ID de Prueba:	1.3.6.1.4.1.25623.1.0.58888
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0132
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0132. X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. iDefense reported two integer overflows in the way X.org handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-1351, CVE-2007-1352) Users of X.org libXfont should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0132.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 8.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1351 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 23283 http://www.securityfocus.com/bid/23283 BugTraq ID: 23300 http://www.securityfocus.com/bid/23300 BugTraq ID: 23402 http://www.securityfocus.com/bid/23402 Bugtraq: 20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search) http://www.securityfocus.com/archive/1/464686/100/0/threaded Bugtraq: 20070405 FLEA-2007-0009-1: xorg-x11 freetype (Google Search) http://www.securityfocus.com/archive/1/464816/100/0/threaded Debian Security Information: DSA-1294 (Google Search) http://www.debian.org/security/2007/dsa-1294 Debian Security Information: DSA-1454 (Google Search) http://www.debian.org/security/2008/dsa-1454 http://security.gentoo.org/glsa/glsa-200705-02.xml http://security.gentoo.org/glsa/glsa-200705-10.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501 http://www.mandriva.com/security/advisories?name=MDKSA-2007:079 http://www.mandriva.com/security/advisories?name=MDKSA-2007:080 http://www.mandriva.com/security/advisories?name=MDKSA-2007:081 http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html OpenBSD Security Advisory: [3.9] 021: SECURITY FIX: April 4, 2007 http://www.openbsd.org/errata39.html#021_xorg OpenBSD Security Advisory: [4.0] 011: SECURITY FIX: April 4, 2007 http://www.openbsd.org/errata40.html#011_xorg https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810 RedHat Security Advisories: RHSA-2007:0125 http://rhn.redhat.com/errata/RHSA-2007-0125.html http://www.redhat.com/support/errata/RHSA-2007-0126.html http://www.redhat.com/support/errata/RHSA-2007-0132.html http://www.redhat.com/support/errata/RHSA-2007-0150.html http://www.securitytracker.com/id?1017857 http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/24756 http://secunia.com/advisories/24758 http://secunia.com/advisories/24765 http://secunia.com/advisories/24768 http://secunia.com/advisories/24770 http://secunia.com/advisories/24771 http://secunia.com/advisories/24772 http://secunia.com/advisories/24776 http://secunia.com/advisories/24791 http://secunia.com/advisories/24885 http://secunia.com/advisories/24889 http://secunia.com/advisories/24921 http://secunia.com/advisories/24996 http://secunia.com/advisories/25004 http://secunia.com/advisories/25006 http://secunia.com/advisories/25096 http://secunia.com/advisories/25195 http://secunia.com/advisories/25216 http://secunia.com/advisories/25305 http://secunia.com/advisories/25495 http://secunia.com/advisories/28333 http://secunia.com/advisories/30161 http://secunia.com/advisories/33937 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1 SuSE Security Announcement: SUSE-SA:2007:027 (Google Search) http://www.novell.com/linux/security/advisories/2007_27_x.html SuSE Security Announcement: SUSE-SR:2007:006 (Google Search) http://www.novell.com/linux/security/advisories/2007_6_sr.html http://www.trustix.org/errata/2007/0013/ http://www.ubuntu.com/usn/usn-448-1 http://www.vupen.com/english/advisories/2007/1217 http://www.vupen.com/english/advisories/2007/1264 http://www.vupen.com/english/advisories/2007/1548 XForce ISS Database: xorg-bdf-font-bo(33417) https://exchange.xforce.ibmcloud.com/vulnerabilities/33417 Common Vulnerability Exposure (CVE) ID: CVE-2007-1352 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243 XForce ISS Database: xorg-fontsdir-bo(33419) https://exchange.xforce.ibmcloud.com/vulnerabilities/33419
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.