Lucene search
Fedora 8 : xorg-x11-server-1.3.0.0-39.fc8 (2008-0760)
🗓️ 27 Jan 2008 00:00:00Reported by This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus🔗 www.tenable.com👁 29 Views
Fedora 8 xorg-x11-server-1.3.0.0-39.fc8 security vulnerabilities and update
Show more
| Reporter | Title | Published | Views | Family All 193 |
|---|---|---|---|---|
 | X.Org X server and Xfont library: Multiple vulnerabilities | 20 Jan 200800:00 | – | gentoo |
 | SuSE Update for Xorg and XFree SUSE-SA:2008:003 | 23 Jan 200900:00 | – | openvas |
| Fedora Update for xorg-x11-server FEDORA-2008-0760 | 17 Feb 200900:00 | – | openvas |
| FreeBSD Ports: xorg-server | 4 Sep 200800:00 | – | openvas |
| Gentoo Security Advisory GLSA 200801-09 (xorg-server libXfont) | 24 Sep 200800:00 | – | openvas |
| Ubuntu Update for xorg-server regression USN-571-2 | 23 Mar 200900:00 | – | openvas |
| Fedora Update for xorg-x11-server FEDORA-2008-0831 | 17 Feb 200900:00 | – | openvas |
| Fedora Update for xorg-x11-server FEDORA-2008-0831 | 17 Feb 200900:00 | – | openvas |
| Ubuntu: Security Advisory (USN-571-2) | 23 Mar 200900:00 | – | openvas |
| Ubuntu: Security Advisory (USN-571-1) | 23 Mar 200900:00 | – | openvas |
10
10
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2008-0760.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(30073);
script_version("1.22");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2007-5760", "CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429", "CVE-2008-0006");
script_bugtraq_id(27350, 27351, 27352, 27353, 27354, 27355, 27356);
script_xref(name:"FEDORA", value:"2008-0760");
script_name(english:"Fedora 8 : xorg-x11-server-1.3.0.0-39.fc8 (2008-0760)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"CVE-2007-5760: XFree86-Misc Extension Invalid Array Index
Vulnerability CVE-2007-5958: Xorg / XFree86 file existence disclosure
vulnerability CVE-2007-6427: XInput Extension Memory Corruption
Vulnerability CVE-2007-6428: TOG-CUP Extension Memory Corruption
Vulnerability CVE-2007-6429: EVI and MIT-SHM Extension Integer
Overflow Vulnerability CVE-2008-0006: PCF Font Vulnerability - this
patch isn't strictly required with new version of libXfont.
Contains updated fix for MITSHM from ajax.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=391841"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=413721"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=413741"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=413791"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=413811"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=414031"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=429126"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006994.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?f3c8ee41"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_cwe_id(119, 189, 200, 362, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-Xdmx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-Xephyr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-Xnest");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-Xorg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-Xvfb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-sdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xorg-x11-server-source");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8");
script_set_attribute(attribute:"vuln_publication_date", value:"2008/01/18");
script_set_attribute(attribute:"patch_publication_date", value:"2008/01/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/01/27");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-Xdmx-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-Xephyr-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-Xnest-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-Xorg-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-Xvfb-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-debuginfo-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-sdk-1.3.0.0-39.fc8")) flag++;
if (rpm_check(release:"FC8", reference:"xorg-x11-server-source-1.3.0.0-39.fc8")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xorg-x11-server-Xdmx / xorg-x11-server-Xephyr / etc");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo27 Jan 2008 00:00Current
0.5Low risk
Vulners AI Score0.5
CVSS29.3
EPSS0.89