Test ID:	1.3.6.1.4.1.25623.1.0.57386
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2006-259-01)
Summary:	The remote host is missing an update for the 'x11' package(s) announced via the SSA:2006-259-01 advisory.
Description:	Summary: The remote host is missing an update for the 'x11' package(s) announced via the SSA:2006-259-01 advisory. Vulnerability Insight: New x11 (X.Org) packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/x11-6.8.2-i486-7_slack10.2.tgz:i Fixed an overflow in CID encoded Type1 font parsing. For further reference, see: [links moved to references] (* Security fix *) patches/packages/x11-devel-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xdmx-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xnest-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xvfb-6.8.2-i486-7_slack10.2.tgz: Recompiled. +--------------------------+ Affected Software/OS: 'x11' package(s) on Slackware 10.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3739 1016828 http://securitytracker.com/id?1016828 102714 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1 102780 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1 19974 http://www.securityfocus.com/bid/19974 20060912 Multiple Vendor X Server CID-keyed Fonts 'CIDAFM()' Integer Overflow Vulnerability http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs http://www.securityfocus.com/archive/1/445812/100/0/threaded 20070330 VMSA-2007-0002 VMware ESX security updates http://www.securityfocus.com/archive/1/464268/100/0/threaded 21864 http://secunia.com/advisories/21864 21889 http://secunia.com/advisories/21889 21890 http://secunia.com/advisories/21890 21894 http://secunia.com/advisories/21894 21900 http://secunia.com/advisories/21900 21904 http://secunia.com/advisories/21904 21908 http://secunia.com/advisories/21908 21924 http://secunia.com/advisories/21924 22080 http://secunia.com/advisories/22080 22141 http://secunia.com/advisories/22141 22332 http://secunia.com/advisories/22332 22560 http://secunia.com/advisories/22560 23033 http://secunia.com/advisories/23033 23899 http://secunia.com/advisories/23899 24636 http://secunia.com/advisories/24636 ADV-2006-3581 http://www.vupen.com/english/advisories/2006/3581 ADV-2006-3582 http://www.vupen.com/english/advisories/2006/3582 ADV-2007-0322 http://www.vupen.com/english/advisories/2007/0322 ADV-2007-1171 http://www.vupen.com/english/advisories/2007/1171 DSA-1193 http://www.debian.org/security/2006/dsa-1193 GLSA-200609-07 http://security.gentoo.org/glsa/glsa-200609-07.xml MDKSA-2006:164 http://www.mandriva.com/security/advisories?name=MDKSA-2006:164 RHSA-2006:0665 http://www.redhat.com/support/errata/RHSA-2006-0665.html RHSA-2006:0666 http://www.redhat.com/support/errata/RHSA-2006-0666.html SUSE-SR:2006:023 http://www.novell.com/linux/security/advisories/2006_23_sr.html USN-344-1 http://www.ubuntu.com/usn/usn-344-1 http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html https://issues.rpath.com/browse/RPL-614 oval:org.mitre.oval:def:10305 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305 xorg-server-cidafm-overflow(28899) https://exchange.xforce.ibmcloud.com/vulnerabilities/28899 Common Vulnerability Exposure (CVE) ID: CVE-2006-3740 20060912 Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 23907 http://secunia.com/advisories/23907 oval:org.mitre.oval:def:9454 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454 xorg-server-scancidfont-overflow(28890) https://exchange.xforce.ibmcloud.com/vulnerabilities/28890
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.