English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.61190
Kategorie:FreeBSD Local Security Checks
Titel:FreeBSD Ports: xorg-server
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to the system
as announced in the referenced advisory.

The following package is affected: xorg-server

CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients
functions in the Record extension and the (3)
SProcSecurityGenerateAuthorization function in the Security extension
in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers
to execute arbitrary code via requests with crafted length values that
specify an arbitrary number of bytes to be swapped on the heap, which
triggers heap corruption.

CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM
extension in the X server 1.4 in X.Org X11R7.3 allows
context-dependent attackers to read arbitrary process memory via
crafted values for a Pixmap width and height.

CVE-2008-2360
Integer overflow in the AllocateGlyph function in the Render extension
in the X server 1.4 in X.Org X11R7.3 allows context-dependent
attackers to execute arbitrary code via unspecified request fields
that are used to calculate a heap buffer size, which triggers a
heap-based buffer overflow.

CVE-2008-2361
Integer overflow in the ProcRenderCreateCursor function in the Render
extension in the X server 1.4 in X.Org X11R7.3 allows
context-dependent attackers to cause a denial of service (daemon
crash) via unspecified request fields that are used to calculate a
glyph buffer size, which triggers a dereference of unmapped memory.

CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4
in X.Org X11R7.3 allow context-dependent attackers to execute
arbitrary code via a (1) SProcRenderCreateLinearGradient, (2)
SProcRenderCreateRadialGradient, or (3)
SProcRenderCreateConicalGradient request with an invalid field
specifying the number of bytes to swap in the request data, which
triggers heap memory corruption.

Solution:
Update your system with the appropriate patches or
software upgrades.

http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
http://secunia.com/advisories/30627/
http://www.vuxml.org/freebsd/800e8bd5-3acb-11dd-8842-001302a18722.html

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-1377
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Bugtraq: 20080620 rPSA-2008-0200-1 xorg-server (Google Search)
http://www.securityfocus.com/archive/1/493548/100/0/threaded
Bugtraq: 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search)
http://www.securityfocus.com/archive/1/493550/100/0/threaded
Debian Security Information: DSA-1595 (Google Search)
http://www.debian.org/security/2008/dsa-1595
http://security.gentoo.org/glsa/glsa-200806-07.xml
http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml
HPdes Security Advisory: HPSBUX02381
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321
HPdes Security Advisory: SSRT080083
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721
http://www.mandriva.com/security/advisories?name=MDVSA-2008:115
http://www.mandriva.com/security/advisories?name=MDVSA-2008:116
http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10109
RedHat Security Advisories: RHSA-2008:0502
http://rhn.redhat.com/errata/RHSA-2008-0502.html
http://www.redhat.com/support/errata/RHSA-2008-0503.html
RedHat Security Advisories: RHSA-2008:0504
http://rhn.redhat.com/errata/RHSA-2008-0504.html
RedHat Security Advisories: RHSA-2008:0512
http://rhn.redhat.com/errata/RHSA-2008-0512.html
http://securitytracker.com/id?1020247
http://secunia.com/advisories/30627
http://secunia.com/advisories/30628
http://secunia.com/advisories/30629
http://secunia.com/advisories/30630
http://secunia.com/advisories/30637
http://secunia.com/advisories/30659
http://secunia.com/advisories/30664
http://secunia.com/advisories/30666
http://secunia.com/advisories/30671
http://secunia.com/advisories/30715
http://secunia.com/advisories/30772
http://secunia.com/advisories/30809
http://secunia.com/advisories/30843
http://secunia.com/advisories/31025
http://secunia.com/advisories/31109
http://secunia.com/advisories/32099
http://secunia.com/advisories/32545
http://secunia.com/advisories/33937
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1
SuSE Security Announcement: SUSE-SA:2008:027 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
SuSE Security Announcement: SUSE-SR:2008:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://www.ubuntu.com/usn/usn-616-1
http://www.vupen.com/english/advisories/2008/1803
http://www.vupen.com/english/advisories/2008/1833
http://www.vupen.com/english/advisories/2008/1983/references
http://www.vupen.com/english/advisories/2008/3000
Common Vulnerability Exposure (CVE) ID: CVE-2008-1379
BugTraq ID: 29669
http://www.securityfocus.com/bid/29669
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722
http://www.mandriva.com/security/advisories?name=MDVSA-2008:179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966
http://securitytracker.com/id?1020246
XForce ISS Database: xorg-fbshmputimage-information-disclosure(43016)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43016
Common Vulnerability Exposure (CVE) ID: CVE-2008-2360
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=718
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9329
http://securitytracker.com/id?1020243
Common Vulnerability Exposure (CVE) ID: CVE-2008-2361
BugTraq ID: 29665
http://www.securityfocus.com/bid/29665
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=719
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8978
http://securitytracker.com/id?1020244
Common Vulnerability Exposure (CVE) ID: CVE-2008-2362
BugTraq ID: 29670
http://www.securityfocus.com/bid/29670
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246
http://securitytracker.com/id?1020245
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.