Mandrake Linux Security Advisory : tetex (MDKSA-2007:124)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A flaw in libgd2 was found by Xavier Roche where it would not
correctly validate PNG callback results. If an application linked
against libgd2 was tricked into processing a specially crafted PNG
file, it could cause a denial of service scenario via CPU resource
consumption.

Tetex uses an embedded copy of the gd source and may also be affected
by this issue.

The updated packages have been patched to prevent this issue.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Mandriva Local Security Checks

Nessus Plugin ID: 25518 (mandrake_MDKSA-2007-124.nasl)

Bugtraq ID: 24089

CVE ID: CVE-2007-2756

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now