Summary
The remote host is missing an update to netpbm-free announced via advisory DSA 1579-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201579-1
Insight
A vulnerability was discovered in the GIF reader implementation in netpbm-free, a suite of image manipulation utilities. Insufficient input data validation could allow a maliciously-crafted GIF file to overrun a stack buffer, potentially permitting the execution of arbitrary code.
For the stable distribution (etch), these problems have been fixed in version 2:10.0-11.1+etch1.
For the unstable distribution (sid), these problems were fixed in version 2:10.0-11.1.
We recommend that you upgrade your netpbm packages.
Severity
Classification
-
CVE CVE-2008-0554 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities