|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200510-18] Netpbm: Buffer overflow in pnmtopng Vulnerability Scan
Vulnerability Scan Summary Netpbm: Buffer overflow in pnmtopng
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200510-18
(Netpbm: Buffer overflow in pnmtopng)
RedHat reported that pnmtopng is vulnerable to a buffer overflow.
Impact
A possible hacker could craft a malicious PNM file and entice a user to
run pnmtopng on it, potentially resulting in the execution of arbitrary
code with the permissions of the user running pnmtopng.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978
Solution:
All Netpbm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/netpbm-10.29"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|