Debian Security Advisory DSA 1579-1 (netpbm-free) Network Vulnerability

Summary

The remote host is missing an update to netpbm-free announced via advisory DSA 1579-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201579-1

Insight

A vulnerability was discovered in the GIF reader implementation in netpbm-free, a suite of image manipulation utilities. Insufficient input data validation could allow a maliciously-crafted GIF file to overrun a stack buffer, potentially permitting the execution of arbitrary code. For the stable distribution (etch), these problems have been fixed in version 2:10.0-11.1+etch1. For the unstable distribution (sid), these problems were fixed in version 2:10.0-11.1. We recommend that you upgrade your netpbm packages.

Severity

Classification

CVE CVE-2008-0554
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1107-1 (gnupg)
Debian Security Advisory DSA 1119-1 (hiki)
Debian Security Advisory DSA 103-1 (glibc)
Debian Security Advisory DSA 036-1 (mc)
Debian Security Advisory DSA 1071-1 (mysql)

Take action and discover your vulnerabilities