Test ID:	1.3.6.1.4.1.25623.1.0.56431
Category:	Fedora Local Security Checks
Title:	Fedora Core 5 FEDORA-2006-172 (xorg-x11-server)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to xorg-x11-server announced via advisory FEDORA-2006-172. Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for root privilege escalation by passing a path to malicious modules using the -modulepath command line argument. Also, the Xorg server can be exploited to overwrite any root writable file on the filesystem with the -logfile command line argument. * Wed Mar 15 2006 Ray Strode - 1.0.1-9 - CVE-2006-0745 (bug 185084) Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2006-172 Risk factor : High CVSS Score: 7.2
Cross-Ref:	BugTraq ID: 17169 Common Vulnerability Exposure (CVE) ID: CVE-2006-0745 http://www.securityfocus.com/bid/17169 Bugtraq: 20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 (Google Search) http://www.securityfocus.com/archive/1/428230/100/0/threaded Bugtraq: 20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 (Google Search) http://www.securityfocus.com/archive/1/428183/100/0/threaded http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:056 http://www.osvdb.org/24000 http://www.osvdb.org/24001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697 http://securitytracker.com/id?1015793 http://secunia.com/advisories/19256 http://secunia.com/advisories/19307 http://secunia.com/advisories/19311 http://secunia.com/advisories/19316 http://secunia.com/advisories/19676 http://securityreason.com/securityalert/606 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1 SuSE Security Announcement: SUSE-SA:2006:016 (Google Search) http://www.novell.com/linux/security/advisories/2006_16_xorgx11server.html http://www.vupen.com/english/advisories/2006/1017 http://www.vupen.com/english/advisories/2006/1028 XForce ISS Database: xorg-geteuid-privilege-escalation(25341) https://exchange.xforce.ibmcloud.com/vulnerabilities/25341
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.