Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN92-1 : lesstif1-1 vulnerabilities Vulnerability Scan


Vulnerability Scan Summary
lesstif1-1 vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- lesstif-bin
- lesstif-dev
- lesstif-doc
- lesstif1
- lesstif2
- lesstif2-dev


Description :

Several vulnerabilities have been found in the XPM image decoding
functions of the LessTif library. If a possible hacker tricked a user into
loading a malicious XPM image with an application that uses LessTif,
he could exploit this to execute arbitrary code in the context of the
user opening the image.

Ubuntu does not contain any server applications using LessTif, so
there is no possibility of privilege escalation.

Solution :

Upgrade to :
- lesstif-bin-0.93.94-4ubuntu1.3 (Ubuntu 4.10)
- lesstif-dev-0.93.94-4ubuntu1.3 (Ubuntu 4.10)
- lesstif-doc-0.93.94-4ubuntu1.3 (Ubuntu 4.10)
- lesstif1-0.93.94-4ubuntu1.3 (Ubuntu 4.10)
- lesstif2-0.93.94-4ubuntu1.3 (Ubuntu 4.10)
- lesstif2-dev-0.93.94-4ubuntu1.3 (Ubuntu 4.10)



Threat Level: High


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.