Test ID:	1.3.6.1.4.1.25623.1.0.842093
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2500-1)
Summary:	The remote host is missing an update for the 'xorg-server, xorg-server-lts-trusty, xorg-server-lts-utopic' package(s) announced via the USN-2500-1 advisory.
Description:	Summary: The remote host is missing an update for the 'xorg-server, xorg-server-lts-trusty, xorg-server-lts-utopic' package(s) announced via the USN-2500-1 advisory. Vulnerability Insight: Olivier Fourdan discovered that the X.Org X server incorrectly handled XkbSetGeometry requests resulting in an information leak. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information. (CVE-2015-0255) It was discovered that the X.Org X server incorrectly handled certain trapezoids. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly crash the server. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-6424) Affected Software/OS: 'xorg-server, xorg-server-lts-trusty, xorg-server-lts-utopic' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 14.10. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6424 DSA-2822 http://www.debian.org/security/2013/dsa-2822 GLSA-201701-64 https://security.gentoo.org/glsa/201701-64 GLSA-201710-30 https://security.gentoo.org/glsa/201710-30 RHSA-2013:1868 http://rhn.redhat.com/errata/RHSA-2013-1868.html USN-2500-1 http://www.ubuntu.com/usn/USN-2500-1 [oss-security] 20131203 CVE Request: xorg-server and pixman http://www.openwall.com/lists/oss-security/2013/12/03/8 [oss-security] 20131204 Re: CVE Request: xorg-server and pixman http://www.openwall.com/lists/oss-security/2013/12/04/8 [xorg-devel] 20131002 [PATCH] exa: only draw valid trapezoids http://lists.x.org/archives/xorg-devel/2013-October/037996.html https://bugs.freedesktop.org/show_bug.cgi?id=67484 https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1197921 openSUSE-SU-2013:1965 http://lists.opensuse.org/opensuse-updates/2013-12/msg00127.html Common Vulnerability Exposure (CVE) ID: CVE-2015-0255 BugTraq ID: 72578 http://www.securityfocus.com/bid/72578 Debian Security Information: DSA-3160 (Google Search) http://www.debian.org/security/2015/dsa-3160 https://security.gentoo.org/glsa/201504-06 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 RedHat Security Advisories: RHSA-2015:0797 http://rhn.redhat.com/errata/RHSA-2015-0797.html SuSE Security Announcement: openSUSE-SU-2015:0337 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00085.html SuSE Security Announcement: openSUSE-SU-2015:0338 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00086.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.