English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.61125
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2008:0504
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0504.

X.Org is an open source implementation of the X Window System. It provides
basic low-level functionality that full-fledged graphical user interfaces
are designed upon.

An input validation flaw was discovered in X.org's Security and Record
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or, potentially, execute arbitrary code with
root privileges on the X.Org server. (CVE-2008-1377)

Multiple integer overflow flaws were found in X.org's Render extension. A
malicious authorized client could exploit these issues to cause a denial of
service (crash) or, potentially, execute arbitrary code with root
privileges on the X.Org server. (CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)

An input validation flaw was discovered in X.org's MIT-SHM extension. A
client connected to the X.org server could read arbitrary server memory.
This could result in the sensitive data of other users of the X.org server
being disclosed. (CVE-2008-1379)

Users of xorg-x11-server should upgrade to these updated packages, which
contain backported patches to resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0504.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-1377
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Bugtraq: 20080620 rPSA-2008-0200-1 xorg-server (Google Search)
http://www.securityfocus.com/archive/1/493548/100/0/threaded
Bugtraq: 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search)
http://www.securityfocus.com/archive/1/493550/100/0/threaded
Debian Security Information: DSA-1595 (Google Search)
http://www.debian.org/security/2008/dsa-1595
http://security.gentoo.org/glsa/glsa-200806-07.xml
http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml
HPdes Security Advisory: HPSBUX02381
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321
HPdes Security Advisory: SSRT080083
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721
http://www.mandriva.com/security/advisories?name=MDVSA-2008:115
http://www.mandriva.com/security/advisories?name=MDVSA-2008:116
http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10109
RedHat Security Advisories: RHSA-2008:0502
http://rhn.redhat.com/errata/RHSA-2008-0502.html
http://www.redhat.com/support/errata/RHSA-2008-0503.html
RedHat Security Advisories: RHSA-2008:0504
http://rhn.redhat.com/errata/RHSA-2008-0504.html
RedHat Security Advisories: RHSA-2008:0512
http://rhn.redhat.com/errata/RHSA-2008-0512.html
http://securitytracker.com/id?1020247
http://secunia.com/advisories/30627
http://secunia.com/advisories/30628
http://secunia.com/advisories/30629
http://secunia.com/advisories/30630
http://secunia.com/advisories/30637
http://secunia.com/advisories/30659
http://secunia.com/advisories/30664
http://secunia.com/advisories/30666
http://secunia.com/advisories/30671
http://secunia.com/advisories/30715
http://secunia.com/advisories/30772
http://secunia.com/advisories/30809
http://secunia.com/advisories/30843
http://secunia.com/advisories/31025
http://secunia.com/advisories/31109
http://secunia.com/advisories/32099
http://secunia.com/advisories/32545
http://secunia.com/advisories/33937
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1
SuSE Security Announcement: SUSE-SA:2008:027 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
SuSE Security Announcement: SUSE-SR:2008:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://www.ubuntu.com/usn/usn-616-1
http://www.vupen.com/english/advisories/2008/1803
http://www.vupen.com/english/advisories/2008/1833
http://www.vupen.com/english/advisories/2008/1983/references
http://www.vupen.com/english/advisories/2008/3000
Common Vulnerability Exposure (CVE) ID: CVE-2008-1379
BugTraq ID: 29669
http://www.securityfocus.com/bid/29669
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722
http://www.mandriva.com/security/advisories?name=MDVSA-2008:179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966
http://securitytracker.com/id?1020246
XForce ISS Database: xorg-fbshmputimage-information-disclosure(43016)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43016
Common Vulnerability Exposure (CVE) ID: CVE-2008-2360
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=718
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9329
http://securitytracker.com/id?1020243
Common Vulnerability Exposure (CVE) ID: CVE-2008-2361
BugTraq ID: 29665
http://www.securityfocus.com/bid/29665
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=719
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8978
http://securitytracker.com/id?1020244
Common Vulnerability Exposure (CVE) ID: CVE-2008-2362
BugTraq ID: 29670
http://www.securityfocus.com/bid/29670
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246
http://securitytracker.com/id?1020245
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.