Test ID:	1.3.6.1.4.1.25623.1.0.57775
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:007 (krb5)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to krb5 announced via advisory MDKSA-2007:007. A vulnerability in the NVIDIA Xorg driver was discovered by Derek Abdine who found that it did not correctly verify the size of buffers used to render text glyphs, resulting in a crash of the server when displaying very long strings of text. If a user was tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges. This vulnerability exists in driver versions 1.0-8762 and 1.0-8774 and is corrected in 1.0-8776 which is being provided with this update. The packages can be found in the non-free/updates media. Affected: 2007.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:007 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5379 BugTraq ID: 20559 http://www.securityfocus.com/bid/20559 Bugtraq: 20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux (Google Search) http://www.securityfocus.com/archive/1/448860/100/0/threaded Bugtraq: 20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability (Google Search) http://www.securityfocus.com/archive/1/451329/100/0/threaded CERT/CC vulnerability note: VU#147252 http://www.kb.cert.org/vuls/id/147252 http://security.gentoo.org/glsa/glsa-200611-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:007 http://download2.rapid7.com/r7-0025/ http://download2.rapid7.com/r7-0025/nv_exploit.c http://www.rapid7.com/advisories/R7-0025.jsp http://securitytracker.com/id?1017072 http://secunia.com/advisories/22419 http://secunia.com/advisories/22676 http://secunia.com/advisories/22730 http://secunia.com/advisories/22764 http://secunia.com/advisories/23678 http://securityreason.com/securityalert/1742 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1 http://www.ubuntu.com/usn/usn-377-1 http://www.vupen.com/english/advisories/2006/4053 http://www.vupen.com/english/advisories/2006/4328 XForce ISS Database: nvidia-linux-driver-bo(29622) https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.