|
|
>> Mandriva Security Update Fixes Libungif Buffer Overflow Vulnerabilities
|
Title : Mandriva Security Update Fixes Libungif Buffer Overflow Vulnerabilities
VUPEN ID : VUPEN/ADV-2005-2369
CVE ID : CVE-2005-2974 - CVE-2005-3350
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-11-09
|
Mandriva has released updated packages to correct two vulnerabilities identified in Libungif. These flaws could be exploited by remote attackers to execute arbitrary commands or cause a denial of service. For additional information, see : VUPEN/ADV-2005-2295
Affected Products
Mandriva Linux 10.1
Mandriva Linux 10.2
Mandriva Linux 2006.0
Corporate Server 2.1
Corporate 3.0
Solution
Upgrade the affected packages :
Mandriva Linux 10.1:
7572b3ed1c8846b63e4cfe1b8894a32f 10.1/RPMS/libungif4-4.1.2-2.1.101mdk.i586.rpm
82bd5a5c751e078763c81220da64c423 10.1/RPMS/libungif4-devel-4.1.2-2.1.101mdk.i586.rpm
d6d48523f5e06df65ec15baa1bf2bddb 10.1/RPMS/libungif4-static-devel-4.1.2-2.1.101mdk.i586.rpm
c76166c5d8c0e9810a00eb0f43933fe2 10.1/RPMS/libungif-progs-4.1.2-2.1.101mdk.i586.rpm
37ddb151c6110d637ed6a98e198a1e53 10.1/SRPMS/libungif-4.1.2-2.1.101mdk.src.rpm
Mandriva Linux 10.1/X86_64:
a47d1d8f03418e916294fa5713143150 x86_64/10.1/RPMS/lib64ungif4-4.1.2-2.1.101mdk.x86_64.rpm
eb9d79c3243fe189c0093bff6ea2fd35 x86_64/10.1/RPMS/lib64ungif4-devel-4.1.2-2.1.101mdk.x86_64.rpm
0f9a3c70ea330841b2449cc21a604d8c x86_64/10.1/RPMS/lib64ungif4-static-devel-4.1.2-2.1.101mdk.x86_64.rpm
303c855118c6cd38dcd7419896e4c913 x86_64/10.1/RPMS/libungif-progs-4.1.2-2.1.101mdk.x86_64.rpm
37ddb151c6110d637ed6a98e198a1e53 x86_64/10.1/SRPMS/libungif-4.1.2-2.1.101mdk.src.rpm
Mandriva Linux 10.2:
ebf8f6eb09d3114f9a761cc7f52cd8bb 10.2/RPMS/libungif4-4.1.3-1.1.102mdk.i586.rpm
88ae8d5c2248985eba52680873759f11 10.2/RPMS/libungif4-devel-4.1.3-1.1.102mdk.i586.rpm
3eca46cddca2d15bee06f5109cf5e287 10.2/RPMS/libungif4-static-devel-4.1.3-1.1.102mdk.i586.rpm
8586b759a2a6fafba49f29e23e4dae13 10.2/RPMS/libungif-progs-4.1.3-1.1.102mdk.i586.rpm
ae1821c6f0cb57991206c287bef87211 10.2/SRPMS/libungif-4.1.3-1.1.102mdk.src.rpm
Mandriva Linux 10.2/X86_64:
4f64cf649de6ccf2e0343b3aae2157c5 x86_64/10.2/RPMS/lib64ungif4-4.1.3-1.1.102mdk.x86_64.rpm
69a3ea4a02abbdbba26977a1ed1f3392 x86_64/10.2/RPMS/lib64ungif4-devel-4.1.3-1.1.102mdk.x86_64.rpm
bd7441f6648425731a453c58b4b9cc63 x86_64/10.2/RPMS/lib64ungif4-static-devel-4.1.3-1.1.102mdk.x86_64.rpm
5a91547614f3716d7f8dd9bfdbc3fb6c x86_64/10.2/RPMS/libungif-progs-4.1.3-1.1.102mdk.x86_64.rpm
ae1821c6f0cb57991206c287bef87211 x86_64/10.2/SRPMS/libungif-4.1.3-1.1.102mdk.src.rpm
Mandriva Linux 2006.0:
24070dfd47ec6b55a64debfd348d9711 2006.0/RPMS/libungif4-4.1.3-1.1.20060mdk.i586.rpm
ce86d6f15aebb0f7c9a772f60414fa0f 2006.0/RPMS/libungif4-devel-4.1.3-1.1.20060mdk.i586.rpm
48fcbd7ac7f0463db1c031dca381c79b 2006.0/RPMS/libungif4-static-devel-4.1.3-1.1.20060mdk.i586.rpm
62edb8465eece3bf2d52a44d7cdaf870 2006.0/RPMS/libungif-progs-4.1.3-1.1.20060mdk.i586.rpm
377b356f789805ffd30b75620681df31 2006.0/SRPMS/libungif-4.1.3-1.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
8a1c2fdc518a898d1638f162dbcf0129 x86_64/2006.0/RPMS/lib64ungif4-4.1.3-1.1.20060mdk.x86_64.rpm
76150147149dbce7c1b6ea990f7bc737 x86_64/2006.0/RPMS/lib64ungif4-devel-4.1.3-1.1.20060mdk.x86_64.rpm
3fb2d95c03cb31ffd41d86786d3471a8 x86_64/2006.0/RPMS/lib64ungif4-static-devel-4.1.3-1.1.20060mdk.x86_64.rpm
775f7f489b5c289ffcdfe5bf005c4131 x86_64/2006.0/RPMS/libungif-progs-4.1.3-1.1.20060mdk.x86_64.rpm
377b356f789805ffd30b75620681df31 x86_64/2006.0/SRPMS/libungif-4.1.3-1.1.20060mdk.src.rpm
Corporate Server 2.1:
936ee3114e416984e4aba756608a2802 corporate/2.1/RPMS/libungif4-4.1.0-19.1.C21mdk.i586.rpm
f76d4814f118ca630bfdf44998d9d49d corporate/2.1/RPMS/libungif4-devel-4.1.0-19.1.C21mdk.i586.rpm
fc5532eea180d6c31c0a9e41f2f2b5c9 corporate/2.1/RPMS/libungif4-static-devel-4.1.0-19.1.C21mdk.i586.rpm
b00eb0db117e0873d9e3727d8623019d corporate/2.1/SRPMS/libungif-4.1.0-19.1.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
b949a414676df894beff1f0bbd1cf8dd x86_64/corporate/2.1/RPMS/libungif4-4.1.0-19.1.C21mdk.x86_64.rpm
d688a956b50e58a390da4638c8d8552b x86_64/corporate/2.1/RPMS/libungif4-devel-4.1.0-19.1.C21mdk.x86_64.rpm
d4b4ae8c4fbab006e11f732da4e94072 x86_64/corporate/2.1/RPMS/libungif4-static-devel-4.1.0-19.1.C21mdk.x86_64.rpm
b00eb0db117e0873d9e3727d8623019d x86_64/corporate/2.1/SRPMS/libungif-4.1.0-19.1.C21mdk.src.rpm
Corporate 3.0:
100e1f0098e403f373246b40ad30a26c corporate/3.0/RPMS/libungif4-4.1.0-23.1.C30mdk.i586.rpm
9395faa12299d659e1c21f0710e68d0d corporate/3.0/RPMS/libungif4-devel-4.1.0-23.1.C30mdk.i586.rpm
710f25082b1534ecaed8cd93e925b1ce corporate/3.0/RPMS/libungif4-static-devel-4.1.0-23.1.C30mdk.i586.rpm
f1457fe0f7af89d2c4b91b7234264106 corporate/3.0/SRPMS/libungif-4.1.0-23.1.C30mdk.src.rpm
Corporate 3.0/X86_64:
4c2dcc592be1b52254a942cfa0771cf9 x86_64/corporate/3.0/RPMS/lib64ungif4-4.1.0-23.1.C30mdk.x86_64.rpm
fb7420250a7444c44da3f142a2ffe206 x86_64/corporate/3.0/RPMS/lib64ungif4-devel-4.1.0-23.1.C30mdk.x86_64.rpm
b876da48e6fa314cd5f735619d5325ef x86_64/corporate/3.0/RPMS/lib64ungif4-static-devel-4.1.0-23.1.C30mdk.x86_64.rpm
f1457fe0f7af89d2c4b91b7234264106 x86_64/corporate/3.0/SRPMS/libungif-4.1.0-23.1.C30mdk.src.rpm
References
http://www.vupen.com/english/advisories/2005/2369
http://archives.mandrivalinux.com/security-announce/2005-11/msg00011.php
ChangeLog
2005-11-09 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
