Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:076: xli Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xli package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:076 (xli).
A number of vulnerabilities have been found in the xli image viewer. Tavis
Ormandy of the Gentoo Linux Security Audit Team discovered a flaw in the
handling of compressed images where shell meta-characters are not properly
escaped (CVE-2005-0638). It was also found that insufficient validation of
image properties could potentially result in buffer management errors
The updated packages have been patched to correct these problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:076
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.