Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2021 Tenable Network Security, Inc.SUSE9_12612.NASL
HistoryJul 09, 2010 - 12:00 a.m.

SuSE9 Security Update : XFree86 (YOU Patch Number 12612)

2010-07-0900:00:00
This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.
www.tenable.com
12

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.8%

JSON

X clients could cause a memory corruption in the X Render extension which crashes the X server (CVE-2010-1166). This has been fixed.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(47688);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2010-1166");

  script_name(english:"SuSE9 Security Update : XFree86 (YOU Patch Number 12612)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 9 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"X clients could cause a memory corruption in the X Render extension
which crashes the X server (CVE-2010-1166). This has been fixed."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-1166.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12612.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/04/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/09");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SUSE9", reference:"XFree86-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-Mesa-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-Mesa-devel-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-Xnest-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-Xprt-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-Xvfb-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-Xvnc-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-devel-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-doc-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-driver-options-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-fonts-100dpi-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-fonts-75dpi-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-fonts-cyrillic-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-fonts-scalable-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-fonts-syriac-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-libs-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-man-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-server-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"XFree86-server-glx-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", reference:"km_drm-4.3.99.902-43.100")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"XFree86-Mesa-32bit-9-201004201452")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"XFree86-Mesa-devel-32bit-9-201004201452")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"XFree86-devel-32bit-9-201004201452")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"XFree86-libs-32bit-9-201004201452")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

Related

nessus 11
openvas 8
redhat 1
ubuntucve 1
cve 1
oraclelinux 2
centos 1
cvelist 1
veracode 1
securityvulns 2
prion 1
debiancve 1
nvd 1
ubuntu 1
nessus
nessus
CentOS 5 : xorg-x11-server (CESA-2010:0382)
2010-06-01 00:00:00
openSUSE Security Update : xorg-x11-Xvnc (openSUSE-SU-2010:0583-1)
2010-09-08 00:00:00
SuSE 10 Security Update : xorg-x11 (ZYPP Patch Number 7002)
2010-10-11 00:00:00
openvas
openvas
CentOS Update for xorg-x11-server-sdk CESA-2010:0382 centos5 i386
2011-08-09 00:00:00
RedHat Update for xorg-x11-server RHSA-2010:0382-01
2010-04-30 00:00:00
Oracle: Security Advisory (ELSA-2010-0382)
2015-10-06 00:00:00
redhat
redhat
(RHSA-2010:0382) Important: xorg-x11-server security update
2010-04-28 00:00:00
ubuntucve
ubuntucve
CVE-2010-1166
2010-04-29 00:00:00
cve
cve
CVE-2010-1166
2010-04-29 21:30:00
oraclelinux
oraclelinux
xorg-x11-server security update
2010-04-28 00:00:00
xorg-x11-server security and bug fix update
2012-03-01 00:00:00
centos
centos
xorg security update
2010-05-28 10:43:32
cvelist
cvelist
CVE-2010-1166
2010-04-29 21:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:47
securityvulns
securityvulns
X.Org X11R7 memory corruption
2010-05-21 00:00:00
[Suspected Spam][USN-939-1] X.org vulnerabilities
2010-05-21 00:00:00
prion
prion
Memory corruption
2010-04-29 21:30:00
debiancve
debiancve
CVE-2010-1166
2010-04-29 21:30:00
nvd
nvd
CVE-2010-1166
2010-04-29 21:30:00
ubuntu
ubuntu
X.org vulnerabilities
2010-05-18 00:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.8%

JSON
Related for SUSE9_12612.NASL
nessus11openvas8redhat1ubuntucve1cve1oraclelinux2centos1cvelist1veracode1securityvulns2prion1debiancve1nvd1ubuntu1