Test ID:	1.3.6.1.4.1.25623.1.0.68171
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2010-240-06)
Summary:	The remote host is missing an update for the 'xorg-server' package(s) announced via the SSA:2010-240-06 advisory.
Description:	Summary: The remote host is missing an update for the 'xorg-server' package(s) announced via the SSA:2010-240-06 advisory. Vulnerability Insight: New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/xorg-server-1.7.7-i486-2_slack13.1.txz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'xorg-server' package(s) on Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2240 1024344 http://securitytracker.com/id?1024344 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://www.securityfocus.com/archive/1/517739/100/0/threaded DSA-2094 http://www.debian.org/security/2010/dsa-2094 MDVSA-2010:172 http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 RHSA-2010:0660 http://www.redhat.com/support/errata/RHSA-2010-0660.html RHSA-2010:0661 https://rhn.redhat.com/errata/RHSA-2010-0661.html RHSA-2010:0670 http://www.redhat.com/support/errata/RHSA-2010-0670.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 http://www.vmware.com/security/advisories/VMSA-2011-0007.html http://www.vmware.com/security/advisories/VMSA-2011-0009.html https://bugzilla.redhat.com/show_bug.cgi?id=606611 oval:org.mitre.oval:def:13247 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.