Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunity - new!Blog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Debian update for libexif
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Debian update for libexif
Secunia Advisory: SA25717
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2007-06-18
Popularity: 4,278 views

Critical:
Moderately critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

OS:Debian GNU/Linux 3.1
Debian GNU/Linux 4.0
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2006-4168
Description:
Debian has issued an update for libexif. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

For more information:
SA25642

Solution:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

Source archives:

http://security.debian.org/pool/updat...libexif/libexif_0.6.9-6sarge1.diff.gz
Size/MD5 checksum: 4786 7f1c3acc1bd7a5cbba3d5902243641f3
http://security.debian.org/pool/updat...ibe/libexif/libexif_0.6.9-6sarge1.dsc
Size/MD5 checksum: 591 42d25baee97586f3ea1498a8f48ccf4a
http://security.debian.org/pool/updat...ibe/libexif/libexif_0.6.9.orig.tar.gz
Size/MD5 checksum: 520956 0aa142335a8a00c32bb6c7dbfe95fc24

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updat...f/libexif-dev_0.6.9-6sarge1_alpha.deb
Size/MD5 checksum: 87472 b89fd309bcdbffe922868fdc94ae3995
http://security.debian.org/pool/updat...xif/libexif10_0.6.9-6sarge1_alpha.deb
Size/MD5 checksum: 87512 dfe1e955fa930314229d7bb60e3ff836

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...xif/libexif10_0.6.9-6sarge1_amd64.deb
Size/MD5 checksum: 82032 4c5f701021eb2000bc3ef6f883567ce2
http://security.debian.org/pool/updat...f/libexif-dev_0.6.9-6sarge1_amd64.deb
Size/MD5 checksum: 67686 16b056d71ca768c86008dcee30866f60

arm architecture (ARM)

http://security.debian.org/pool/updat...bexif/libexif10_0.6.9-6sarge1_arm.deb
Size/MD5 checksum: 77166 2aa58aba802cace8d19c69bde064353f
http://security.debian.org/pool/updat...xif/libexif-dev_0.6.9-6sarge1_arm.deb
Size/MD5 checksum: 63856 c4d53b9592202e1fdd33488fd60c6d34

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat...if/libexif-dev_0.6.9-6sarge1_hppa.deb
Size/MD5 checksum: 72520 ee8e668619021e6b7835008ff995b7d9
http://security.debian.org/pool/updat...exif/libexif10_0.6.9-6sarge1_hppa.deb
Size/MD5 checksum: 87552 98de1cc25069f89469b2d27163f5899b

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...exif/libexif10_0.6.9-6sarge1_i386.deb
Size/MD5 checksum: 81852 c160054570be46b37aea3eab9b4eaccb
http://security.debian.org/pool/updat...if/libexif-dev_0.6.9-6sarge1_i386.deb
Size/MD5 checksum: 67106 d068596d9648d1ce07eab1cc960cc64c

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...if/libexif-dev_0.6.9-6sarge1_ia64.deb
Size/MD5 checksum: 84206 0246ab59dabd154efd976ff66bc92f41
http://security.debian.org/pool/updat...exif/libexif10_0.6.9-6sarge1_ia64.deb
Size/MD5 checksum: 95380 154b1660da3aa9de555d2a01771069f6

m68k architecture (Motorola Mc680x0)

http://security.debian.org/pool/updat...exif/libexif10_0.6.9-6sarge1_m68k.deb
Size/MD5 checksum: 79144 d4efcd6b0d598fbdb5f63a8737f49964
http://security.debian.org/pool/updat...if/libexif-dev_0.6.9-6sarge1_m68k.deb
Size/MD5 checksum: 57968 d746fafbc55a58c83920a6630b416365

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat...if/libexif-dev_0.6.9-6sarge1_mips.deb
Size/MD5 checksum: 68116 231d9384f29995322dca3d138aa0bd41
http://security.debian.org/pool/updat...exif/libexif10_0.6.9-6sarge1_mips.deb
Size/MD5 checksum: 77876 d245ced8cef61e9b29c01891fb28be83

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat...if/libexif10_0.6.9-6sarge1_mipsel.deb
Size/MD5 checksum: 77066 a803eeb2551df736a9ad6bfbcd4aec5d
http://security.debian.org/pool/updat.../libexif-dev_0.6.9-6sarge1_mipsel.deb
Size/MD5 checksum: 67570 a4962d489742e261878d1e76072de447

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...if/libexif-dev_0.6.9-6sarge1_s390.deb
Size/MD5 checksum: 69688 921fe72654e3fb1d8f43dc40c67f2196
http://security.debian.org/pool/updat...exif/libexif10_0.6.9-6sarge1_s390.deb
Size/MD5 checksum: 82194 e452ad17bc755a7896789d72ba6a19ef

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updat...xif/libexif10_0.6.9-6sarge1_sparc.deb
Size/MD5 checksum: 80210 5af15c3f4ba80c2349b22e31fdace319
http://security.debian.org/pool/updat...f/libexif-dev_0.6.9-6sarge1_sparc.deb
Size/MD5 checksum: 66224 eff51355ec2cc7ad61a8cafd51b7827d

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updat...ibe/libexif/libexif_0.6.13-5etch1.dsc
Size/MD5 checksum: 611 1ef82262d96e0b157f7ee74bfad7cf1f
http://security.debian.org/pool/updat...be/libexif/libexif_0.6.13.orig.tar.gz
Size/MD5 checksum: 727418 e5ad93c170bfb4fed6dc3e1c7a7948cb
http://security.debian.org/pool/updat...libexif/libexif_0.6.13-5etch1.diff.gz
Size/MD5 checksum: 9163 476ae8f1ef4103144ca0f3ea59e88ca4

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updat...f/libexif-dev_0.6.13-5etch1_alpha.deb
Size/MD5 checksum: 1067984 e5c33b25fd459761ea2d19d9142b5cdf
http://security.debian.org/pool/updat...xif/libexif12_0.6.13-5etch1_alpha.deb
Size/MD5 checksum: 148336 88bc8cc66ad78ddf4b096015148dba82

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...xif/libexif12_0.6.13-5etch1_amd64.deb
Size/MD5 checksum: 142954 ceeccbe1112250949070f1c06b78536c
http://security.debian.org/pool/updat...f/libexif-dev_0.6.13-5etch1_amd64.deb
Size/MD5 checksum: 1044550 b55daeeb41735e7f3024d68186643805

arm architecture (ARM)

http://security.debian.org/pool/updat...xif/libexif-dev_0.6.13-5etch1_arm.deb
Size/MD5 checksum: 997646 18411c1a63d5d4e537992140cbdf7721
http://security.debian.org/pool/updat...bexif/libexif12_0.6.13-5etch1_arm.deb
Size/MD5 checksum: 135988 1195dbf898c9550590a2a76b327a4eb4

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat...exif/libexif12_0.6.13-5etch1_hppa.deb
Size/MD5 checksum: 147200 dece4fe67839197f3f4cbac78aec2a43
http://security.debian.org/pool/updat...if/libexif-dev_0.6.13-5etch1_hppa.deb
Size/MD5 checksum: 1013194 6de2cec24dffdeffa1abf69175d48962

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...if/libexif-dev_0.6.13-5etch1_i386.deb
Size/MD5 checksum: 998686 19d1987a4222f5da26521ba96dbf20cf
http://security.debian.org/pool/updat...exif/libexif12_0.6.13-5etch1_i386.deb
Size/MD5 checksum: 139954 73713093a5b8e423284e7bc5bd55a120

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...exif/libexif12_0.6.13-5etch1_ia64.deb
Size/MD5 checksum: 159424 f1a821774f55ffc4e1aa1238d05835e3
http://security.debian.org/pool/updat...if/libexif-dev_0.6.13-5etch1_ia64.deb
Size/MD5 checksum: 1028554 c599bc392ff53a2f1b8da9d0270dd6b1

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat...exif/libexif12_0.6.13-5etch1_mips.deb
Size/MD5 checksum: 136666 42403f5fe88c1608fbd99e24b0fba51a
http://security.debian.org/pool/updat...if/libexif-dev_0.6.13-5etch1_mips.deb
Size/MD5 checksum: 1008580 24c2d6980675f456a8771b665ea43b75

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat...if/libexif12_0.6.13-5etch1_mipsel.deb
Size/MD5 checksum: 136120 fea308e90afe74d83dbc00d800d08a3d
http://security.debian.org/pool/updat.../libexif-dev_0.6.13-5etch1_mipsel.deb
Size/MD5 checksum: 1008154 6c88505ee31716eb604d1d1ccdbf33f0

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...libexif-dev_0.6.13-5etch1_powerpc.deb
Size/MD5 checksum: 1005486 997bbd5a30ba6012c8394df7bd95d095
http://security.debian.org/pool/updat...f/libexif12_0.6.13-5etch1_powerpc.deb
Size/MD5 checksum: 138166 41e221f883a8eac1f080068e71633f1e

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...if/libexif-dev_0.6.13-5etch1_s390.deb
Size/MD5 checksum: 1007740 9aa83ad28b7b41d0c4121f0084a0650e
http://security.debian.org/pool/updat...exif/libexif12_0.6.13-5etch1_s390.deb
Size/MD5 checksum: 143518 4f99aa499f2d4d620a4f21709d2035f7

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updat...f/libexif-dev_0.6.13-5etch1_sparc.deb
Size/MD5 checksum: 1002722 c869b8a61874428e206f01b5e67fbb1b
http://security.debian.org/pool/updat...xif/libexif12_0.6.13-5etch1_sparc.deb
Size/MD5 checksum: 138310 13569b4111b772a4a2be29727dd21d2d

Original Advisory:
http://lists.debian.org/debian-securi...-security-announce-2007/msg00070.html
http://lists.debian.org/debian-securi...-security-announce-2007/msg00071.html

Other References:
SA25642:
http://secunia.com/advisories/25642/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 33
New vulnerabilities: 55
Updated advisories: 56

Moderately // 172 views
RakhiSoftware Shopping Cart Multiple Vulnerabilities
Moderately // 181 views
Lito Lite CMS "cid" SQL Injection Vulnerability
Moderately // 184 views
Basic PHP CMS "id" SQL Injection Vulnerability
Less // 352 views
Microsoft Office Communications Server SIP INVITE Denial of Service
Moderately // 193 views
Bluo CMS "id" SQL Injection Vulnerability
Moderately // 207 views
Active eWebquiz "useremail" and "password" SQL Injection Vulnerabilities
Highly // 200 views
Minimal Ablog Multiple Vulnerabilities
Moderately // 203 views
Active Newsletter "email" and "password" SQL Injection Vulnerabilities
Moderately // 198 views
Ocean12 FAQ Manager Pro "ID" SQL Injection Vulnerability
Moderately // 218 views
Active Photo Gallery "username" and "password" SQL Injection

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 123 views
2. Microsoft Office Communications Server SIP INVITE Denial of Service // 80 views
3. VLC Media Player Real Demuxer Integer Overflow Vulnerability // 68 views
4. Adobe Flash Player Multiple Security Issues and Vulnerabilities // 64 views
5. Lito Lite CMS "cid" SQL Injection Vulnerability // 35 views
6. Bluo CMS "id" SQL Injection Vulnerability // 32 views
7. Mozilla Firefox 3 Multiple Vulnerabilities // 31 views
8. RakhiSoftware Shopping Cart Multiple Vulnerabilities // 27 views
9. Adobe Acrobat/Reader Multiple Vulnerabilities // 27 views
10. BlackBerry Desktop Software FlexNET Connect ActiveX Control Vulnerability // 27 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008