French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Mandriva Security Update Fixes GD Library GIF Image Denial of Service Vulnerability

Title : Mandriva Security Update Fixes GD Library GIF Image Denial of Service Vulnerability
Advisory ID : FrSIRT/ADV-2006-2576
CVE ID : CVE-2006-2906
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-06-28

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Mandriva has released updated packages to address a vulnerability identified in GD [...]

Solution

Upgrade the affected packages :

Mandriva Linux 10.2:
a8b7178a2e3aabd8f26f0575cc8775ae 10.2/RPMS/gd-utils-2.0.33-3.1.102mdk.i586.rpm
e3ef1e900f6de8cdaea4d6fd5a516476 10.2/RPMS/libgd2-2.0.33-3.1.102mdk.i586.rpm
cfe793a05357a871c3bce58ac19431a3 10.2/RPMS/libgd2-devel-2.0.33-3.1.102mdk.i586.rpm
21e65240b1c3afc878861e86e993df88 10.2/RPMS/libgd2-static-devel-2.0.33-3.1.102mdk.i586.rpm
ad156d018149831cf4c0fec70bb9ba67 10.2/SRPMS/gd-2.0.33-3.1.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
37d535359d49339434c107a48b11a8ea x86_64/10.2/RPMS/gd-utils-2.0.33-3.1.102mdk.x86_64.rpm
ff1287dd3c92ba8933162e5caf54d123 x86_64/10.2/RPMS/lib64gd2-2.0.33-3.1.102mdk.x86_64.rpm
4f8eaad304f1ed2e0be07f969d8cae72 x86_64/10.2/RPMS/lib64gd2-devel-2.0.33-3.1.102mdk.x86_64.rpm
df8f7bc54de7ab615128871448c8fcd4 x86_64/10.2/RPMS/lib64gd2-static-devel-2.0.33-3.1.102mdk.x86_64.rpm
ad156d018149831cf4c0fec70bb9ba67 x86_64/10.2/SRPMS/gd-2.0.33-3.1.102mdk.src.rpm

Mandriva Linux 2006.0:
464c206bd702817804b25b0602c9682d 2006.0/RPMS/gd-utils-2.0.33-3.1.20060mdk.i586.rpm
a1f0caedbb819ae5aaf0259d657ab137 2006.0/RPMS/libgd2-2.0.33-3.1.20060mdk.i586.rpm
2157623bebe2e780d519ab33f6846b4a 2006.0/RPMS/libgd2-devel-2.0.33-3.1.20060mdk.i586.rpm
38190793bfa2aec8feaaeec235c83020 2006.0/RPMS/libgd2-static-devel-2.0.33-3.1.20060mdk.i586.rpm
b95de17443646c61d83adba4378a5d71 2006.0/SRPMS/gd-2.0.33-3.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
4036c957b65111965a17c0e792b53739 x86_64/2006.0/RPMS/gd-utils-2.0.33-3.1.20060mdk.x86_64.rpm
30b39956ee262b92a88e6148d8691735 x86_64/2006.0/RPMS/lib64gd2-2.0.33-3.1.20060mdk.x86_64.rpm
1d28e426cecac98c3248d3c61727e842 x86_64/2006.0/RPMS/lib64gd2-devel-2.0.33-3.1.20060mdk.x86_64.rpm
9ef94ef9bb6b02afb3b67617eb3e36c9 x86_64/2006.0/RPMS/lib64gd2-static-devel-2.0.33-3.1.20060mdk.x86_64.rpm
b95de17443646c61d83adba4378a5d71 x86_64/2006.0/SRPMS/gd-2.0.33-3.1.20060mdk.src.rpm

ChangeLog

2006-06-28 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Apple Mac OS X Command Execution and Security Bypass Issues

Apple Safari for Mac OS X Remote Code Execution Vulnerability

Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

Apple Safari Code Execution and Information Disclosure Vulnerabilities

Apple QuickTime Multiple File Handling Code Execution Vulnerabilities

Apple Safari for Windows Remote Code Execution Vulnerability

Apple Mac OS X Command Execution and Security Bypass Issues

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

Microsoft SQL Server Privilege Escalation Vulnerabilities (MS08-040)

Microsoft Exchange Server Cross Site Scripting Issues (MS08-039)

Microsoft Windows Explorer Remote Code Execution (MS08-038)

Microsoft Windows Multiple DNS Spoofing Vulnerabilities (MS08-037)

Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

Microsoft Internet Explorer Frame Cross-Domain Scripting Vulnerability

Microsoft Internet Explorer "location" Cross-Domain Scripting Issue

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy