Vulnerability Bulletins |
Corrupción de la pila en NetPBM |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software | netpbm < 10.25 |
Description |
|
|
Se ha descubierto una vulnerabilidad en netpbm anterior a 10.25. La vulnerabilidad reside en la función pnmtopng que cuando transforma imágenes PNM a PNG usando la opción -trans no inicia las variables 'size' y 'index' lo que podría corromper la pila. Un atacante remoto podría ejecutar código arbitrario mediante un fichero PNM especialmente diseñado. |
|
Solution |
|
|
Actualización de software Red Hat Red Hat Desktop (v. 4) / SRPMS netpbm-10.25-2.EL4.2.src.rpm Red Hat Desktop (v. 4) / IA-32 netpbm-10.25-2.EL4.2.i386.rpm netpbm-devel-10.25-2.EL4.2.i386.rpm netpbm-progs-10.25-2.EL4.2.i386.rpm Red Hat Desktop (v. 4) / x86_64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.x86_64.rpm netpbm-devel-10.25-2.EL4.2.x86_64.rpm netpbm-progs-10.25-2.EL4.2.x86_64.rpm Red Hat Enterprise Linux AS (v. 4) / SRPMS netpbm-10.25-2.EL4.2.src.rpm Red Hat Enterprise Linux AS (v. 4) / IA-32 netpbm-10.25-2.EL4.2.i386.rpm netpbm-devel-10.25-2.EL4.2.i386.rpm netpbm-progs-10.25-2.EL4.2.i386.rpm Red Hat Enterprise Linux AS (v. 4) / IA-64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.ia64.rpm netpbm-devel-10.25-2.EL4.2.ia64.rpm netpbm-progs-10.25-2.EL4.2.ia64.rpm Red Hat Enterprise Linux AS (v. 4) / PPC netpbm-10.25-2.EL4.2.ppc.rpm netpbm-10.25-2.EL4.2.ppc64.rpm netpbm-devel-10.25-2.EL4.2.ppc.rpm netpbm-progs-10.25-2.EL4.2.ppc.rpm Red Hat Enterprise Linux AS (v. 4) / s390 netpbm-10.25-2.EL4.2.s390.rpm netpbm-devel-10.25-2.EL4.2.s390.rpm netpbm-progs-10.25-2.EL4.2.s390.rpm Red Hat Enterprise Linux AS (v. 4) / s390x netpbm-10.25-2.EL4.2.s390.rpm netpbm-10.25-2.EL4.2.s390x.rpm netpbm-devel-10.25-2.EL4.2.s390x.rpm netpbm-progs-10.25-2.EL4.2.s390x.rpm Red Hat Enterprise Linux AS (v. 4) / x86_64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.x86_64.rpm netpbm-devel-10.25-2.EL4.2.x86_64.rpm netpbm-progs-10.25-2.EL4.2.x86_64.rpm Red Hat Enterprise Linux ES (v. 4) / SRPMS netpbm-10.25-2.EL4.2.src.rpm Red Hat Enterprise Linux ES (v. 4) / IA-32 netpbm-10.25-2.EL4.2.i386.rpm netpbm-devel-10.25-2.EL4.2.i386.rpm netpbm-progs-10.25-2.EL4.2.i386.rpm Red Hat Enterprise Linux ES (v. 4) / IA-64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.ia64.rpm netpbm-devel-10.25-2.EL4.2.ia64.rpm netpbm-progs-10.25-2.EL4.2.ia64.rpm Red Hat Enterprise Linux ES (v. 4) / x86_64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.x86_64.rpm netpbm-devel-10.25-2.EL4.2.x86_64.rpm netpbm-progs-10.25-2.EL4.2.x86_64.rpm Red Hat Enterprise Linux WS (v. 4) / SRPMS netpbm-10.25-2.EL4.2.src.rpm Red Hat Enterprise Linux WS (v. 4) / IA-32 netpbm-10.25-2.EL4.2.i386.rpm netpbm-devel-10.25-2.EL4.2.i386.rpm netpbm-progs-10.25-2.EL4.2.i386.rpm Red Hat Enterprise Linux WS (v. 4) / IA-64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.ia64.rpm netpbm-devel-10.25-2.EL4.2.ia64.rpm netpbm-progs-10.25-2.EL4.2.ia64.rpm Red Hat Enterprise Linux WS (v. 4) / x86_64 netpbm-10.25-2.EL4.2.i386.rpm netpbm-10.25-2.EL4.2.x86_64.rpm netpbm-devel-10.25-2.EL4.2.x86_64.rpm netpbm-progs-10.25-2.EL4.2.x86_64.rpm Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-8sarge1.dsc http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-8sarge1.diff.gz http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz Alpha http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_alpha.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_alpha.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_alpha.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_alpha.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_alpha.deb AMD64 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_amd64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_amd64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_amd64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_amd64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_amd64.deb ARM http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_arm.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_arm.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_arm.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_arm.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_i386.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_i386.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_i386.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_i386.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_ia64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_ia64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_ia64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_ia64.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_ia64.deb HP Precision http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_hppa.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_hppa.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_hppa.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_hppa.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_m68k.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_m68k.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_m68k.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_m68k.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_mips.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_mips.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_mips.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_mips.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_mipsel.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_mipsel.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_mipsel.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_mipsel.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_powerpc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_powerpc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_powerpc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_powerpc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_s390.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_s390.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_s390.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_s390.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-8sarge1_sparc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-8sarge1_sparc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-8sarge1_sparc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-8sarge1_sparc.deb http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-8sarge1_sparc.deb Mandriva Mandriva Linux 10.2 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libnetpbm10-10.26-2.2.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libnetpbm10-devel-10.26-2.2.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libnetpbm10-static-devel-10.26-2.2.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/netpbm-10.26-2.2.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/netpbm-10.26-2.2.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64netpbm10-10.26-2.2.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64netpbm10-devel-10.26-2.2.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64netpbm10-static-devel-10.26-2.2.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/netpbm-10.26-2.2.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/netpbm-10.26-2.2.102mdk.src.rpm Mandriva Linux 2006.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libnetpbm10-10.29-1.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libnetpbm10-devel-10.29-1.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libnetpbm10-static-devel-10.29-1.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/netpbm-10.29-1.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/netpbm-10.29-1.2.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/lib64netpbm10-10.29-1.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/lib64netpbm10-devel-10.29-1.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/lib64netpbm10-static-devel-10.29-1.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/netpbm-10.29-1.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/netpbm-10.29-1.2.20060mdk.src.rpm |
|
Standar resources |
|
| Property | Value |
| CVE | CAN-2005-2978 |
| BID | |
Other resources |
|
|
Red Hat Security Advisory (RHSA-2005:793-6) https://rhn.redhat.com/errata/RHSA-2005-793.html SUSE Security Advisory (SUSE-SR:2005:024) http://www.novell.com/linux/security/advisories/2005_24_sr.html Debian Security Advisory (DSA 878-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00274.html Mandriva Security Advisory (MDKSA-2005:199) http://www.mandriva.com/security/advisories?name=MDKSA-2005:199 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2005-10-25 |
| 1.1 | Aviso emitido por Debian (DSA 878-1). Aviso emitido por Mandriva (MDKSA-2005:199) | 2005-10-28 |