Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2004:031
HistoryFeb 03, 2004 - 12:00 a.m.

(RHSA-2004:031) netpbm security update

2004-02-0300:00:00
access.redhat.com
6

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON

The netpbm package contains a library of functions that support
programs for handling various graphics file formats, including .pbm
(portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps),
.ppm (portable pixmaps), and others.

A number of temporary file bugs have been found in versions of NetPBM.
These could make it possible for a local user to overwrite or create files
as a different user who happens to run one of the the vulnerable utilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0924 to this issue.

Users are advised to upgrade to the erratum packages, which contain patches
from Debian that correct these bugs.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64netpbm-progs< 9.24-9.AS21.3netpbm-progs-9.24-9.AS21.3.ia64.rpm
RedHatanyi386netpbm-devel< 9.24-9.AS21.3netpbm-devel-9.24-9.AS21.3.i386.rpm
RedHatanyi386netpbm-progs< 9.24-11.30.1netpbm-progs-9.24-11.30.1.i386.rpm
RedHatanyia64netpbm< 9.24-9.AS21.3netpbm-9.24-9.AS21.3.ia64.rpm
RedHatanyx86_64netpbm-progs< 9.24-11.30.1netpbm-progs-9.24-11.30.1.x86_64.rpm
RedHatanyia64netpbm-devel< 9.24-9.AS21.3netpbm-devel-9.24-9.AS21.3.ia64.rpm
RedHatanyppcnetpbm-devel< 9.24-11.30.1netpbm-devel-9.24-11.30.1.ppc.rpm
RedHatanyi386netpbm< 9.24-9.AS21.3netpbm-9.24-9.AS21.3.i386.rpm
RedHatanyx86_64netpbm-devel< 9.24-11.30.1netpbm-devel-9.24-11.30.1.x86_64.rpm
RedHatanys390xnetpbm-progs< 9.24-11.30.1netpbm-progs-9.24-11.30.1.s390x.rpm
Rows per page:
1-10 of 241

Related

debian 1
openvas 4
securityvulns 1
osv 1
cve 1
nessus 4
cert 1
debiancve 1
gentoo 1
altlinux 1
debian
debian
[SECURITY] [DSA 426-1] New netpbm-free packages fix insecure temporary file creation
2004-01-18 21:12:27
openvas
openvas
Gentoo Security Advisory GLSA 200410-02 (Netpbm)
2008-09-24 00:00:00
Debian Security Advisory DSA 426-1 (netpbm-free)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-426)
2008-01-17 00:00:00
securityvulns
securityvulns
[Full-Disclosure] [SECURITY] [DSA 426-1] New netpbm-free packages fix insecure temporary file creation
2004-01-19 00:00:00
osv
osv
netpbm-free - insecure temporary files
2004-01-18 00:00:00
cve
cve
CVE-2003-0924
2004-02-17 05:00:00
nessus
nessus
GLSA-200410-02 : Netpbm: Multiple temporary file issues
2004-10-04 00:00:00
Mandrake Linux Security Advisory : netpbm (MDKSA-2004:011-1)
2004-07-31 00:00:00
Debian DSA-426-1 : netpbm-free - insecure temporary files
2004-09-29 00:00:00
cert
cert
Multiple tools within the Netpbm package create temporary files in an insecure manner
2004-01-19 00:00:00
debiancve
debiancve
CVE-2003-0924
2004-02-17 05:00:00
gentoo
gentoo
Netpbm: Multiple temporary file issues
2004-10-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package netpbm version 9.24-alt4
2004-02-12 00:00:00

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON
Related for RHSA-2004:031
debian1openvas4securityvulns1osv1cve1nessus4cert1debiancve1gentoo1altlinux1