Gentoo Security Advisory GLSA 200502-24 (mc)

The remote host is missing updates announced in advisory GLSA 200502-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200809-07 : libTIFF: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200809-07 libTIFF: User-assisted execution of arbitrary code Drew Yao Apple Product Security and Clay Wood reported multiple buffer underflows in the LZWDecode and LZWDecodeCompat functions in tiflzw.c when processing TIFF files...

openSUSE 10 Security Update : libtiff (libtiff-5540)

A buffer underflow CVE-2008-2327 has been fixed in libtiff. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libtiff-5540. The text description of this plugin is C SUSE LLC...

SuSE 10 Security Update : libtiff (ZYPP Patch Number 5538)

A buffer underflow CVE-2008-2327 has been fixed in libtiff. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid34074; scriptversion"1.20";...

Security fix for the ALT Linux 5 package libtiff version 3.8.2-alt2

Aug. 31, 2008 Dmitry V. Levin 3.8.2-alt2 - Applied patches from Drew Yao of Apple Product Security to fix potential buffer underflow in the LZW decoder CVE-2008-2327...

Security fix for the ALT Linux 10 package libtiff version 3.8.2-alt2

Aug. 31, 2008 Dmitry V. Levin 3.8.2-alt2 - Applied patches from Drew Yao of Apple Product Security to fix potential buffer underflow in the LZW decoder CVE-2008-2327...

Buffer overflow

Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...

CVE-2008-2327

Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...

CVE-2008-2327

CVE-2008-2327 affects LibTIFF 3.8.2 and earlier, with multiple buffer underflows in the LZW decoder (LZWDecode, LZWDecodeCompat, LZWDecodeVector) in tif_lzw.c that allow context-dependent attackers to execute arbitrary code via a crafted TIFF file due to improper handling of the CODE_CLEAR. Conne...

LibTIFF 'tif_lzw.c'远程整数下溢漏洞

BUGTRAQ ID:30832 CVE ID：CVE-2008-2327 CNCVE ID：CNCVE-20082327 LibTiff是一款负责对TIFF图象格式进行编码/解码的应用库。 LibTIFF 'tiflzw.c'存在整数下溢问题，远程攻击者可以利用漏洞以链接此库的应用程序权限执行任意指令。 libtiff/tiflzw.c代码中的"LZWDecode"和"LZWDecodeCompat"函数存在错误，通过构建特殊的TIFF文件，诱使用户访问，可触发缓冲区下溢，导致以链接此库的应用程序权限执行任意指令。 LibTIFF LibTIFF 3.8.2 + Debian Linu...

Debian DSA-1632-1 : tiff - buffer underflow

Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...

[SECURITY] [DSA 1632-1] New tiff packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1632-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 26, 2008 http://www.debian.org/security/faq -...

DTSA-160-1 tiff - buffer underflow

Bulletin has no description...

Debian Security Advisory DSA 1149-1 (ncompress)

The remote host is missing an update to ncompress announced via advisory DSA 1149-1. Tavis Ormandy from the Google Security Team discovered a missing boundary check in ncompress, the original Lempel-Ziv compress and uncompress programs, which allows a specially crafted datastream to underflow a...

Debian: Security Advisory (DSA-1264-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1149-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 639-1 (mc)

The remote host is missing an update to mc announced via advisory DSA 639-1. OpenVAS Vulnerability Test $Id: deb6391.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 639-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

openSUSE 10 Security Update : kernel (kernel-4752)

This kernel update fixes the following security problems : ++ CVE-2007-3104: The sysfsreaddir function in the Linux kernel 2.6 allows local users to cause a denial of service kernel OOPS by dereferencing a NULL pointer to an inode in a dentry. ++ CVE-2007-4997: A 2 byte buffer underflow in the...

SuSE 10 Security Update : ncompress (ZYPP Patch Number 1911)

Lack of bounds checking in the decompression routine could result in a heap buffer underflow. Attackers could potentially exploit this to execute arbitrary code by tricking users into decompressing a specially crafted archive. CVE-2006-1168 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 regression (USN-424-2)

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Multiple buffer overflows have been discovered in various PHP modules. If a PHP application...