Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:109: libtiff Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the libtiff package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:109 (libtiff).
Several vulnerabilities have been discovered in the libtiff package:
Chris Evans discovered several problems in the RLE (run length encoding)
decoders that could lead to arbitrary code execution. (CVE-2004-0803) Matthias
Clasen discovered a division by zero through an integer overflow.
Dmitry V. Levin discovered several integer overflows that caused malloc issues
which can result to either plain crash or memory corruption. (CVE-2004-0886)
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:109
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.