Test Kennung:	1.3.6.1.4.1.25623.1.0.61138
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2008:116 (x11-server)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to x11-server announced via advisory MDVSA-2008:116. An input validation flaw was found in X.org's Security and Record extensions. A malicious authorized client could exploit the issue to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server (CVE-2008-1377). An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server (CVE-2008-1379). Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could explot these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server (CVE-2008-2360, CVE-2008-2361, CVE-2008-2362). In addition, this update corrects a problem that could cause memory corruption or segfaults in the render code of the vnc server on Mandriva Linux 2008.1 The updated packages have been patched to prevent these issues. Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:116 http://qa.mandriva.com/show_bug.cgi?id=37514 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1377 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html Bugtraq: 20080620 rPSA-2008-0200-1 xorg-server (Google Search) http://www.securityfocus.com/archive/1/493548/100/0/threaded Bugtraq: 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search) http://www.securityfocus.com/archive/1/493550/100/0/threaded Debian Security Information: DSA-1595 (Google Search) http://www.debian.org/security/2008/dsa-1595 http://security.gentoo.org/glsa/glsa-200806-07.xml http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml HPdes Security Advisory: HPSBUX02381 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 HPdes Security Advisory: SSRT080083 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721 http://www.mandriva.com/security/advisories?name=MDVSA-2008:115 http://www.mandriva.com/security/advisories?name=MDVSA-2008:116 http://lists.freedesktop.org/archives/xorg/2008-June/036026.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10109 RedHat Security Advisories: RHSA-2008:0502 http://rhn.redhat.com/errata/RHSA-2008-0502.html http://www.redhat.com/support/errata/RHSA-2008-0503.html RedHat Security Advisories: RHSA-2008:0504 http://rhn.redhat.com/errata/RHSA-2008-0504.html RedHat Security Advisories: RHSA-2008:0512 http://rhn.redhat.com/errata/RHSA-2008-0512.html http://securitytracker.com/id?1020247 http://secunia.com/advisories/30627 http://secunia.com/advisories/30628 http://secunia.com/advisories/30629 http://secunia.com/advisories/30630 http://secunia.com/advisories/30637 http://secunia.com/advisories/30659 http://secunia.com/advisories/30664 http://secunia.com/advisories/30666 http://secunia.com/advisories/30671 http://secunia.com/advisories/30715 http://secunia.com/advisories/30772 http://secunia.com/advisories/30809 http://secunia.com/advisories/30843 http://secunia.com/advisories/31025 http://secunia.com/advisories/31109 http://secunia.com/advisories/32099 http://secunia.com/advisories/32545 http://secunia.com/advisories/33937 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1 SuSE Security Announcement: SUSE-SA:2008:027 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html SuSE Security Announcement: SUSE-SR:2008:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html http://www.ubuntu.com/usn/usn-616-1 http://www.vupen.com/english/advisories/2008/1803 http://www.vupen.com/english/advisories/2008/1833 http://www.vupen.com/english/advisories/2008/1983/references http://www.vupen.com/english/advisories/2008/3000 Common Vulnerability Exposure (CVE) ID: CVE-2008-1379 BugTraq ID: 29669 http://www.securityfocus.com/bid/29669 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722 http://www.mandriva.com/security/advisories?name=MDVSA-2008:179 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966 http://securitytracker.com/id?1020246 XForce ISS Database: xorg-fbshmputimage-information-disclosure(43016) https://exchange.xforce.ibmcloud.com/vulnerabilities/43016 Common Vulnerability Exposure (CVE) ID: CVE-2008-2360 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=718 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9329 http://securitytracker.com/id?1020243 Common Vulnerability Exposure (CVE) ID: CVE-2008-2361 BugTraq ID: 29665 http://www.securityfocus.com/bid/29665 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=719 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8978 http://securitytracker.com/id?1020244 Common Vulnerability Exposure (CVE) ID: CVE-2008-2362 BugTraq ID: 29670 http://www.securityfocus.com/bid/29670 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246 http://securitytracker.com/id?1020245
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.