 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0269 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0269) |
| Zusammenfassung: | The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2017-0269 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2017-0269 advisory. Vulnerability Insight: Eric Sesterhenn discovered that the X.Org X server incorrectly compared MIT cookies. An attacker could possibly use this issue to perform a timing attack and recover the MIT cookie (CVE-2017-2624). It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly execute arbitrary code as an administrator (CVE-2017-10971). It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information (CVE-2017-10972). Use-after-free issue in an unused function in XDM (boo#1025035). Affected Software/OS: 'x11-server' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-10971 BugTraq ID: 99546 http://www.securityfocus.com/bid/99546 Debian Security Information: DSA-3905 (Google Search) http://www.debian.org/security/2017/dsa-3905 https://bugzilla.suse.com/show_bug.cgi?id=1035283 https://cgit.freedesktop.org/xorg/xserver/commit/?id=215f894965df5fb0bb45b107d84524e700d2073c https://cgit.freedesktop.org/xorg/xserver/commit/?id=8caed4df36b1f802b4992edcfd282cbeeec35d9d https://cgit.freedesktop.org/xorg/xserver/commit/?id=ba336b24052122b136486961c82deac76bbde455 Common Vulnerability Exposure (CVE) ID: CVE-2017-10972 BugTraq ID: 99543 http://www.securityfocus.com/bid/99543 https://cgit.freedesktop.org/xorg/xserver/commit/?id=05442de962d3dc624f79fc1a00eca3ffc5489ced Common Vulnerability Exposure (CVE) ID: CVE-2017-2624 1037919 http://www.securitytracker.com/id/1037919 96480 http://www.securityfocus.com/bid/96480 GLSA-201704-03 https://security.gentoo.org/glsa/201704-03 GLSA-201710-30 https://security.gentoo.org/glsa/201710-30 [debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624 https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |