Miembros de
Boletines de Vulnerabilidades |
Denegación de servicio en Gimp |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Denegación de Servicio |
| Dificultad | Principiante |
| Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricante afectado | GNU/Linux |
| Software afectado | Gimp |
Descripción |
|
|
Se han encontrado múltiples vulnerabilidades en Gimp. Las vulnerabilidades residen en errores no especificados en los plugins de bmp, pcx, psd y psp que utilizan la herramienta fuzzyfier. Un atacante podría causar una denegación de servicio o un consumo excesivo de memoria mediante la modificación de imágenes. |
|
Solución |
|
|
Actualización de software: Mandriva (MDKSA-2007:170) Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/gimp-1.2.5-13.4.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/gimp-doc-1.2.5-13.4.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/gimp-perl-1.2.5-13.4.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libgimp1.2-1.2.5-13.4.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libgimp1.2_1-1.2.5-13.4.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/libgimp1.2_1-devel-1.2.5-13.4.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/gimp-1.2.5-13.4.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/gimp-1.2.5-13.4.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/gimp-doc-1.2.5-13.4.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/gimp-perl-1.2.5-13.4.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64gimp1.2-1.2.5-13.4.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64gimp1.2_1-1.2.5-13.4.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/lib64gimp1.2_1-devel-1.2.5-13.4.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/gimp-1.2.5-13.4.C30mdk.src.rpm Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/gimp-2.3.10-6.4mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/gimp-python-2.3.10-6.4mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libgimp2.0-devel-2.3.10-6.4mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/libgimp2.0_0-2.3.10-6.4mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/gimp-2.3.10-6.4mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/gimp-2.3.10-6.4mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/gimp-python-2.3.10-6.4mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64gimp2.0-devel-2.3.10-6.4mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/lib64gimp2.0_0-2.3.10-6.4mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/gimp-2.3.10-6.4mdv2007.0.src.rpm Mandriva Linux 2007.1 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/gimp-2.3.14-3.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/gimp-python-2.3.14-3.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/libgimp2.0-devel-2.3.14-3.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/i586/libgimp2.0_0-2.3.14-3.3mdv2007.1.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/SRPMS/gimp-2.3.14-3.3mdv2007.1.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/gimp-2.3.14-3.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/gimp-python-2.3.14-3.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/lib64gimp2.0-devel-2.3.14-3.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/x86_64/lib64gimp2.0_0-2.3.14-3.3mdv2007.1.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.1/SRPMS/gimp-2.3.14-3.3mdv2007.1.src.rpm Red Hat (RHSA-2007:0513-8) RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2007-3741 |
| BID | |
Recursos adicionales |
|
|
Mandriva Security Advisory (MDKSA-2007:170) http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 Red Hat Security Advisory (RHSA-2007:0513-8) https://rhn.redhat.com/errata/RHSA-2007-0513.html |
|
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Aviso emitido | 2007-08-24 |
| 1.1 | Aviso emitido por Red Hat (RHSA-2007:0513-8) | 2007-09-26 |