Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:029: imlib Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the imlib package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:029 (imlib).
Previous versions of imlib, prior to 1.9.13, would fall back to the NetPBM
library which is not suitable for loading untrusted images due to various
problem in it's code. The new imlib also fixes some problems with arguments
passed to malloc(). These problems could allow attackers to construct images
that could cause crashes or, potentially, the execution of arbitrary code when
said images are loaded by a viewer that uses imlib.
Thanks to Alan Cox and Al Viro for discovering the problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:029
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.