English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 94899 CVE descriptions
and 51984 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57768
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0003
Summary:Redhat Security Advisory RHSA-2007:0003
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0003.

X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

iDefense reported three integer overflow flaws in the X.org Render and DBE
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or potentially execute arbitrary code with root
privileges on the X.org server. (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103)

Users of X.org should upgrade to these updated packages, which contain a
backported patch and is not vulnerable to this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0003.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-6101
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463
http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html
Debian Security Information: DSA-1249 (Google Search)
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00004.html
http://security.gentoo.org/glsa/glsa-200701-25.xml
HPdes Security Advisory: HPSBUX02225
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01075678
HPdes Security Advisory: SSRT071295
http://www.mandriva.com/security/advisories?name=MDKSA-2007:005
NETBSD Security Advisory: NetBSD-SA2007-002
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc
http://www.redhat.com/support/errata/RHSA-2007-0002.html
http://www.redhat.com/support/errata/RHSA-2007-0003.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1
SuSE Security Announcement: SUSE-SA:2007:008 (Google Search)
http://www.novell.com/linux/security/advisories/2007_08_x.html
http://www.ubuntu.com/usn/usn-403-1
BugTraq ID: 21968
http://www.securityfocus.com/bid/21968
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10490
http://www.vupen.com/english/advisories/2007/0108
http://www.vupen.com/english/advisories/2007/0109
http://www.vupen.com/english/advisories/2007/0589
http://www.vupen.com/english/advisories/2007/0669
http://www.vupen.com/english/advisories/2007/2233
http://osvdb.org/32084
http://securitytracker.com/id?1017495
http://secunia.com/advisories/23633
http://secunia.com/advisories/23670
http://secunia.com/advisories/23684
http://secunia.com/advisories/23689
http://secunia.com/advisories/23705
http://secunia.com/advisories/23698
http://secunia.com/advisories/23758
http://secunia.com/advisories/23789
http://secunia.com/advisories/23966
http://secunia.com/advisories/24168
http://secunia.com/advisories/24210
http://secunia.com/advisories/24247
http://secunia.com/advisories/24401
http://secunia.com/advisories/25802
XForce ISS Database: xorg-xserver-render-overflow(31337)
http://xforce.iss.net/xforce/xfdb/31337
Common Vulnerability Exposure (CVE) ID: CVE-2006-6102
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9991
http://osvdb.org/32085
XForce ISS Database: xorg-xserver-dbe-overflow(31376)
http://xforce.iss.net/xforce/xfdb/31376
Common Vulnerability Exposure (CVE) ID: CVE-2006-6103
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11011
http://osvdb.org/32086
XForce ISS Database: xorg-xserver-dbe-swap-overflow(31379)
http://xforce.iss.net/xforce/xfdb/31379
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 51984 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2016 E-Soft Inc. All rights reserved.