| Description: | Summary:
The remote host is missing an update for the Debian 'xfree86' package(s) announced via the DSA-1249-1 advisory.
Vulnerability Insight:
Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2006-6101
Sean Larsson discovered an integer overflow in the Render extension, which might lead to denial of service or local privilege escalation.
CVE-2006-6102
Sean Larsson discovered an integer overflow in the DBE extension, which might lead to denial of service or local privilege escalation.
CVE-2006-6103
Sean Larsson discovered an integer overflow in the DBE extension, which might lead to denial of service or local privilege escalation.
For the stable distribution (sarge) these problems have been fixed in version 4.3.0.dfsg.1-14sarge3. This update lacks builds for the Motorola 680x0 architecture, which had build problems. Packages will be released once this problem has been resolved.
For the upcoming stable distribution (etch) these problems have been fixed in version 2:1.1.1-15 of xorg-server.
For the unstable distribution (sid) these problems have been fixed in version 2:1.1.1-15 of xorg-server.
We recommend that you upgrade your XFree86 packages.
Affected Software/OS:
'xfree86' package(s) on Debian 3.1.
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
