Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-557-1: GD library vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-557-1: GD library vulnerability
# 1  
Old 12-24-2007
USN-557-1: GD library vulnerability
Referenced CVEs:
CVE-2007-3996


Description:
=========================================================== Ubuntu Security Notice USN-557-1 December 18, 2007libgd2 vulnerabilityCVE-2007-3996===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libgd2-noxpm 2.0.33-2ubuntu5.3 libgd2-xpm 2.0.33-2ubuntu5.3Ubuntu 6.10: libgd2-noxpm 2.0.33-4ubuntu2.2 libgd2-xpm 2.0.33-4ubuntu2.2Ubuntu 7.04: libgd2-noxpm 2.0.34~rc1-2ubuntu1.2 libgd2-xpm 2.0.34~rc1-2ubuntu1.2Ubuntu 7.10: libgd2-noxpm 2.0.34-1ubuntu1.1 libgd2-xpm 2.0.34-1ubuntu1.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Mattias Bengtsson and Philip Olausson discovered that the GDlibrary did not properly perform bounds checking when creatingimages. An attacker could send specially crafted input toapplications linked against libgd2 and cause a denial of serviceor possibly execute arbitrary code.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT OSX

openpam_get_option

OPENPAM_GET_OPTION(3)					   BSD Library Functions Manual 				     OPENPAM_GET_OPTION(3)

NAME

     openpam_get_option -- returns the value of a module option

LIBRARY

     Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS

     #include <sys/types.h>
     #include <security/pam_appl.h>
     #include <security/openpam.h>

     const char *
     openpam_get_option(pam_handle_t *pamh, const char *option);

DESCRIPTION

     The openpam_get_option function returns the value of the specified option in the context of the currently executing service module, or NULL
     if the option is not set or no module is currently executing.

RETURN VALUES

     The openpam_get_option function returns NULL on failure.

SEE ALSO

     openpam_set_option(3), pam(3)

STANDARDS

     The openpam_get_option function is an OpenPAM extension.

AUTHORS

     The openpam_get_option function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laborato-
     ries, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the
     DARPA CHATS research program.

BSD
								 December 21, 2007							       BSD