Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200402-02 (200402-02)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54520

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200402-02 (200402-02)

Resumen: The remote host is missing updates announced in;advisory GLSA 200402-02.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200402-02.

Vulnerability Insight:
Exploitation of a buffer overflow in the XFree86 Project Inc.'s XFree86 X
Window System allows local attackers to gain root privileges.

Solution:
All users are recommended to upgrade their XFree86 installation:

# emerge sync
# emerge -pv x11-base/xfree
# emerge x11-base/xfree

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0083
BugTraq ID: 9636
http://www.securityfocus.com/bid/9636
Bugtraq: 20040210 iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow (Google Search)
http://marc.info/?l=bugtraq&m=107644835523678&w=2
Bugtraq: 20040211 XFree86 vulnerability exploit (Google Search)
http://marc.info/?l=bugtraq&m=107653324115914&w=2
CERT/CC vulnerability note: VU#820006
http://www.kb.cert.org/vuls/id/820006
Conectiva Linux advisory: CLA-2004:821
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821
Debian Security Information: DSA-443 (Google Search)
http://www.debian.org/security/2004/dsa-443
http://marc.info/?l=bugtraq&m=110979666528890&w=2
http://security.gentoo.org/glsa/glsa-200402-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:012
http://www.idefense.com/application/poi/display?id=72
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A806
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9612
http://www.redhat.com/support/errata/RHSA-2004-059.html
http://www.redhat.com/support/errata/RHSA-2004-060.html
http://www.redhat.com/support/errata/RHSA-2004-061.html
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1
SuSE Security Announcement: SuSE-SA:2004:006 (Google Search)
http://www.novell.com/linux/security/advisories/2004_06_xf86.html
XForce ISS Database: xfree86-fontalias-bo(15130)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15130

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54520
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200402-02 (200402-02)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200402-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200402-02. Vulnerability Insight: Exploitation of a buffer overflow in the XFree86 Project Inc.'s XFree86 X Window System allows local attackers to gain root privileges. Solution: All users are recommended to upgrade their XFree86 installation: # emerge sync # emerge -pv x11-base/xfree # emerge x11-base/xfree CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0083 BugTraq ID: 9636 http://www.securityfocus.com/bid/9636 Bugtraq: 20040210 iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow (Google Search) http://marc.info/?l=bugtraq&m=107644835523678&w=2 Bugtraq: 20040211 XFree86 vulnerability exploit (Google Search) http://marc.info/?l=bugtraq&m=107653324115914&w=2 CERT/CC vulnerability note: VU#820006 http://www.kb.cert.org/vuls/id/820006 Conectiva Linux advisory: CLA-2004:821 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821 Debian Security Information: DSA-443 (Google Search) http://www.debian.org/security/2004/dsa-443 http://marc.info/?l=bugtraq&m=110979666528890&w=2 http://security.gentoo.org/glsa/glsa-200402-02.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:012 http://www.idefense.com/application/poi/display?id=72 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A806 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A830 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9612 http://www.redhat.com/support/errata/RHSA-2004-059.html http://www.redhat.com/support/errata/RHSA-2004-060.html http://www.redhat.com/support/errata/RHSA-2004-061.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1 SuSE Security Announcement: SuSE-SA:2004:006 (Google Search) http://www.novell.com/linux/security/advisories/2004_06_xf86.html XForce ISS Database: xfree86-fontalias-bo(15130) https://exchange.xforce.ibmcloud.com/vulnerabilities/15130
Copyright	Copyright (C) 2008 E-Soft Inc.