Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: SuSE Local Security Checks --> Category: infos

SUSE-SA:2005:001: libtiff/tiff Vulnerability Scan


Vulnerability Scan Summary
Check for the version of the libtiff/tiff package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory SUSE-SA:2005:001 (libtiff/tiff).


Libtiff supports reading, writing, and manipulating of TIFF image files.
iDEFENSE reported an integer overflow in libtiff that can be exploited by
specific TIFF images to trigger a heap-based buffer overflow afterwards.

This bug can be used by external attackers to execute arbitrary code
over the network by placing special image files on web-pages and
alike.

Additionally a buffer overflow in tiffdump was fixed.



Solution : http://www.suse.de/security/advisories/2005_01_libtiff_tiff.html
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.