Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:095: libtiff Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the libtiff package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:095 (libtiff).
A stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2
and earlier might might allow attackers to execute arbitrary code via a
NOTE: tiffsplit is not setuid, and there may not be a common scenario under
which tiffsplit is called with attacker-controlled command line arguments.
The updated packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:095
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.