Test ID:	1.3.6.1.4.1.25623.1.0.58672
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200710-11 (xfs)
Summary:	The remote host is missing updates announced in;advisory GLSA 200710-11.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200710-11. Vulnerability Insight: Three vulnerabilities have been discovered in the X Font Server possibly allowing local attackers to gain elevated privileges. Solution: All X Font Server users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-apps/xfs-1.0.5' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3103 1018375 http://www.securitytracker.com/id?1018375 20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557 20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs http://www.securityfocus.com/archive/1/473869/100/0/threaded 24888 http://www.securityfocus.com/bid/24888 26056 http://secunia.com/advisories/26056 26081 http://secunia.com/advisories/26081 26282 http://secunia.com/advisories/26282 27240 http://secunia.com/advisories/27240 35674 http://secunia.com/advisories/35674 40945 http://osvdb.org/40945 5167 https://www.exploit-db.com/exploits/5167 DSA-1342 http://www.debian.org/security/2007/dsa-1342 FEDORA-2009-3651 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html FEDORA-2009-3666 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html GLSA-200710-11 http://security.gentoo.org/glsa/glsa-200710-11.xml RHSA-2007:0519 http://www.redhat.com/support/errata/RHSA-2007-0519.html RHSA-2007:0520 http://www.redhat.com/support/errata/RHSA-2007-0520.html http://bugs.gentoo.org/show_bug.cgi?id=185660 http://bugzilla.redhat.com/242903 https://issues.rpath.com/browse/RPL-1485 oval:org.mitre.oval:def:10802 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802 redhat-xfs-privilege-escalation(35375) https://exchange.xforce.ibmcloud.com/vulnerabilities/35375 Common Vulnerability Exposure (CVE) ID: CVE-2007-4568 1018763 http://www.securitytracker.com/id?1018763 103114 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1 200642 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1 20071002 Multiple Vendor X Font Server Multiple Vulnerabilities http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602 20071003 rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs http://www.securityfocus.com/archive/1/481432/100/0/threaded 25898 http://www.securityfocus.com/bid/25898 27040 http://secunia.com/advisories/27040 27052 http://secunia.com/advisories/27052 27060 http://secunia.com/advisories/27060 27168 http://secunia.com/advisories/27168 27176 http://secunia.com/advisories/27176 27228 http://secunia.com/advisories/27228 27560 http://secunia.com/advisories/27560 28004 http://secunia.com/advisories/28004 28536 http://secunia.com/advisories/28536 28542 http://secunia.com/advisories/28542 28891 http://secunia.com/advisories/28891 29420 http://secunia.com/advisories/29420 ADV-2007-3337 http://www.vupen.com/english/advisories/2007/3337 ADV-2007-3338 http://www.vupen.com/english/advisories/2007/3338 ADV-2007-3467 http://www.vupen.com/english/advisories/2007/3467 ADV-2008-0495 http://www.vupen.com/english/advisories/2008/0495/references ADV-2008-0924 http://www.vupen.com/english/advisories/2008/0924/references APPLE-SA-2008-02-11 http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html APPLE-SA-2008-03-18 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html DSA-1385 http://www.debian.org/security/2007/dsa-1385 FEDORA-2007-4263 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html MDKSA-2007:210 http://www.mandriva.com/security/advisories?name=MDKSA-2007:210 RHSA-2008:0029 http://www.redhat.com/support/errata/RHSA-2008-0029.html RHSA-2008:0030 http://www.redhat.com/support/errata/RHSA-2008-0030.html SUSE-SA:2007:054 http://www.novell.com/linux/security/advisories/2007_54_xorg.html TA08-043B http://www.us-cert.gov/cas/techalerts/TA08-043B.html [xorg-announce] 20071002 [ANNOUNCE] X.Org security advisory: multiple vulnerabilities in X font server http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html http://bugs.freedesktop.org/show_bug.cgi?id=12298 http://bugs.gentoo.org/show_bug.cgi?id=194606 http://docs.info.apple.com/article.html?artnum=307430 http://docs.info.apple.com/article.html?artnum=307562 https://issues.rpath.com/browse/RPL-1756 oval:org.mitre.oval:def:10882 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10882 xfs-protocol-requests-bo(36919) https://exchange.xforce.ibmcloud.com/vulnerabilities/36919 Common Vulnerability Exposure (CVE) ID: CVE-2007-4990 BugTraq ID: 25898 Bugtraq: 20071003 rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search) HPdes Security Advisory: HPSBUX02303 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725 HPdes Security Advisory: SSRT071468 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599 http://secunia.com/advisories/28514 SuSE Security Announcement: SUSE-SA:2007:054 (Google Search) http://www.vupen.com/english/advisories/2008/0149 XForce ISS Database: xfs-queryxbitmaps-queryxextents-bo(36920) https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.