Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2007-005 (xorg-x11)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.57773
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2007-005 (xorg-x11)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to xorg-x11 announced via advisory MDKSA-2007-005. Sean Larsson of iDefense Labs discovered several vulnerabilities in X.Org/XFree86: Local exploitation of a memory corruption vulnerability in the 'ProcRenderAddGlyphs()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. (CVE-2006-6101) Local exploitation of a memory corruption vulnerability in the 'ProcDbeGetVisualInfo()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. (CVE-2006-6102) Local exploitation of a memory corruption vulnerability in the 'ProcDbeSwapBuffers()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. (CVE-2006-6103) Updated packages are patched to address these issues. Affected: 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007-005 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6101 1017495 http://securitytracker.com/id?1017495 102803 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1 20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463 21968 http://www.securityfocus.com/bid/21968 23633 http://secunia.com/advisories/23633 23670 http://secunia.com/advisories/23670 23684 http://secunia.com/advisories/23684 23689 http://secunia.com/advisories/23689 23698 http://secunia.com/advisories/23698 23705 http://secunia.com/advisories/23705 23758 http://secunia.com/advisories/23758 23789 http://secunia.com/advisories/23789 23966 http://secunia.com/advisories/23966 24168 http://secunia.com/advisories/24168 24210 http://secunia.com/advisories/24210 24247 http://secunia.com/advisories/24247 24401 http://secunia.com/advisories/24401 25802 http://secunia.com/advisories/25802 32084 http://osvdb.org/32084 ADV-2007-0108 http://www.vupen.com/english/advisories/2007/0108 ADV-2007-0109 http://www.vupen.com/english/advisories/2007/0109 ADV-2007-0589 http://www.vupen.com/english/advisories/2007/0589 ADV-2007-0669 http://www.vupen.com/english/advisories/2007/0669 ADV-2007-2233 http://www.vupen.com/english/advisories/2007/2233 DSA-1249 https://www.debian.org/security/2007/dsa-1249 GLSA-200701-25 http://security.gentoo.org/glsa/glsa-200701-25.xml HPSBUX02225 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01075678 MDKSA-2007:005 http://www.mandriva.com/security/advisories?name=MDKSA-2007:005 NetBSD-SA2007-002 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc RHSA-2007:0002 http://www.redhat.com/support/errata/RHSA-2007-0002.html RHSA-2007:0003 http://www.redhat.com/support/errata/RHSA-2007-0003.html SSA:2007-066-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555 SSRT071295 SUSE-SA:2007:008 http://www.novell.com/linux/security/advisories/2007_08_x.html USN-403-1 http://www.ubuntu.com/usn/usn-403-1 [x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm https://issues.rpath.com/browse/RPL-920 oval:org.mitre.oval:def:10490 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490 xorg-xserver-render-overflow(31337) https://exchange.xforce.ibmcloud.com/vulnerabilities/31337 Common Vulnerability Exposure (CVE) ID: CVE-2006-6102 20070109 Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464 32085 http://osvdb.org/32085 oval:org.mitre.oval:def:9991 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9991 xorg-xserver-dbe-overflow(31376) https://exchange.xforce.ibmcloud.com/vulnerabilities/31376 Common Vulnerability Exposure (CVE) ID: CVE-2006-6103 20070109 Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465 32086 http://osvdb.org/32086 oval:org.mitre.oval:def:11011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11011 xorg-xserver-dbe-swap-overflow(31379) https://exchange.xforce.ibmcloud.com/vulnerabilities/31379
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com