FrSIRT - Fedora Security Update Fixes GD Code Execution and Denial of Service Issues / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes GD Code Execution and Denial of Service Issues

Date de Publication : 2007-09-20 © FrSIRT.COM
Titre : Fedora Security Update Fixes GD Code Execution and Denial of Service Issues
Identifiant : FrSIRT/AVIS-2007-3209
CVE ID : CVE-2007-3472 - CVE-2007-3473 - CVE-2007-3474 - CVE-2007-3475 - CVE-2007-3476 - CVE-2007-3477 - CVE-2007-3478
Risque : Elevé (3/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Fedora, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou exécuter un code arbitraire [...]

Solution

Installer les mises à jour :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

7ec90b5367033b13d592d86a30769f91ff353e89 SRPMS/gd-2.0.35-1.fc6.src.rpm
7ec90b5367033b13d592d86a30769f91ff353e89 noarch/gd-2.0.35-1.fc6.src.rpm
04d19be2cd0f4d99af6173f98a107cdb20c3b3b4 ppc/gd-devel-2.0.35-1.fc6.ppc.rpm
0649f623ebd277a86f5b595f2087176b41081e17 ppc/gd-2.0.35-1.fc6.ppc.rpm
9c1e46c10b95a36272110187f256138785404075 ppc/gd-progs-2.0.35-1.fc6.ppc.rpm
0d4196a2330be0ea7f01eb4b07fd3a61184b036e ppc/debug/gd-debuginfo-2.0.35-1.fc6.ppc.rpm
45200261eca7b6c0787b2ecc40895581539f3b4f x86_64/gd-progs-2.0.35-1.fc6.x86_64.rpm
3a360482e0507faf835b6dfdd3825cce06e8fd24 x86_64/gd-2.0.35-1.fc6.x86_64.rpm
4d1a83ad63ad2420296ad0da5b387bae8424ec46 x86_64/gd-devel-2.0.35-1.fc6.x86_64.rpm
c534466b3285b9077dc2434efcc249254edda687 x86_64/debug/gd-debuginfo-2.0.35-1.fc6.x86_64.rpm
89f03a7ea527e00a4760bf8573ba1599593d4401 i386/debug/gd-debuginfo-2.0.35-1.fc6.i386.rpm
0062e7759fd9cafb4ef16ee4d9b485fbd95d5ac7 i386/gd-progs-2.0.35-1.fc6.i386.rpm
c4466ad20dde160ddef6cfb6eafd85d3009c4dc5 i386/gd-2.0.35-1.fc6.i386.rpm
13689420c94f0566bc1f04c046752f5a9e1b17b4 i386/gd-devel-2.0.35-1.fc6.i386.rpm

Historique

2007-09-20 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Microsoft Visual Studio "Msmask32" Code Execution Vulnerability
	Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)
	Microsoft Windows Messenger Data Disclosure (MS08-050)
	Microsoft Windows Event System Code Execution (MS08-049)
	Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)
	Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)
	Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)

	Oracle Products Multiple Code Execution Vulnerabilities
	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
	Cisco Products SNMPv3 Authentication Packets Vulnerabilities
	Cisco PIX and ASA Security Bypass and Denial of Service