ID de Prueba:	1.3.6.1.4.1.25623.1.0.58886
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0127
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0127. X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. iDefense reported an integer overflow flaw in the X.org X11 server XC-MISC extension. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server. (CVE-2007-1003) Users of the X.org X11 server should upgrade to these updated packages, which contain a backported patch and is not vulnerable to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0127.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 9.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1003 1017857 http://www.securitytracker.com/id?1017857 102886 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1 20070403 Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=503 20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs http://www.securityfocus.com/archive/1/464686/100/0/threaded 20070405 FLEA-2007-0009-1: xorg-x11 freetype http://www.securityfocus.com/archive/1/464816/100/0/threaded 23284 http://www.securityfocus.com/bid/23284 23300 http://www.securityfocus.com/bid/23300 24741 http://secunia.com/advisories/24741 24745 http://secunia.com/advisories/24745 24756 http://secunia.com/advisories/24756 24758 http://secunia.com/advisories/24758 24765 http://secunia.com/advisories/24765 24770 http://secunia.com/advisories/24770 24771 http://secunia.com/advisories/24771 24772 http://secunia.com/advisories/24772 24791 http://secunia.com/advisories/24791 25004 http://secunia.com/advisories/25004 25006 http://secunia.com/advisories/25006 25195 http://secunia.com/advisories/25195 25216 http://secunia.com/advisories/25216 25305 http://secunia.com/advisories/25305 29622 http://secunia.com/advisories/29622 ADV-2007-1217 http://www.vupen.com/english/advisories/2007/1217 ADV-2007-1548 http://www.vupen.com/english/advisories/2007/1548 DSA-1294 http://www.debian.org/security/2007/dsa-1294 GLSA-200705-10 http://security.gentoo.org/glsa/glsa-200705-10.xml MDKSA-2007:079 http://www.mandriva.com/security/advisories?name=MDKSA-2007:079 MDKSA-2007:080 http://www.mandriva.com/security/advisories?name=MDKSA-2007:080 RHSA-2007:0125 http://rhn.redhat.com/errata/RHSA-2007-0125.html RHSA-2007:0126 http://www.redhat.com/support/errata/RHSA-2007-0126.html RHSA-2007:0127 http://www.redhat.com/support/errata/RHSA-2007-0127.html SUSE-SA:2007:027 http://www.novell.com/linux/security/advisories/2007_27_x.html SUSE-SR:2008:008 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html USN-448-1 http://www.ubuntu.com/usn/usn-448-1 [3.9] 021: SECURITY FIX: April 4, 2007 http://www.openbsd.org/errata39.html#021_xorg [4.0] 011: SECURITY FIX: April 4, 2007 http://www.openbsd.org/errata40.html#011_xorg [xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://issues.foresightlinux.org/browse/FL-223 http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm https://issues.rpath.com/browse/RPL-1213 oval:org.mitre.oval:def:1980 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1980 oval:org.mitre.oval:def:9798 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9798 xorg-xcmisc-overflow(33424) https://exchange.xforce.ibmcloud.com/vulnerabilities/33424
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.