Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN11-1 : libgd2 vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
libgd2 vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libgd-tools
- libgd2
- libgd2-dev
- libgd2-noxpm
- libgd2-noxpm-dev
- libgd2-xpm
- libgd2-xpm-dev

Description :

Several buffer overflows have been discovered in libgd's PNG handling

If a possible hacker tricked a user into loading a malicious PNG image, they
could leverage this into executing arbitrary code in the context of
the user opening image. Most importantly, this library is commonly
used in PHP. One possible target would be a PHP driven photo website
that lets users upload images. Therefore this vulnerability might lead
to privilege escalation to a web server's rights.

Solution :

Upgrade to :
- libgd-tools-2.0.23-2ubuntu0.1 (Ubuntu 4.10)
- libgd2-2.0.23-2ubuntu0.1 (Ubuntu 4.10)
- libgd2-dev-2.0.23-2ubuntu0.1 (Ubuntu 4.10)
- libgd2-noxpm-2.0.23-2ubuntu0.1 (Ubuntu 4.10)
- libgd2-noxpm-dev-2.0.23-2ubuntu0.1 (Ubuntu 4.10)
- libgd2-xpm-2.0.23-2ubuntu0.1 (Ubuntu 4.10)
- libgd2-xpm-dev-2.0.23-2ubuntu0.1 (Ubuntu 4.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.