Test Kennung:	1.3.6.1.4.1.25623.1.0.60221
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200801-09 (xorg-server libXfont)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200801-09. Multiple vulnerabilities have been discovered in the X.Org X server and Xfont library, allowing for a local privilege escalation and arbitrary code execution. Solution: All X.Org X server users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-base/xorg-server-1.3.0.0-r4' All X.Org Xfont library users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-libs/libXfont-1.3.1-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200801-09 http://bugs.gentoo.org/show_bug.cgi?id=204362 http://lists.freedesktop.org/archives/xorg/2008-January/031918.html CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5760 BugTraq ID: 27336 http://www.securityfocus.com/bid/27336 BugTraq ID: 27354 http://www.securityfocus.com/bid/27354 Bugtraq: 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search) http://www.securityfocus.com/archive/1/487335/100/0/threaded Debian Security Information: DSA-1466 (Google Search) http://www.debian.org/security/2008/dsa-1466 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html http://security.gentoo.org/glsa/glsa-200801-09.xml http://security.gentoo.org/glsa/glsa-200804-05.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=646 http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 http://www.mandriva.com/security/advisories?name=MDVSA-2008:023 http://www.mandriva.com/security/advisories?name=MDVSA-2008:025 http://lists.freedesktop.org/archives/xorg/2008-January/031918.html OpenBSD Security Advisory: [4.1] 20080208 012: SECURITY FIX: February 8, 2008 http://www.openbsd.org/errata41.html#012_xorg OpenBSD Security Advisory: [4.2] 20080208 006: SECURITY FIX: February 8, 2008 http://www.openbsd.org/errata42.html#006_xorg https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11718 http://www.redhat.com/support/errata/RHSA-2008-0030.html http://www.redhat.com/support/errata/RHSA-2008-0031.html http://securitytracker.com/id?1019232 http://secunia.com/advisories/28273 http://secunia.com/advisories/28532 http://secunia.com/advisories/28535 http://secunia.com/advisories/28536 http://secunia.com/advisories/28539 http://secunia.com/advisories/28540 http://secunia.com/advisories/28543 http://secunia.com/advisories/28550 http://secunia.com/advisories/28584 http://secunia.com/advisories/28592 http://secunia.com/advisories/28616 http://secunia.com/advisories/28693 http://secunia.com/advisories/28718 http://secunia.com/advisories/28843 http://secunia.com/advisories/28885 http://secunia.com/advisories/28941 http://secunia.com/advisories/29707 http://secunia.com/advisories/30161 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1 SuSE Security Announcement: SUSE-SA:2008:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html https://usn.ubuntu.com/571-1/ http://www.vupen.com/english/advisories/2008/0179 http://www.vupen.com/english/advisories/2008/0184 http://www.vupen.com/english/advisories/2008/0497/references XForce ISS Database: xorg-xfree86misc-code-execution(39766) https://exchange.xforce.ibmcloud.com/vulnerabilities/39766 Common Vulnerability Exposure (CVE) ID: CVE-2007-5958 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 27356 http://www.securityfocus.com/bid/27356 https://www.exploit-db.com/exploits/5152 HPdes Security Advisory: HPSBUX02381 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 HPdes Security Advisory: SSRT080083 http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10991 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5393 http://www.redhat.com/support/errata/RHSA-2008-0029.html http://secunia.com/advisories/28542 http://secunia.com/advisories/28997 http://secunia.com/advisories/29420 http://secunia.com/advisories/29622 http://secunia.com/advisories/32545 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103205-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-230901-1 SuSE Security Announcement: SUSE-SR:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/3000 XForce ISS Database: xorg-xsp-information-disclosure(39769) https://exchange.xforce.ibmcloud.com/vulnerabilities/39769 Common Vulnerability Exposure (CVE) ID: CVE-2007-6427 BugTraq ID: 27351 http://www.securityfocus.com/bid/27351 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=643 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10372 http://secunia.com/advisories/28838 http://secunia.com/advisories/29139 SuSE Security Announcement: SUSE-SR:2008:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://www.vupen.com/english/advisories/2008/0703 XForce ISS Database: xorg-xinput-code-execution(39759) https://exchange.xforce.ibmcloud.com/vulnerabilities/39759 Common Vulnerability Exposure (CVE) ID: CVE-2007-6428 BugTraq ID: 27355 http://www.securityfocus.com/bid/27355 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=644 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11754 XForce ISS Database: xorg-togcup-information-disclosure(39761) https://exchange.xforce.ibmcloud.com/vulnerabilities/39761 Common Vulnerability Exposure (CVE) ID: CVE-2007-6429 BugTraq ID: 27350 http://www.securityfocus.com/bid/27350 BugTraq ID: 27353 http://www.securityfocus.com/bid/27353 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045 XForce ISS Database: xorg-evi-bo(39763) https://exchange.xforce.ibmcloud.com/vulnerabilities/39763 XForce ISS Database: xorg-mitshm-overflow(39764) https://exchange.xforce.ibmcloud.com/vulnerabilities/39764 Common Vulnerability Exposure (CVE) ID: CVE-2008-0006 BugTraq ID: 27352 http://www.securityfocus.com/bid/27352 CERT/CC vulnerability note: VU#203220 http://www.kb.cert.org/vuls/id/203220 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00674.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00771.html http://jvn.jp/en/jp/JVN88935101/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001043.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10021 http://www.redhat.com/support/errata/RHSA-2008-0064.html http://secunia.com/advisories/28500 http://secunia.com/advisories/28544 http://secunia.com/advisories/28571 http://secunia.com/advisories/28621 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103192-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-201230-1 XForce ISS Database: xorg-pcffont-bo(39767) https://exchange.xforce.ibmcloud.com/vulnerabilities/39767
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.