Test ID:	1.3.6.1.4.1.25623.1.1.10.2017.0366
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2017-0366)
Summary:	The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2017-0366 advisory.
Description:	Summary: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2017-0366 advisory. Vulnerability Insight: In Xext/shm, the shmseg resource id can belong to a non-existing client and abort X server with FatalError 'client not in use', or overwrite existing segment of another existing client (CVE-2017-13721). Generating strings for XKB data used a single shared static buffer, which offered several opportunities for errors when strings end up longer than anticipated (CVE-2017-13723). Affected Software/OS: 'x11-server' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-13721 BugTraq ID: 101238 http://www.securityfocus.com/bid/101238 Debian Security Information: DSA-4000 (Google Search) http://www.debian.org/security/2017/dsa-4000 https://security.gentoo.org/glsa/201710-30 http://www.openwall.com/lists/oss-security/2017/10/04/10 https://lists.x.org/archives/xorg-announce/2017-October/002808.html Common Vulnerability Exposure (CVE) ID: CVE-2017-13723 BugTraq ID: 101253 http://www.securityfocus.com/bid/101253 https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.