Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0520

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58927

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2007:0520

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2007:0520.

The X.Org X11 xfs font server provides a standard mechanism for an X server
to communicate with a font renderer.

A temporary file flaw was found in the way the X.Org X11 xfs font server
startup script executes. A local user could modify the permissions of a
file of their choosing, possibly elevating their local privileges.
(CVE-2007-3103)

Users of the X.org X11 xfs font server should upgrade to these updated
packages, which contain a backported patch and are not vulnerable to this
issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0520.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : High

CVSS Score:
6.2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3103
1018375
http://www.securitytracker.com/id?1018375
20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557
20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
http://www.securityfocus.com/archive/1/473869/100/0/threaded
24888
http://www.securityfocus.com/bid/24888
26056
http://secunia.com/advisories/26056
26081
http://secunia.com/advisories/26081
26282
http://secunia.com/advisories/26282
27240
http://secunia.com/advisories/27240
35674
http://secunia.com/advisories/35674
40945
http://osvdb.org/40945
5167
https://www.exploit-db.com/exploits/5167
DSA-1342
http://www.debian.org/security/2007/dsa-1342
FEDORA-2009-3651
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html
FEDORA-2009-3666
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html
GLSA-200710-11
http://security.gentoo.org/glsa/glsa-200710-11.xml
RHSA-2007:0519
http://www.redhat.com/support/errata/RHSA-2007-0519.html
RHSA-2007:0520
http://www.redhat.com/support/errata/RHSA-2007-0520.html
http://bugs.gentoo.org/show_bug.cgi?id=185660
http://bugzilla.redhat.com/242903
https://issues.rpath.com/browse/RPL-1485
oval:org.mitre.oval:def:10802
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802
redhat-xfs-privilege-escalation(35375)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35375

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58927
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0520
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0520. The X.Org X11 xfs font server provides a standard mechanism for an X server to communicate with a font renderer. A temporary file flaw was found in the way the X.Org X11 xfs font server startup script executes. A local user could modify the permissions of a file of their choosing, possibly elevating their local privileges. (CVE-2007-3103) Users of the X.org X11 xfs font server should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0520.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3103 1018375 http://www.securitytracker.com/id?1018375 20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557 20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs http://www.securityfocus.com/archive/1/473869/100/0/threaded 24888 http://www.securityfocus.com/bid/24888 26056 http://secunia.com/advisories/26056 26081 http://secunia.com/advisories/26081 26282 http://secunia.com/advisories/26282 27240 http://secunia.com/advisories/27240 35674 http://secunia.com/advisories/35674 40945 http://osvdb.org/40945 5167 https://www.exploit-db.com/exploits/5167 DSA-1342 http://www.debian.org/security/2007/dsa-1342 FEDORA-2009-3651 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html FEDORA-2009-3666 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html GLSA-200710-11 http://security.gentoo.org/glsa/glsa-200710-11.xml RHSA-2007:0519 http://www.redhat.com/support/errata/RHSA-2007-0519.html RHSA-2007:0520 http://www.redhat.com/support/errata/RHSA-2007-0520.html http://bugs.gentoo.org/show_bug.cgi?id=185660 http://bugzilla.redhat.com/242903 https://issues.rpath.com/browse/RPL-1485 oval:org.mitre.oval:def:10802 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802 redhat-xfs-privilege-escalation(35375) https://exchange.xforce.ibmcloud.com/vulnerabilities/35375
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com