 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2017.0269 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2017-0269) |
| Resumen: | The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2017-0269 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2017-0269 advisory. Vulnerability Insight: Eric Sesterhenn discovered that the X.Org X server incorrectly compared MIT cookies. An attacker could possibly use this issue to perform a timing attack and recover the MIT cookie (CVE-2017-2624). It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly execute arbitrary code as an administrator (CVE-2017-10971). It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information (CVE-2017-10972). Use-after-free issue in an unused function in XDM (boo#1025035). Affected Software/OS: 'x11-server' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-10971 BugTraq ID: 99546 http://www.securityfocus.com/bid/99546 Debian Security Information: DSA-3905 (Google Search) http://www.debian.org/security/2017/dsa-3905 https://bugzilla.suse.com/show_bug.cgi?id=1035283 https://cgit.freedesktop.org/xorg/xserver/commit/?id=215f894965df5fb0bb45b107d84524e700d2073c https://cgit.freedesktop.org/xorg/xserver/commit/?id=8caed4df36b1f802b4992edcfd282cbeeec35d9d https://cgit.freedesktop.org/xorg/xserver/commit/?id=ba336b24052122b136486961c82deac76bbde455 Common Vulnerability Exposure (CVE) ID: CVE-2017-10972 BugTraq ID: 99543 http://www.securityfocus.com/bid/99543 https://cgit.freedesktop.org/xorg/xserver/commit/?id=05442de962d3dc624f79fc1a00eca3ffc5489ced Common Vulnerability Exposure (CVE) ID: CVE-2017-2624 1037919 http://www.securitytracker.com/id/1037919 96480 http://www.securityfocus.com/bid/96480 GLSA-201704-03 https://security.gentoo.org/glsa/201704-03 GLSA-201710-30 https://security.gentoo.org/glsa/201710-30 [debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624 https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |