(Mandrake Issues Fix) LibTIFF Integer Overflow in 'tif_dirread' Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1011797
|
|
SecurityTracker URL: http://securitytracker.com/id?1011797
|
|
CVE Reference: CAN-2004-0804
(Links to External Site)
|
Date: Oct 20 2004
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 3.6.1
|
Description: A vulnerability was reported in LibTIFF. A remote user can cause an application using LibTIFF to crash.
Debian reported that Matthias Clasen discovered a division by zero error through an integer overflow. The flaw resides in 'libtiff/tif_dirread.c'.
|
Impact: A remote user can cause the target application to crash.
|
Solution: Mandrake has issued a fix.
Mandrakelinux 10.0:
576f3f4425bc5fd3964ee756c7b07911 10.0/RPMS/libtiff-progs-3.5.7-11.3.100mdk.i586.rpm
c90b3f50c9b77df8c371f67bfa3e2b70 10.0/RPMS/libtiff3-3.5.7-11.3.100mdk.i586.rpm
2d311351cccdaaa562c111df431b5991 10.0/RPMS/libtiff3-devel-3.5.7-11.3.100mdk.i586.rpm
97305d2953e6cb6803eed50258f986bf 10.0/RPMS/libtiff3-static-devel-3.5.7-11.3.100mdk.i586.rpm
5ed026a15c36fbf9549aab45e3b316a8
10.0/SRPMS/libtiff-3.5.7-11.3.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
fe25717aa92b9ab9605e56c698b3d503 amd64/10.0/RPMS/lib64tiff3-3.5.7-11.3.100mdk.amd64.rpm
1aa9f1f774688a7f2b0ff9eaf262b0bd amd64/10.0/RPMS/lib64tiff3-devel-3.5.7-11.3.100mdk.amd64.rpm
e54c029e1773c399ce5bf5ae10ff039c
amd64/10.0/RPMS/lib64tiff3-static-devel-3.5.7-11.3.100mdk.amd64.rpm
9af6fface533b9154f31c9465ebe6627 amd64/10.0/RPMS/libtiff-progs-3.5.7-11.3.100mdk.amd64.rpm
5ed026a15c36fbf9549aab45e3b316a8 amd64/10.0/SRPMS/libtiff-3.5.7-11.3.100mdk.src.rpm
Corporate Server 2.1:
6c4379d187d9ec039662798e9b362355
corporate/2.1/RPMS/libtiff3-3.5.7-5.3.C21mdk.i586.rpm
85c13f580bb2d63d4d58abc1aaacc2cb corporate/2.1/RPMS/libtiff3-devel-3.5.7-5.3.C21mdk.i586.rpm
e3777ef5ae71981647917a33e1c61dc5 corporate/2.1/RPMS/libtiff3-progs-3.5.7-5.3.C21mdk.i586.rpm
814c3358360b600e6315809014ba6d0f
corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-5.3.C21mdk.i586.rpm
8f2e9fe94535910dfddac0f808857b21 corporate/2.1/SRPMS/libtiff-3.5.7-5.3.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
7a1e261ba70abb98379c25a0137d3262 x86_64/corporate/2.1/RPMS/libtiff3-3.5.7-5.3.C21mdk.x86_64.rpm
56922155c2d3b3f5701523e5a435091b x86_64/corporate/2.1/RPMS/libtiff3-devel-3.5.7-5.3.C21mdk.x86_64.rpm
f108ffef73d357abe75745f4127e2003
x86_64/corporate/2.1/RPMS/libtiff3-progs-3.5.7-5.3.C21mdk.x86_64.rpm
8492ab4eb68912cb7c68094b1f2ad4d2 x86_64/corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-5.3.C21mdk
.x86_64.rpm
8f2e9fe94535910dfddac0f808857b21 x86_64/corporate/2.1/SRPMS/libtiff-3.5.7-5.3.C21mdk.src.rpm
Mandrakelinux 9.2:
342e0d46d16b48bf732061c0c0aef9d6 9.2/RPMS/libtiff-progs-3.5.7-11.3.92mdk.i586.rpm
8d7505fbef628f238f0f8f6a2c4c4ce6 9.2/RPMS/libtiff3-3.5.7-11.3.92mdk.i586.rpm
3a5d661ee581b681ca2c66e3d7b0fad4 9.2/RPMS/libtiff3-devel-3.5.7-11.3.92mdk.i586.rpm
fd754879c44546c1d39568efbe7ebc32 9.2/RPMS/libtiff3-static-devel-3.5.7-11.3.92mdk.i5
86.rpm
7ababace2eca1f1dbfb230edb327e997 9.2/SRPMS/libtiff-3.5.7-11.3.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
97281fdf37e1a5159b128e3db7b7066b
amd64/9.2/RPMS/lib64tiff3-3.5.7-11.3.92mdk.amd64.rpm
edeb5789fdc7aae046cdae4b2a5d9771 amd64/9.2/RPMS/lib64tiff3-devel-3.5.7-11.3.92mdk.amd64.rpm
ea32d0fd16551af256217c3b4e0abea0 amd64/9.2/RPMS/lib64tiff3-static-devel-3.5.7-11.3.92mdk.amd64.rpm
fe4055ad1f177b872b409613c0d57ba9
amd64/9.2/RPMS/libtiff-progs-3.5.7-11.3.92mdk.amd64.rpm
7ababace2eca1f1dbfb230edb327e997 amd64/9.2/SRPMS/libtiff-3.5.7-11.3.92mdk.src.rpm
Multi Network Firewall 8.2:
b0f9f6c27d00b5108df636362c6257a0 mnf8.2/RPMS/libtiff3-3.5.5-9.3.M82mdk.i586.rpm
379fd60beb9138056a957ccbd026da69
mnf8.2/SRPMS/libtiff-3.5.5-9.3.M82mdk.src.rpm
|
Vendor URL: www.libtiff.org/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Mandrake)
|
Underlying OS Comments: 10.0, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2
|
Reported By: Mandrake Linux Security Team <security@linux-mandrake.com>
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: 20 Oct 2004 04:32:31 -0000
From: Mandrake Linux Security Team <security@linux-mandrake.com>
Subject: [Full-Disclosure] MDKSA-2004:109 - Updated libtiff packages fix multiple vulnerabilities
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: libtiff
Advisory ID: MDKSA-2004:109
Date: October 19th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Several vulnerabilities have been discovered in the libtiff package:
Chris Evans discovered several problems in the RLE (run length
encoding) decoders that could lead to arbitrary code execution.
(CAN-2004-0803)
Matthias Clasen discovered a division by zero through an integer
overflow. (CAN-2004-0804)
Dmitry V. Levin discovered several integer overflows that caused
malloc issues which can result to either plain crash or memory
corruption. (CAN-2004-0886)
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
576f3f4425bc5fd3964ee756c7b07911 10.0/RPMS/libtiff-progs-3.5.7-11.3.100mdk.i586.rpm
c90b3f50c9b77df8c371f67bfa3e2b70 10.0/RPMS/libtiff3-3.5.7-11.3.100mdk.i586.rpm
2d311351cccdaaa562c111df431b5991 10.0/RPMS/libtiff3-devel-3.5.7-11.3.100mdk.i586.rpm
97305d2953e6cb6803eed50258f986bf 10.0/RPMS/libtiff3-static-devel-3.5.7-11.3.100mdk.i586.rpm
5ed026a15c36fbf9549aab45e3b316a8 10.0/SRPMS/libtiff-3.5.7-11.3.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
fe25717aa92b9ab9605e56c698b3d503 amd64/10.0/RPMS/lib64tiff3-3.5.7-11.3.100mdk.amd64.rpm
1aa9f1f774688a7f2b0ff9eaf262b0bd amd64/10.0/RPMS/lib64tiff3-devel-3.5.7-11.3.100mdk.amd64.rpm
e54c029e1773c399ce5bf5ae10ff039c amd64/10.0/RPMS/lib64tiff3-static-devel-3.5.7-11.3.100mdk.amd64.rp
m
9af6fface533b9154f31c9465ebe6627 amd64/10.0/RPMS/libtiff-progs-3.5.7-11.3.100mdk.amd64.rpm
5ed026a15c36fbf9549aab45e3b316a8 amd64/10.0/SRPMS/libtiff-3.5.7-11.3.100mdk.src.rpm
Corporate Server 2.1:
6c4379d187d9ec039662798e9b362355 corporate/2.1/RPMS/libtiff3-3.5.7-5.3.C21mdk.i586.rpm
85c13f580bb2d63d4d58abc1aaacc2cb corporate/2.1/RPMS/libtiff3-devel-3.5.7-5.3.C21mdk.i586.rpm
e3777ef5ae71981647917a33e1c61dc5 corporate/2.1/RPMS/libtiff3-progs-3.5.7-5.3.C21mdk.i586.rpm
814c3358360b600e6315809014ba6d0f corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-5.3.C21mdk.i586.rpm
8f2e9fe94535910dfddac0f808857b21 corporate/2.1/SRPMS/libtiff-3.5.7-5.3.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
7a1e261ba70abb98379c25a0137d3262 x86_64/corporate/2.1/RPMS/libtiff3-3.5.7-5.3.C21mdk.x86_64.rpm
56922155c2d3b3f5701523e5a435091b x86_64/corporate/2.1/RPMS/libtiff3-devel-3.5.7-5.3.C21mdk.x86_64.r
pm
f108ffef73d357abe75745f4127e2003 x86_64/corporate/2.1/RPMS/libtiff3-progs-3.5.7-5.3.C21mdk.x86_64.r
pm
8492ab4eb68912cb7c68094b1f2ad4d2 x86_64/corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-5.3.C21mdk.x
86_64.rpm
8f2e9fe94535910dfddac0f808857b21 x86_64/corporate/2.1/SRPMS/libtiff-3.5.7-5.3.C21mdk.src.rpm
Mandrakelinux 9.2:
342e0d46d16b48bf732061c0c0aef9d6 9.2/RPMS/libtiff-progs-3.5.7-11.3.92mdk.i586.rpm
8d7505fbef628f238f0f8f6a2c4c4ce6 9.2/RPMS/libtiff3-3.5.7-11.3.92mdk.i586.rpm
3a5d661ee581b681ca2c66e3d7b0fad4 9.2/RPMS/libtiff3-devel-3.5.7-11.3.92mdk.i586.rpm
fd754879c44546c1d39568efbe7ebc32 9.2/RPMS/libtiff3-static-devel-3.5.7-11.3.92mdk.i586.rpm
7ababace2eca1f1dbfb230edb327e997 9.2/SRPMS/libtiff-3.5.7-11.3.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
97281fdf37e1a5159b128e3db7b7066b amd64/9.2/RPMS/lib64tiff3-3.5.7-11.3.92mdk.amd64.rpm
edeb5789fdc7aae046cdae4b2a5d9771 amd64/9.2/RPMS/lib64tiff3-devel-3.5.7-11.3.92mdk.amd64.rpm
ea32d0fd16551af256217c3b4e0abea0 amd64/9.2/RPMS/lib64tiff3-static-devel-3.5.7-11.3.92mdk.amd64.rpm
fe4055ad1f177b872b409613c0d57ba9 amd64/9.2/RPMS/libtiff-progs-3.5.7-11.3.92mdk.amd64.rpm
7ababace2eca1f1dbfb230edb327e997 amd64/9.2/SRPMS/libtiff-3.5.7-11.3.92mdk.src.rpm
Multi Network Firewall 8.2:
b0f9f6c27d00b5108df636362c6257a0 mnf8.2/RPMS/libtiff3-3.5.5-9.3.M82mdk.i586.rpm
379fd60beb9138056a957ccbd026da69 mnf8.2/SRPMS/libtiff-3.5.5-9.3.M82mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBdepfmqjQ0CJFipgRAsAqAJ46l450VXTsbDQ6ZqmSDAnbdVP81gCg5YL8
8ltMT/xV+7GPLMQdgvTZ0r4=
=b2oa
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
|
|
