Test ID:	1.3.6.1.4.1.25623.1.0.57885
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200609-07 (libxfont)
Summary:	The remote host is missing updates announced in;advisory GLSA 200609-07.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200609-07. Vulnerability Insight: Some buffer overflows were discovered in the CID font parser, potentially resulting in the execution of arbitrary code with elevated privileges. Solution: All libXfont users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-libs/libXfont-1.2.1' All monolithic X.org users are advised to migrate to modular X.org. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3739 1016828 http://securitytracker.com/id?1016828 102714 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1 102780 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1 19974 http://www.securityfocus.com/bid/19974 20060912 Multiple Vendor X Server CID-keyed Fonts 'CIDAFM()' Integer Overflow Vulnerability http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs http://www.securityfocus.com/archive/1/445812/100/0/threaded 20070330 VMSA-2007-0002 VMware ESX security updates http://www.securityfocus.com/archive/1/464268/100/0/threaded 21864 http://secunia.com/advisories/21864 21889 http://secunia.com/advisories/21889 21890 http://secunia.com/advisories/21890 21894 http://secunia.com/advisories/21894 21900 http://secunia.com/advisories/21900 21904 http://secunia.com/advisories/21904 21908 http://secunia.com/advisories/21908 21924 http://secunia.com/advisories/21924 22080 http://secunia.com/advisories/22080 22141 http://secunia.com/advisories/22141 22332 http://secunia.com/advisories/22332 22560 http://secunia.com/advisories/22560 23033 http://secunia.com/advisories/23033 23899 http://secunia.com/advisories/23899 24636 http://secunia.com/advisories/24636 ADV-2006-3581 http://www.vupen.com/english/advisories/2006/3581 ADV-2006-3582 http://www.vupen.com/english/advisories/2006/3582 ADV-2007-0322 http://www.vupen.com/english/advisories/2007/0322 ADV-2007-1171 http://www.vupen.com/english/advisories/2007/1171 DSA-1193 http://www.debian.org/security/2006/dsa-1193 GLSA-200609-07 http://security.gentoo.org/glsa/glsa-200609-07.xml MDKSA-2006:164 http://www.mandriva.com/security/advisories?name=MDKSA-2006:164 RHSA-2006:0665 http://www.redhat.com/support/errata/RHSA-2006-0665.html RHSA-2006:0666 http://www.redhat.com/support/errata/RHSA-2006-0666.html SUSE-SR:2006:023 http://www.novell.com/linux/security/advisories/2006_23_sr.html USN-344-1 http://www.ubuntu.com/usn/usn-344-1 http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html https://issues.rpath.com/browse/RPL-614 oval:org.mitre.oval:def:10305 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305 xorg-server-cidafm-overflow(28899) https://exchange.xforce.ibmcloud.com/vulnerabilities/28899 Common Vulnerability Exposure (CVE) ID: CVE-2006-3740 20060912 Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 23907 http://secunia.com/advisories/23907 oval:org.mitre.oval:def:9454 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454 xorg-server-scancidfont-overflow(28890) https://exchange.xforce.ibmcloud.com/vulnerabilities/28890
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.