|
Family: Debian Local Security Checks --> Category: infos
[DSA904] DSA-904-1 netpbm-free Vulnerability Scan
Vulnerability Scan Summary DSA-904-1 netpbm-free
Detailed Explanation for this Vulnerability Test
Greg Roelofs discovered and fixed several buffer overflows in pnmtopng
which is also included in netpbm, a collection of graphic conversion
utilities, that can lead to the execution of arbitrary code via a
specially crafted PNM file.
For the old stable distribution (woody) these problems have been fixed in
version 9.20-8.5.
For the stable distribution (sarge) these problems have been fixed in
version 10.0-8sarge2.
For the unstable distribution (sid) these problems will be fixed in
version 10.0-11.
We recommend that you upgrade your netpbm package.
Solution : http://www.debian.org/security/2005/dsa-904
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|