Test Kennung:	1.3.6.1.4.1.25623.1.0.56691
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2006-123-01)
Zusammenfassung:	The remote host is missing an update for the 'xorg' package(s) announced via the SSA:2006-123-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xorg' package(s) announced via the SSA:2006-123-01 advisory. Vulnerability Insight: New xorg and xorg-devel packages are available for Slackware 10.1, 10.2, and -current to fix a security issue. A typo in the X render extension in X.Org 6.8.0 or later allows an X client to crash the server and possibly to execute arbitrary code as the X server user (typically this is 'root'.) More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] The advisory from X.Org may be found here: [link moved to references] Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/x11-6.8.2-i486-5.tgz: Patched with x11r6.9.0-mitri.diff and recompiled. A typo in the X render extension allows an X client to crash the server and possibly to execute arbitrary code as the X server user (typically this is 'root'.) The CVE entry for this issue may be found here: [link moved to references] The advisory from X.Org may be found here: [link moved to references] (* Security fix *) patches/packages/x11-devel-6.8.2-i486-5.tgz: Patched and recompiled libXrender. (* Security fix *) +--------------------------+ Affected Software/OS: 'xorg' package(s) on Slackware 10.1, Slackware 10.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1526 1016018 http://securitytracker.com/id?1016018 102339 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102339-1 17795 http://www.securityfocus.com/bid/17795 19900 http://secunia.com/advisories/19900 19915 http://secunia.com/advisories/19915 19916 http://secunia.com/advisories/19916 19921 http://secunia.com/advisories/19921 19943 http://secunia.com/advisories/19943 19951 http://secunia.com/advisories/19951 19956 http://secunia.com/advisories/19956 19983 http://secunia.com/advisories/19983 2006-0024 http://www.trustix.org/errata/2006/0024 ADV-2006-1617 http://www.vupen.com/english/advisories/2006/1617 FLSA:190777 http://www.securityfocus.com/archive/1/436327/100/0/threaded GLSA-200605-02 http://www.gentoo.org/security/en/glsa/glsa-200605-02.xml MDKSA-2006:081 http://www.mandriva.com/security/advisories?name=MDKSA-2006:081 RHSA-2006:0451 http://www.redhat.com/support/errata/RHSA-2006-0451.html SUSE-SA:2006:023 http://www.novell.com/linux/security/advisories/2006_05_03.html USN-280-1 https://usn.ubuntu.com/280-1/ VU#633257 http://www.kb.cert.org/vuls/id/633257 [3.8] 007: SECURITY FIX: May 2, 2006 http://www.openbsd.org/errata38.html#xorg [xorg] 20060502 [CVE-2006-1525] X.Org security advisory: Buffer overflow in the Xrender extension http://lists.freedesktop.org/archives/xorg/2006-May/015136.html https://bugs.freedesktop.org/show_bug.cgi?id=6642 oval:org.mitre.oval:def:9929 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9929 xorg-xrender-bo(26200) https://exchange.xforce.ibmcloud.com/vulnerabilities/26200
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.