FrSIRT - Fedora Security Update Fixes Libpng Denial of Service Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes Libpng Denial of Service Vulnerabilities

Date de Publication : 2007-11-06 © FrSIRT.COM
Titre : Fedora Security Update Fixes Libpng Denial of Service Vulnerabilities
Identifiant : FrSIRT/AVIS-2007-3737
CVE ID : CVE-2007-5269
Risque : Bas (1/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Fedora, elles pourraient être exploitées par des attaquants afin de causer un déni de service [...]

Solution

Installer les mises à jour :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

a3ad279b3ad57fa400c4f4d399a41160c0d56139 SRPMS/libpng-1.2.10-10.fc6.src.rpm
a3ad279b3ad57fa400c4f4d399a41160c0d56139 noarch/libpng-1.2.10-10.fc6.src.rpm
191d90cc3707d58332e6f46458b92fa0de8efa0c ppc/debug/libpng-debuginfo-1.2.10-10.fc6.ppc.rpm
5f9ab7a311b3915cd2c3d61169e74bb650caa5ff ppc/libpng-1.2.10-10.fc6.ppc.rpm
76cc4ed531defe62d6b7b4bd53d9bbfddcefeef7 ppc/libpng-devel-1.2.10-10.fc6.ppc.rpm
f67eee4818850201eb1c948bb8b21abca6d2216c x86_64/libpng-1.2.10-10.fc6.x86_64.rpm
be350a48d12913f9420f2cfc470c635508e21918 x86_64/debug/libpng-debuginfo-1.2.10-10.fc6.x86_64.rpm
33af6f8df736ed07899f60ad866008fa47ea4606 x86_64/libpng-devel-1.2.10-10.fc6.x86_64.rpm
a9a91ed26b66d5f684a06278c2df6a9e2cbdc7fb i386/debug/libpng-debuginfo-1.2.10-10.fc6.i386.rpm
1be72a3fea013be33ccd5abc22a07109dba023e8 i386/libpng-1.2.10-10.fc6.i386.rpm
5a4d9196a9c5b122e94f8634b8baeef2e6228c8a i386/libpng-devel-1.2.10-10.fc6.i386.rpm

Historique

2007-11-06 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
	Cisco Products SNMPv3 Authentication Packets Vulnerabilities
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco IOS Secure Shell Remote Denial of Service

	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities
	Sun Solaris "snmpXdmid" Packet Handling Denial of Service Vulnerability
	Sun Solaris FreeType2 Library Multiple Memory Corruption Vulnerabilities
	Sun Java System Calendar Server Denial of Service Vulnerability
	Sun Solaris SMA SNMPv3 Authentication Bypass Vulnerability

	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities