ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0330
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0330)
Resumen:	The remote host is missing an update for the 'libxdmcp' package(s) announced via the MGASA-2017-0330 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libxdmcp' package(s) announced via the MGASA-2017-0330 advisory. Vulnerability Insight: XDM uses weak entropy to generate the session keys on non BSD systems. On multi user systems it might possible to check the PID of the process and how long it is running to get an estimate of these values, which could allow an attacker to attach to the session of a different user (CVE-2017-2625). Affected Software/OS: 'libxdmcp' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2625 1037919 http://www.securitytracker.com/id/1037919 96480 http://www.securityfocus.com/bid/96480 GLSA-201704-03 https://security.gentoo.org/glsa/201704-03 RHSA-2017:1865 https://access.redhat.com/errata/RHSA-2017:1865 [debian-lts-announce] 20191125 [SECURITY] [DLA 2006-1] libxdmcp security update https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625 https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.