ID de Prueba:	1.3.6.1.4.1.25623.1.0.60257
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:024 (libxfont)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libxfont announced via advisory MDVSA-2008:024. A heap-based buffer overflow flaw was found in how the X.org server handled malformed font files that could allow a malicious local user to potentially execute arbitrary code with the privileges of the X.org server (CVE-2008-0006). The updated packages have been patched to correct this issue. Affected: 2007.0, 2007.1, 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:024 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0006 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 27336 http://www.securityfocus.com/bid/27336 BugTraq ID: 27352 http://www.securityfocus.com/bid/27352 Bugtraq: 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search) http://www.securityfocus.com/archive/1/487335/100/0/threaded CERT/CC vulnerability note: VU#203220 http://www.kb.cert.org/vuls/id/203220 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00674.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00771.html http://security.gentoo.org/glsa/glsa-200801-09.xml http://security.gentoo.org/glsa/glsa-200804-05.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml HPdes Security Advisory: HPSBUX02381 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 HPdes Security Advisory: SSRT080083 http://jvn.jp/en/jp/JVN88935101/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001043.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 http://www.mandriva.com/security/advisories?name=MDVSA-2008:024 http://lists.freedesktop.org/archives/xorg/2008-January/031918.html OpenBSD Security Advisory: [4.1] 20080208 012: SECURITY FIX: February 8, 2008 http://www.openbsd.org/errata41.html#012_xorg OpenBSD Security Advisory: [4.2] 20080208 006: SECURITY FIX: February 8, 2008 http://www.openbsd.org/errata42.html#006_xorg https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10021 http://www.redhat.com/support/errata/RHSA-2008-0029.html http://www.redhat.com/support/errata/RHSA-2008-0030.html http://www.redhat.com/support/errata/RHSA-2008-0064.html http://securitytracker.com/id?1019232 http://secunia.com/advisories/28273 http://secunia.com/advisories/28500 http://secunia.com/advisories/28532 http://secunia.com/advisories/28535 http://secunia.com/advisories/28536 http://secunia.com/advisories/28540 http://secunia.com/advisories/28542 http://secunia.com/advisories/28544 http://secunia.com/advisories/28550 http://secunia.com/advisories/28571 http://secunia.com/advisories/28592 http://secunia.com/advisories/28621 http://secunia.com/advisories/28718 http://secunia.com/advisories/28843 http://secunia.com/advisories/28885 http://secunia.com/advisories/28941 http://secunia.com/advisories/29139 http://secunia.com/advisories/29420 http://secunia.com/advisories/29622 http://secunia.com/advisories/29707 http://secunia.com/advisories/30161 http://secunia.com/advisories/32545 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103192-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-201230-1 SuSE Security Announcement: SUSE-SA:2008:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html SuSE Security Announcement: SUSE-SR:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html https://usn.ubuntu.com/571-1/ http://www.vupen.com/english/advisories/2008/0179 http://www.vupen.com/english/advisories/2008/0184 http://www.vupen.com/english/advisories/2008/0497/references http://www.vupen.com/english/advisories/2008/0703 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/3000 XForce ISS Database: xorg-pcffont-bo(39767) https://exchange.xforce.ibmcloud.com/vulnerabilities/39767
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.