Slackware 10.0 / 10.1 / 10.2 / 9.0 / 9.1 / current : libtiff (SSA:2006-230-01)

This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New libtiff packages are available for Slackware 9.0, 9.1, 10.0,
10.1, 10.2, and -current to fix security issues. These issues could be
used to crash programs linked to libtiff or possibly to execute code
as the program's user. Thanks to Tavis Ormandy and the Google Security
Team.

See also :

http://www.nessus.org/u?27722a90

Solution :

Update the affected libtiff package.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Slackware Local Security Checks

Nessus Plugin ID: 22236 ()

Bugtraq ID: 19287

CVE ID: CVE-2006-3459
CVE-2006-3460
CVE-2006-3461
CVE-2006-3462
CVE-2006-3463
CVE-2006-3464
CVE-2006-3465