ID de Prueba:	1.3.6.1.4.1.25623.1.0.61422
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:179 (metisse)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to metisse announced via advisory MDVSA-2008:179. An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server (CVE-2008-1379). Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could explot these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server (CVE-2008-2360, CVE-2008-2361, CVE-2008-2362). The Metisse program is likewise affected by these issues the updated packages have been patched to prevent them. Affected: 2008.0, 2008.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:179 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1379 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 29669 http://www.securityfocus.com/bid/29669 Bugtraq: 20080620 rPSA-2008-0200-1 xorg-server (Google Search) http://www.securityfocus.com/archive/1/493548/100/0/threaded Bugtraq: 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search) http://www.securityfocus.com/archive/1/493550/100/0/threaded Debian Security Information: DSA-1595 (Google Search) http://www.debian.org/security/2008/dsa-1595 http://security.gentoo.org/glsa/glsa-200806-07.xml http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml HPdes Security Advisory: HPSBUX02381 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 HPdes Security Advisory: SSRT080083 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722 http://www.mandriva.com/security/advisories?name=MDVSA-2008:115 http://www.mandriva.com/security/advisories?name=MDVSA-2008:116 http://www.mandriva.com/security/advisories?name=MDVSA-2008:179 http://lists.freedesktop.org/archives/xorg/2008-June/036026.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966 RedHat Security Advisories: RHSA-2008:0502 http://rhn.redhat.com/errata/RHSA-2008-0502.html http://www.redhat.com/support/errata/RHSA-2008-0503.html RedHat Security Advisories: RHSA-2008:0504 http://rhn.redhat.com/errata/RHSA-2008-0504.html RedHat Security Advisories: RHSA-2008:0512 http://rhn.redhat.com/errata/RHSA-2008-0512.html http://securitytracker.com/id?1020246 http://secunia.com/advisories/30627 http://secunia.com/advisories/30628 http://secunia.com/advisories/30629 http://secunia.com/advisories/30630 http://secunia.com/advisories/30637 http://secunia.com/advisories/30659 http://secunia.com/advisories/30664 http://secunia.com/advisories/30666 http://secunia.com/advisories/30671 http://secunia.com/advisories/30715 http://secunia.com/advisories/30772 http://secunia.com/advisories/30809 http://secunia.com/advisories/30843 http://secunia.com/advisories/31025 http://secunia.com/advisories/31109 http://secunia.com/advisories/32099 http://secunia.com/advisories/32545 http://secunia.com/advisories/33937 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1 SuSE Security Announcement: SUSE-SA:2008:027 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html SuSE Security Announcement: SUSE-SR:2008:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html http://www.ubuntu.com/usn/usn-616-1 http://www.vupen.com/english/advisories/2008/1803 http://www.vupen.com/english/advisories/2008/1833 http://www.vupen.com/english/advisories/2008/1983/references http://www.vupen.com/english/advisories/2008/3000 XForce ISS Database: xorg-fbshmputimage-information-disclosure(43016) https://exchange.xforce.ibmcloud.com/vulnerabilities/43016 Common Vulnerability Exposure (CVE) ID: CVE-2008-2360 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=718 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9329 http://securitytracker.com/id?1020243 Common Vulnerability Exposure (CVE) ID: CVE-2008-2361 BugTraq ID: 29665 http://www.securityfocus.com/bid/29665 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=719 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8978 http://securitytracker.com/id?1020244 Common Vulnerability Exposure (CVE) ID: CVE-2008-2362 BugTraq ID: 29670 http://www.securityfocus.com/bid/29670 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246 http://securitytracker.com/id?1020245
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.