Family: Red Hat Local Security Checks --> Category: infos
RHSA-2004-031: netpbm Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the netpbm packages
Detailed Explanation for this Vulnerability Test
Updated NetPBM packages are available that fix a number of temporary file
vulnerabilities in the netpbm libraries.
The netpbm package contains a library of functions that support
programs for handling various graphics file formats, including .pbm
(portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps),
.ppm (portable pixmaps), and others.
A number of temporary file bugs have been found in versions of NetPBM.
These could make it possible for a local user to overwrite or create files
as a different user who happens to run one of the the vulnerable utilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0924 to this issue.
Users are advised to upgrade to the erratum packages, which contain patches
from Debian that correct these bugs.
Solution : http://rhn.redhat.com/errata/RHSA-2004-031.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.