Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN218-1 : netpbm-free vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
netpbm-free vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libnetpbm10
- libnetpbm10-dev
- libnetpbm9
- libnetpbm9-dev
- netpbm

Description :

Two buffer overflows were discovered in the 'pnmtopng' tool, which
were triggered by processing an image with exactly 256 colors when
using the -alpha option (CVE-2005-3662) or by processing a text file
with very long lines when using the -text option (CVE-2005-3632).

A remote attacker could exploit these to execute arbitrary code by
tricking an user or an automated system into processing a specially
crafted PNM file with pnmtopng.

Solution :

Upgrade to :
- libnetpbm10-10.0-8ubuntu1.2 (Ubuntu 5.10)
- libnetpbm10-dev-10.0-8ubuntu1.2 (Ubuntu 5.10)
- libnetpbm9-10.0-8ubuntu1.2 (Ubuntu 5.10)
- libnetpbm9-dev-10.0-8ubuntu1.2 (Ubuntu 5.10)
- netpbm-10.0-8ubuntu1.2 (Ubuntu 5.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.