoo.org/show_bug.cgi?id=109997 http://scary.beasts.org/security/CESA-2005-007.txt http://www.osvdb.org/20470 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10994 http://www.redhat.com/support/errata/RHSA-2005-828.html http://www.redhat.com/support/errata/RHSA-2009-0444.html http://securitytracker.com/id?1015149 http://secunia.com/advisories/17436 http://secunia.com/advisories/17438 http://secunia.com/advisories/17442 http://secunia.com/advisories/17462 http://secunia.com/advisories/17482 http://secunia.com/advisories/17488 http://secunia.com/advisories/17497 http://secunia.com/advisories/17508 http://secunia.com/advisories/17559 http://secunia.com/advisories/34872 http://secunia.com/advisories/35164 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) http://www.ubuntulinux.org/usn/usn-214-1 http://www.vupen.com/english/advisories/2005/2295 Common Vulnerability Exposure (CVE) ID: CVE-2005-3350 BugTraq ID: 15299 http://www.securityfocus.com/bid/15299 http://www.osvdb.org/20471 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9314
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.