Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2018-0421)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2018.0421

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2018-0421)

Resumen: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2018-0421 advisory.

Descripción: Summary:
The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2018-0421 advisory.

Vulnerability Insight:
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission
check for -modulepath and -logfile options when starting Xorg. X server
allows unprivileged users with the ability to log in to the system via
physical console to escalate their privileges and run arbitrary code under
root privileges (CVE-2018-14665).

Affected Software/OS:
'x11-server' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-14665
BugTraq ID: 105741
http://www.securityfocus.com/bid/105741
Debian Security Information: DSA-4328 (Google Search)
https://www.debian.org/security/2018/dsa-4328
https://www.exploit-db.com/exploits/45697/
https://www.exploit-db.com/exploits/45742/
https://www.exploit-db.com/exploits/45832/
https://www.exploit-db.com/exploits/45908/
https://www.exploit-db.com/exploits/45922/
https://www.exploit-db.com/exploits/45938/
https://www.exploit-db.com/exploits/46142/
https://security.gentoo.org/glsa/201810-09
http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html
http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html
https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html
https://lists.x.org/archives/xorg-announce/2018-October/002927.html
RedHat Security Advisories: RHSA-2018:3410
https://access.redhat.com/errata/RHSA-2018:3410
http://www.securitytracker.com/id/1041948
https://usn.ubuntu.com/3802-1/

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0421
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0421)
Resumen:	The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2018-0421 advisory.
Descripción:	Summary: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2018-0421 advisory. Vulnerability Insight: A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges (CVE-2018-14665). Affected Software/OS: 'x11-server' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14665 BugTraq ID: 105741 http://www.securityfocus.com/bid/105741 Debian Security Information: DSA-4328 (Google Search) https://www.debian.org/security/2018/dsa-4328 https://www.exploit-db.com/exploits/45697/ https://www.exploit-db.com/exploits/45742/ https://www.exploit-db.com/exploits/45832/ https://www.exploit-db.com/exploits/45908/ https://www.exploit-db.com/exploits/45922/ https://www.exploit-db.com/exploits/45938/ https://www.exploit-db.com/exploits/46142/ https://security.gentoo.org/glsa/201810-09 http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html https://lists.x.org/archives/xorg-announce/2018-October/002927.html RedHat Security Advisories: RHSA-2018:3410 https://access.redhat.com/errata/RHSA-2018:3410 http://www.securitytracker.com/id/1041948 https://usn.ubuntu.com/3802-1/
Copyright	Copyright (C) 2022 Greenbone AG