|
|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:132: gd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:132 (gd).
Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and
possibly other versions. These overflows allow remote attackers to cause a
denial of service and possibly execute arbitrary code via PNG image files with
large image rows values that lead to a heap-based buffer overflow in the
gdImageCreateFromPngCtx() function.
The updated packages have been patched to prevent these issues.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:132
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
