Family: Debian Local Security Checks --> Category: infos
[DSA1054] DSA-1054-1 tiff Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Tavis Ormandy discovered several vulnerabilities in the TIFF library
that can lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
Multiple vulnerabilities allow attackers to cause a denial of
An integer overflow allows attackers to cause a denial of service
and possibly execute arbitrary code.
A double-free vulnerability allows attackers to cause a denial of
service and possibly execute arbitrary code.
For the old stable distribution (woody) these problems have been fixed
in version 3.5.5-7woody1.
For the stable distribution (sarge) these problems have been fixed in
The unstable distribution (sid) is not vulnerable to these problems.
We recommend that you upgrade your libtiff packages.
Solution : http://www.debian.org/security/2006/dsa-1054
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.