Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2017.0330
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2017-0330)
Zusammenfassung:	The remote host is missing an update for the 'libxdmcp' package(s) announced via the MGASA-2017-0330 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libxdmcp' package(s) announced via the MGASA-2017-0330 advisory. Vulnerability Insight: XDM uses weak entropy to generate the session keys on non BSD systems. On multi user systems it might possible to check the PID of the process and how long it is running to get an estimate of these values, which could allow an attacker to attach to the session of a different user (CVE-2017-2625). Affected Software/OS: 'libxdmcp' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2625 1037919 http://www.securitytracker.com/id/1037919 96480 http://www.securityfocus.com/bid/96480 GLSA-201704-03 https://security.gentoo.org/glsa/201704-03 RHSA-2017:1865 https://access.redhat.com/errata/RHSA-2017:1865 [debian-lts-announce] 20191125 [SECURITY] [DLA 2006-1] libxdmcp security update https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625 https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.