{"id": "SUSE_SU-2018-0338-1.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "SUSE SLED12 / SLES12 Security Update : libXdmcp (SUSE-SU-2018:0338-1)", "description": "This update for libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable (bsc#1025046)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2018-02-02T00:00:00", "modified": "2021-01-13T00:00:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/106579", "reporter": "This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.suse.com/security/cve/CVE-2017-2625/", "http://www.nessus.org/u?4542a144", "https://bugzilla.suse.com/show_bug.cgi?id=1025046", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2625"], "cvelist": ["CVE-2017-2625"], "immutableFields": [], "lastseen": "2021-08-19T12:33:51", "viewCount": 25, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2017:1865"]}, {"type": "cve", "idList": ["CVE-2017-2625"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2006-1:68876"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-2625"]}, {"type": "fedora", "idList": ["FEDORA:335966123D3F", "FEDORA:8A3986087653", "FEDORA:A19526042F15"]}, {"type": "freebsd", "idList": ["1B6A10E9-4B7B-11E9-9E89-54E1AD3D6335"]}, {"type": "gentoo", "idList": ["GLSA-201704-03"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2017-1865.NASL", "DEBIAN_DLA-2006.NASL", "EULEROS_SA-2017-1211.NASL", "EULEROS_SA-2017-1212.NASL", "EULEROS_SA-2020-2034.NASL", "FEDORA_2017-09F65E5E00.NASL", "FEDORA_2017-9A9328C159.NASL", "FEDORA_2017-BCB1999E65.NASL", "FREEBSD_PKG_1B6A10E94B7B11E99E8954E1AD3D6335.NASL", "GENTOO_GLSA-201704-03.NASL", "OPENSUSE-2017-789.NASL", "ORACLELINUX_ELSA-2017-1865.NASL", "REDHAT-RHSA-2017-1865.NASL", "SL_20170801_X_ORG_X11_LIBRARIES_ON_SL7_X.NASL", "SUSE_SU-2017-1862-1.NASL", "SUSE_SU-2017-1868-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310871852", "OPENVAS:1361412562310872431", "OPENVAS:1361412562310872443", "OPENVAS:1361412562310892006", "OPENVAS:1361412562311220171211", "OPENVAS:1361412562311220171212"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-1865"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:141367"]}, {"type": "redhat", "idList": ["RHSA-2017:1865"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-2625"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-2625"]}, {"type": "zdt", "idList": ["1337DAY-ID-27167"]}], "rev": 4}, "score": {"value": 5.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2017:1865"]}, {"type": "cve", "idList": ["CVE-2017-2625"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2006-1:68876"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-2625"]}, {"type": "fedora", "idList": ["FEDORA:335966123D3F", "FEDORA:8A3986087653", "FEDORA:A19526042F15"]}, {"type": "freebsd", "idList": ["1B6A10E9-4B7B-11E9-9E89-54E1AD3D6335"]}, {"type": "gentoo", "idList": ["GLSA-201704-03"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2006.NASL", "FEDORA_2017-09F65E5E00.NASL", "FEDORA_2017-9A9328C159.NASL", "FEDORA_2017-BCB1999E65.NASL", "OPENSUSE-2017-789.NASL", "SUSE_SU-2017-1862-1.NASL", "SUSE_SU-2017-1868-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310872431", "OPENVAS:1361412562310872443"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:141367"]}, {"type": "redhat", "idList": ["RHSA-2017:1865"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-2625"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-2625"]}, {"type": "zdt", "idList": ["1337DAY-ID-27167"]}]}, "exploitation": null, "vulnersScore": 5.9}, "pluginID": "106579", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0338-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106579);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-2625\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libXdmcp (SUSE-SU-2018:0338-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM\n using libXdmcp might have used weak entropy, making the\n session keys predictable (bsc#1025046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-2625/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180338-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4542a144\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-236=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-236=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-236=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libXdmcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libXdmcp6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libXdmcp6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libXdmcp-debugsource-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libXdmcp6-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libXdmcp6-32bit-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libXdmcp6-debuginfo-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libXdmcp6-debuginfo-32bit-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libXdmcp-debugsource-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libXdmcp6-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libXdmcp6-32bit-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-1.1.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-32bit-1.1.1-12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:libXdmcp-debugsource", "p-cpe:/a:novell:suse_linux:libXdmcp6", "p-cpe:/a:novell:suse_linux:libXdmcp6-debuginfo", "cpe:/o:novell:suse_linux:12"], "solution": "To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-236=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-236=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-236=1\n\nTo bring your system up-to-date, use 'zypper patch'.", "nessusSeverity": "Low", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "4.4"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2018-02-01T00:00:00", "vulnerabilityPublicationDate": "2018-07-27T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"openvas": [{"lastseen": "2019-05-29T18:34:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-03T00:00:00", "type": "openvas", "title": "Fedora Update for libXdmcp FEDORA-2017-9a9328c159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872431", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libXdmcp FEDORA-2017-9a9328c159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872431\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-03 05:55:04 +0100 (Fri, 03 Mar 2017)\");\n script_cve_id(\"CVE-2017-2625\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libXdmcp FEDORA-2017-9a9328c159\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libXdmcp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libXdmcp on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-9a9328c159\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RIP43CVRBVTR5RKJEJ63TD66HWU5YBZ4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"libXdmcp\", rpm:\"libXdmcp~1.1.2~5.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-07T00:00:00", "type": "openvas", "title": "Fedora Update for libXdmcp FEDORA-2017-bcb1999e65", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872443", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872443", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libXdmcp FEDORA-2017-bcb1999e65\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872443\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-07 05:48:10 +0100 (Tue, 07 Mar 2017)\");\n script_cve_id(\"CVE-2017-2625\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libXdmcp FEDORA-2017-bcb1999e65\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libXdmcp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libXdmcp on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-bcb1999e65\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXDMU3HVIAW6BUUFWFYMDDI6XVF4GREG\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"libXdmcp\", rpm:\"libXdmcp~1.1.2~5.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-29T19:29:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-26T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for libxdmcp (DLA-2006-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310892006", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892006", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892006\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-2625\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-26 12:50:20 +0000 (Tue, 26 Nov 2019)\");\n script_name(\"Debian LTS: Security Advisory for libxdmcp (DLA-2006-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2006-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxdmcp'\n package(s) announced via the DLA-2006-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It has been found, that libxdmcp, an X11 Display Manager Control Protocol\nlibrary, uses weak entropy to generate keys.\n\nUsing arc4random_buf() from libbsd should avoid this flaw.\");\n\n script_tag(name:\"affected\", value:\"'libxdmcp' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n1:1.1.1-1+deb8u1.\n\nWe recommend that you upgrade your libxdmcp packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxdmcp-dev\", ver:\"1:1.1.1-1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxdmcp6\", ver:\"1:1.1.1-1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxdmcp6-dbg\", ver:\"1:1.1.1-1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:33:53", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171212", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171212", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1212\");\n script_version(\"2020-01-23T10:59:28+0000\");\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:59:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:59:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1212\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1212\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libXpm, libXdmcp, libICE' package(s) announced via the EulerOS-SA-2017-1212 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\nIt was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\nIt was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\");\n\n script_tag(name:\"affected\", value:\"'libXpm, libXdmcp, libICE' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libXpm\", rpm:\"libXpm~3.5.12~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libXpm-devel\", rpm:\"libXpm-devel~3.5.12~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libXdmcp\", rpm:\"libXdmcp~1.1.2~6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libICE\", rpm:\"libICE~1.0.9~9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libICE-devel\", rpm:\"libICE-devel~1.0.9~9\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:32:51", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171211", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1211\");\n script_version(\"2020-01-23T10:59:25+0000\");\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:59:25 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:59:25 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1211)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1211\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1211\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libXpm, libXdmcp, libICE' package(s) announced via the EulerOS-SA-2017-1211 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\nIt was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\nIt was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\");\n\n script_tag(name:\"affected\", value:\"'libXpm, libXdmcp, libICE' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libXpm\", rpm:\"libXpm~3.5.12~1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libXpm-devel\", rpm:\"libXpm-devel~3.5.12~1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libXdmcp\", rpm:\"libXdmcp~1.1.2~6\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libICE\", rpm:\"libICE~1.0.9~9\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libICE-devel\", rpm:\"libICE-devel~1.0.9~9\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "openvas", "title": "RedHat Update for X.org X11 libraries RHSA-2017:1865-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871852", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871852", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2017_1865-01_X.org_X11_libraries.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# RedHat Update for X.org X11 libraries RHSA-2017:1865-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871852\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 12:46:22 +0530 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for X.org X11 libraries RHSA-2017:1865-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'X.org X11 libraries'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The X11 (Xorg) libraries provide library\n routines that are used within all X Window applications. The following packages\n have been upgraded to a later upstream version: libX11 (1.6.5), libXaw (1.0.13),\n libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm\n (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst\n (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74),\n libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1),\n libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1),\n mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20),\n xorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670,\n BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ#1401676, BZ#1401677,\n BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681, BZ#1401682, BZ#1401683,\n BZ#1401685, BZ#1401690, BZ#1401752, BZ#1401753, BZ#1401754, BZ#1402560,\n BZ#1410477, BZ#1411390, BZ#1411392, BZ#1411393, BZ#1411452, BZ#1420224) Security\n Fix(es): * An integer overflow flaw leading to a heap-based buffer overflow was\n found in libXpm. An attacker could use this flaw to crash an application using\n libXpm via a specially crafted XPM file. (CVE-2016-10164) * It was discovered\n that libXdmcp used weak entropy to generate session keys. On a multi-user system\n using xdmcp, a local attacker could potentially use information available from\n the process list to brute force the key, allowing them to hijack other users'\n sessions. (CVE-2017-2625) * It was discovered that libICE used a weak entropy to\n generate keys. A local attacker could potentially use this flaw for session\n hijacking using the information available from the process list. (CVE-2017-2626)\n Red Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting\n CVE-2017-2625 and CVE-2017-2626. Additional Changes: For detailed information on\n changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes\n linked from the References section.\");\n script_tag(name:\"affected\", value:\"X.org X11 libraries on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:1865-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-August/msg00008.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libX11-common\", rpm:\"libX11-common~1.6.5~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwacom-data\", rpm:\"libwacom-data~0.24~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xkeyboard-config\", rpm:\"xkeyboard-config~2.20~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xorg-x11-proto-devel\", rpm:\"xorg-x11-proto-devel~7.7~20.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libICE\", rpm:\"libICE~1.0.9~9.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libICE-debuginfo\", rpm:\"libICE-debuginfo~1.0.9~9.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libICE-devel\", rpm:\"libICE-devel~1.0.9~9.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libX11\", rpm:\"libX11~1.6.5~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libX11-debuginfo\", rpm:\"libX11-debuginfo~1.6.5~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libX11-devel\", rpm:\"libX11-devel~1.6.5~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXaw\", rpm:\"libXaw~1.0.13~4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXaw-debuginfo\", rpm:\"libXaw-debuginfo~1.0.13~4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXaw-devel\", rpm:\"libXaw-devel~1.0.13~4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXcursor\", rpm:\"libXcursor~1.1.14~8.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXcursor-debuginfo\", rpm:\"libXcursor-debuginfo~1.1.14~8.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXcursor-devel\", rpm:\"libXcursor-devel~1.1.14~8.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXdmcp\", rpm:\"libXdmcp~1.1.2~6.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXdmcp-debuginfo\", rpm:\"libXdmcp-debuginfo~1.1.2~6.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfixes\", rpm:\"libXfixes~5.0.3~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfixes-debuginfo\", rpm:\"libXfixes-debuginfo~5.0.3~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfixes-devel\", rpm:\"libXfixes-devel~5.0.3~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.5.2~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont-debuginfo\", rpm:\"libXfont-debuginfo~1.5.2~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont2\", rpm:\"libXfont2~2.0.1~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont2-debuginfo\", rpm:\"libXfont2-debuginfo~2.0.1~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXi\", rpm:\"libXi~1.7.9~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXi-debuginfo\", rpm:\"libXi-debuginfo~1.7.9~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXi-devel\", rpm:\"libXi-devel~1.7.9~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXpm\", rpm:\"libXpm~3.5.12~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXpm-debuginfo\", rpm:\"libXpm-debuginfo~3.5.12~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXpm-devel\", rpm:\"libXpm-devel~3.5.12~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXrandr\", rpm:\"libXrandr~1.5.1~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXrandr-debuginfo\", rpm:\"libXrandr-debuginfo~1.5.1~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXrandr-devel\", rpm:\"libXrandr-devel~1.5.1~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXrender\", rpm:\"libXrender~0.9.10~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXrender-debuginfo\", rpm:\"libXrender-debuginfo~0.9.10~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXrender-devel\", rpm:\"libXrender-devel~0.9.10~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXt\", rpm:\"libXt~1.1.5~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXt-debuginfo\", rpm:\"libXt-debuginfo~1.1.5~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXt-devel\", rpm:\"libXt-devel~1.1.5~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXtst\", rpm:\"libXtst~1.2.3~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXtst-debuginfo\", rpm:\"libXtst-debuginfo~1.2.3~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXtst-devel\", rpm:\"libXtst-devel~1.2.3~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXv\", rpm:\"libXv~1.0.11~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXv-debuginfo\", rpm:\"libXv-debuginfo~1.0.11~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXv-devel\", rpm:\"libXv-devel~1.0.11~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXvMC\", rpm:\"libXvMC~1.0.10~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXvMC-debuginfo\", rpm:\"libXvMC-debuginfo~1.0.10~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXxf86vm\", rpm:\"libXxf86vm~1.1.4~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXxf86vm-debuginfo\", rpm:\"libXxf86vm-debuginfo~1.1.4~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXxf86vm-devel\", rpm:\"libXxf86vm-devel~1.1.4~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdrm\", rpm:\"libdrm~2.4.74~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdrm-debuginfo\", rpm:\"libdrm-debuginfo~2.4.74~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdrm-devel\", rpm:\"libdrm-devel~2.4.74~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libepoxy\", rpm:\"libepoxy~1.3.1~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libepoxy-debuginfo\", rpm:\"libepoxy-debuginfo~1.3.1~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libepoxy-devel\", rpm:\"libepoxy-devel~1.3.1~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libevdev\", rpm:\"libevdev~1.5.6~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libevdev-debuginfo\", rpm:\"libevdev-debuginfo~1.5.6~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libfontenc\", rpm:\"libfontenc~1.1.3~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libfontenc-debuginfo\", rpm:\"libfontenc-debuginfo~1.1.3~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libinput\", rpm:\"libinput~1.6.3~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libinput-debuginfo\", rpm:\"libinput-debuginfo~1.6.3~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvdpau\", rpm:\"libvdpau~1.1.1~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libvdpau-debuginfo\", rpm:\"libvdpau-debuginfo~1.1.1~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwacom\", rpm:\"libwacom~0.24~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwacom-debuginfo\", rpm:\"libwacom-debuginfo~0.24~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxcb\", rpm:\"libxcb~1.12~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxcb-debuginfo\", rpm:\"libxcb-debuginfo~1.12~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxcb-devel\", rpm:\"libxcb-devel~1.12~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxkbcommon\", rpm:\"libxkbcommon~0.7.1~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxkbcommon-debuginfo\", rpm:\"libxkbcommon-debuginfo~0.7.1~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxkbcommon-x11\", rpm:\"libxkbcommon-x11~0.7.1~1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxkbfile\", rpm:\"libxkbfile~1.0.9~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxkbfile-debuginfo\", rpm:\"libxkbfile-debuginfo~1.0.9~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxkbfile-devel\", rpm:\"libxkbfile-devel~1.0.9~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-debuginfo\", rpm:\"mesa-debuginfo~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-dri-drivers\", rpm:\"mesa-dri-drivers~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-filesystem\", rpm:\"mesa-filesystem~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libEGL\", rpm:\"mesa-libEGL~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libEGL-devel\", rpm:\"mesa-libEGL-devel~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libGL\", rpm:\"mesa-libGL~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libGL-devel\", rpm:\"mesa-libGL-devel~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libGLES\", rpm:\"mesa-libGLES~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libgbm\", rpm:\"mesa-libgbm~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libglapi\", rpm:\"mesa-libglapi~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-libxatracker\", rpm:\"mesa-libxatracker~17.0.1~6.20170307.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-private-llvm\", rpm:\"mesa-private-llvm~3.9.1~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mesa-private-llvm-debuginfo\", rpm:\"mesa-private-llvm-debuginfo~3.9.1~3.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:36:05", "description": "This update for xorg-x11-libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable (bsc#1025046)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : xorg-x11-libXdmcp (SUSE-SU-2017:1868-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xorg-x11-libXdmcp", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-1868-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101767", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1868-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101767);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-2625\");\n\n script_name(english:\"SUSE SLES11 Security Update : xorg-x11-libXdmcp (SUSE-SU-2017:1868-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xorg-x11-libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM\n using libXdmcp might have used weak entropy, making the\n session keys predictable (bsc#1025046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-2625/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171868-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0c38947e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-xorg-x11-libXdmcp-13209=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-xorg-x11-libXdmcp-13209=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-xorg-x11-libXdmcp-13209=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xorg-x11-libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xorg-x11-libXdmcp-32bit-7.4-3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"xorg-x11-libXdmcp-32bit-7.4-3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"xorg-x11-libXdmcp-7.4-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xorg-x11-libXdmcp\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:28:01", "description": "The freedesktop and x.org project reports :\n\nIt was discovered that libXdmcp before 1.1.3 used weak entropy to generate session keys on platforms without arc4random_buf() but with getentropy(). On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.\n\nPlease note, that since FreeBSD provides arc4random_buf(), it is unknown if FreeBSD is affected by this vulnerability", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-03-21T00:00:00", "type": "nessus", "title": "FreeBSD : libXdmcp -- insufficient entropy generating session keys (1b6a10e9-4b7b-11e9-9e89-54e1ad3d6335)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libXdmcp", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1B6A10E94B7B11E99E8954E1AD3D6335.NASL", "href": "https://www.tenable.com/plugins/nessus/122987", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122987);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2017-2625\");\n\n script_name(english:\"FreeBSD : libXdmcp -- insufficient entropy generating session keys (1b6a10e9-4b7b-11e9-9e89-54e1ad3d6335)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The freedesktop and x.org project reports :\n\nIt was discovered that libXdmcp before 1.1.3 used weak entropy to\ngenerate session keys on platforms without arc4random_buf() but with\ngetentropy(). On a multi-user system using xdmcp, a local attacker\ncould potentially use information available from the process list to\nbrute force the key, allowing them to hijack other users' sessions.\n\nPlease note, that since FreeBSD provides arc4random_buf(), it is\nunknown if FreeBSD is affected by this vulnerability\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.x.org/archives/xorg-announce/2019-March/002974.html\"\n );\n # https://vuxml.freebsd.org/freebsd/1b6a10e9-4b7b-11e9-9e89-54e1ad3d6335.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eb3b40c4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libXdmcp<1.1.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:37:44", "description": "Security fix for CVE-2017-2625\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-03-03T00:00:00", "type": "nessus", "title": "Fedora 25 : libXdmcp (2017-9a9328c159)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libXdmcp", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-9A9328C159.NASL", "href": "https://www.tenable.com/plugins/nessus/97502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-9a9328c159.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97502);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-2625\");\n script_xref(name:\"FEDORA\", value:\"2017-9a9328c159\");\n\n script_name(english:\"Fedora 25 : libXdmcp (2017-9a9328c159)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-2625\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a9328c159\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libXdmcp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"libXdmcp-1.1.2-5.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:36:20", "description": "This update for libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable (boo#1025046)", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-07-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libXdmcp (openSUSE-2017-789)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libXdmcp-debugsource", "p-cpe:/a:novell:opensuse:libXdmcp-devel", "p-cpe:/a:novell:opensuse:libXdmcp-devel-32bit", "p-cpe:/a:novell:opensuse:libXdmcp6", "p-cpe:/a:novell:opensuse:libXdmcp6-32bit", "p-cpe:/a:novell:opensuse:libXdmcp6-debuginfo", "p-cpe:/a:novell:opensuse:libXdmcp6-debuginfo-32bit", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-789.NASL", "href": "https://www.tenable.com/plugins/nessus/101286", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-789.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101286);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-2625\");\n\n script_name(english:\"openSUSE Security Update : libXdmcp (openSUSE-2017-789)\");\n script_summary(english:\"Check for the openSUSE-2017-789 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM\n using libXdmcp might have used weak entropy, making the\n session keys predictable (boo#1025046)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1025046\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libXdmcp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libXdmcp6-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libXdmcp-debugsource-1.1.2-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libXdmcp-devel-1.1.2-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libXdmcp6-1.1.2-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libXdmcp6-debuginfo-1.1.2-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libXdmcp-devel-32bit-1.1.2-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libXdmcp6-32bit-1.1.2-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-32bit-1.1.2-3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp-debugsource / libXdmcp-devel / libXdmcp-devel-32bit / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:18:29", "description": "It has been found, that libxdmcp, an X11 Display Manager Control Protocol library, uses weak entropy to generate keys.\n\nUsing arc4random_buf() from libbsd should avoid this flaw.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 1:1.1.1-1+deb8u1.\n\nWe recommend that you upgrade your libxdmcp packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-11-26T00:00:00", "type": "nessus", "title": "Debian DLA-2006-1 : libxdmcp security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxdmcp-dev", "p-cpe:/a:debian:debian_linux:libxdmcp6", "p-cpe:/a:debian:debian_linux:libxdmcp6-dbg", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2006.NASL", "href": "https://www.tenable.com/plugins/nessus/131291", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2006-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131291);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-2625\");\n\n script_name(english:\"Debian DLA-2006-1 : libxdmcp security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It has been found, that libxdmcp, an X11 Display Manager Control\nProtocol library, uses weak entropy to generate keys.\n\nUsing arc4random_buf() from libbsd should avoid this flaw.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n1:1.1.1-1+deb8u1.\n\nWe recommend that you upgrade your libxdmcp packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxdmcp\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxdmcp-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxdmcp6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxdmcp6-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libxdmcp-dev\", reference:\"1:1.1.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxdmcp6\", reference:\"1:1.1.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxdmcp6-dbg\", reference:\"1:1.1.1-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:36:14", "description": "Security fix for CVE-2017-2625\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : libXdmcp (2017-09f65e5e00)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libXdmcp", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-09F65E5E00.NASL", "href": "https://www.tenable.com/plugins/nessus/101569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-09f65e5e00.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101569);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-2625\");\n script_xref(name:\"FEDORA\", value:\"2017-09f65e5e00\");\n\n script_name(english:\"Fedora 26 : libXdmcp (2017-09f65e5e00)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-2625\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-09f65e5e00\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libXdmcp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"libXdmcp-1.1.2-5.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:37:45", "description": "Security fix for CVE-2017-2625\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-03-06T00:00:00", "type": "nessus", "title": "Fedora 24 : libXdmcp (2017-bcb1999e65)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libXdmcp", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-BCB1999E65.NASL", "href": "https://www.tenable.com/plugins/nessus/97538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-bcb1999e65.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97538);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-2625\");\n script_xref(name:\"FEDORA\", value:\"2017-bcb1999e65\");\n\n script_name(english:\"Fedora 24 : libXdmcp (2017-bcb1999e65)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-2625\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcb1999e65\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libXdmcp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"libXdmcp-1.1.2-5.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:12:50", "description": "According to the version of the libXdmcp package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.(CVE-2017-2625)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-09-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : libXdmcp (EulerOS-SA-2020-2034)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libXdmcp", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-2034.NASL", "href": "https://www.tenable.com/plugins/nessus/140982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140982);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-2625\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : libXdmcp (EulerOS-SA-2020-2034)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libXdmcp package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - It was discovered that libXdmcp used weak entropy to\n generate session keys. On a multi-user system using\n xdmcp, a local attacker could potentially use\n information available from the process list to brute\n force the key, allowing them to hijack other users'\n sessions.(CVE-2017-2625)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2034\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?80023d91\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libXdmcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libXdmcp-1.1.2-12.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:36:10", "description": "This update for libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable (bsc#1025046)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libXdmcp (SUSE-SU-2017:1862-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2625"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libXdmcp-debugsource", "p-cpe:/a:novell:suse_linux:libXdmcp6", "p-cpe:/a:novell:suse_linux:libXdmcp6-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1862-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101766", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1862-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101766);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-2625\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libXdmcp (SUSE-SU-2017:1862-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libXdmcp fixes the following issues :\n\n - CVE-2017-2625: The generation of session key in XDM\n using libXdmcp might have used weak entropy, making the\n session keys predictable (bsc#1025046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-2625/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171862-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7503a4f4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-1153=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-1153=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-1153=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-1153=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libXdmcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libXdmcp6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libXdmcp6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp-debugsource-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-32bit-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-32bit-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp-debugsource-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-32bit-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-1.1.1-10.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libXdmcp6-debuginfo-32bit-1.1.1-10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXdmcp\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:35:36", "description": "According to the versions of the libXpm, libXdmcp, libICE packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\n - It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\n - It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-09-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : libXpm, libXdmcp, libICE (EulerOS-SA-2017-1211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libICE", "p-cpe:/a:huawei:euleros:libICE-devel", "p-cpe:/a:huawei:euleros:libXdmcp", "p-cpe:/a:huawei:euleros:libXpm", "p-cpe:/a:huawei:euleros:libXpm-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1211.NASL", "href": "https://www.tenable.com/plugins/nessus/103069", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103069);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10164\",\n \"CVE-2017-2625\",\n \"CVE-2017-2626\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : libXpm, libXdmcp, libICE (EulerOS-SA-2017-1211)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libXpm, libXdmcp, libICE packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An integer overflow flaw leading to a heap-based buffer\n overflow was found in libXpm. An attacker could use\n this flaw to crash an application using libXpm via a\n specially crafted XPM file. (CVE-2016-10164)\n\n - It was discovered that libXdmcp used weak entropy to\n generate session keys. On a multi-user system using\n xdmcp, a local attacker could potentially use\n information available from the process list to brute\n force the key, allowing them to hijack other users'\n sessions. (CVE-2017-2625)\n\n - It was discovered that libICE used a weak entropy to\n generate keys. A local attacker could potentially use\n this flaw for session hijacking using the information\n available from the process list. (CVE-2017-2626)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1211\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0a4ec347\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libXpm, libXdmcp, libICE packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libICE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libICE-1.0.9-9\",\n \"libICE-devel-1.0.9-9\",\n \"libXdmcp-1.1.2-6\",\n \"libXpm-3.5.12-1\",\n \"libXpm-devel-3.5.12-1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXpm, libXdmcp, libICE\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:35:34", "description": "An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe X11 (Xorg) libraries provide library routines that are used within all X Window applications.\n\nThe following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ# 1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681, BZ# 1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752, BZ#1401753, BZ# 1401754, BZ#1402560, BZ#1410477, BZ#1411390, BZ#1411392, BZ#1411393, BZ# 1411452, BZ#1420224)\n\nSecurity Fix(es) :\n\n* An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file.\n(CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.\n(CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys.\nA local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-25T00:00:00", "type": "nessus", "title": "CentOS 7 : libICE / libX11 / libXaw / libXcursor / libXdmcp / libXfixes / libXfont / libXfont2 / etc (CESA-2017:1865)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:drm-utils", "p-cpe:/a:centos:centos:libICE", "p-cpe:/a:centos:centos:libICE-devel", "p-cpe:/a:centos:centos:libX11", "p-cpe:/a:centos:centos:libX11-common", "p-cpe:/a:centos:centos:libX11-devel", "p-cpe:/a:centos:centos:libXaw", "p-cpe:/a:centos:centos:libXaw-devel", "p-cpe:/a:centos:centos:libXcursor", "p-cpe:/a:centos:centos:libXcursor-devel", "p-cpe:/a:centos:centos:libXdmcp", "p-cpe:/a:centos:centos:libXdmcp-devel", "p-cpe:/a:centos:centos:libXfixes", "p-cpe:/a:centos:centos:libXfixes-devel", "p-cpe:/a:centos:centos:libXfont", "p-cpe:/a:centos:centos:libXfont-devel", "p-cpe:/a:centos:centos:libXfont2", "p-cpe:/a:centos:centos:libXfont2-devel", "p-cpe:/a:centos:centos:libXi", "p-cpe:/a:centos:centos:libXi-devel", "p-cpe:/a:centos:centos:libXpm", "p-cpe:/a:centos:centos:libXpm-devel", "p-cpe:/a:centos:centos:libXrandr", "p-cpe:/a:centos:centos:libXrandr-devel", "p-cpe:/a:centos:centos:libXrender", "p-cpe:/a:centos:centos:libXrender-devel", "p-cpe:/a:centos:centos:libXt", "p-cpe:/a:centos:centos:libXt-devel", "p-cpe:/a:centos:centos:libXtst", "p-cpe:/a:centos:centos:libXtst-devel", "p-cpe:/a:centos:centos:libXv", "p-cpe:/a:centos:centos:libXv-devel", "p-cpe:/a:centos:centos:libXvMC", "p-cpe:/a:centos:centos:libXvMC-devel", "p-cpe:/a:centos:centos:libXxf86vm", "p-cpe:/a:centos:centos:libXxf86vm-devel", "p-cpe:/a:centos:centos:libdrm", "p-cpe:/a:centos:centos:libdrm-devel", "p-cpe:/a:centos:centos:libepoxy", "p-cpe:/a:centos:centos:libepoxy-devel", "p-cpe:/a:centos:centos:libevdev", "p-cpe:/a:centos:centos:libevdev-devel", "p-cpe:/a:centos:centos:libevdev-utils", "p-cpe:/a:centos:centos:libfontenc", "p-cpe:/a:centos:centos:libfontenc-devel", "p-cpe:/a:centos:centos:libinput", "p-cpe:/a:centos:centos:libinput-devel", "p-cpe:/a:centos:centos:libvdpau", "p-cpe:/a:centos:centos:libvdpau-devel", "p-cpe:/a:centos:centos:libvdpau-docs", "p-cpe:/a:centos:centos:libwacom", "p-cpe:/a:centos:centos:libwacom-data", "p-cpe:/a:centos:centos:libwacom-devel", "p-cpe:/a:centos:centos:libxcb", "p-cpe:/a:centos:centos:libxcb-devel", "p-cpe:/a:centos:centos:libxcb-doc", "p-cpe:/a:centos:centos:libxkbcommon", "p-cpe:/a:centos:centos:libxkbcommon-devel", "p-cpe:/a:centos:centos:libxkbcommon-x11", "p-cpe:/a:centos:centos:libxkbcommon-x11-devel", "p-cpe:/a:centos:centos:libxkbfile", "p-cpe:/a:centos:centos:libxkbfile-devel", "p-cpe:/a:centos:centos:mesa-dri-drivers", "p-cpe:/a:centos:centos:mesa-filesystem", "p-cpe:/a:centos:centos:mesa-libEGL", "p-cpe:/a:centos:centos:mesa-libEGL-devel", "p-cpe:/a:centos:centos:mesa-libGL", "p-cpe:/a:centos:centos:mesa-libGL-devel", "p-cpe:/a:centos:centos:mesa-libGLES", "p-cpe:/a:centos:centos:mesa-libGLES-devel", "p-cpe:/a:centos:centos:mesa-libOSMesa", "p-cpe:/a:centos:centos:mesa-libOSMesa-devel", "p-cpe:/a:centos:centos:mesa-libgbm", "p-cpe:/a:centos:centos:mesa-libgbm-devel", "p-cpe:/a:centos:centos:mesa-libglapi", "p-cpe:/a:centos:centos:mesa-libxatracker", "p-cpe:/a:centos:centos:mesa-libxatracker-devel", "p-cpe:/a:centos:centos:mesa-private-llvm", "p-cpe:/a:centos:centos:mesa-private-llvm-devel", "p-cpe:/a:centos:centos:mesa-vdpau-drivers", "p-cpe:/a:centos:centos:mesa-vulkan-drivers", "p-cpe:/a:centos:centos:vulkan", "p-cpe:/a:centos:centos:vulkan-devel", "p-cpe:/a:centos:centos:vulkan-filesystem", "p-cpe:/a:centos:centos:xcb-proto", "p-cpe:/a:centos:centos:xkeyboard-config", "p-cpe:/a:centos:centos:xkeyboard-config-devel", "p-cpe:/a:centos:centos:xorg-x11-proto-devel", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2017-1865.NASL", "href": "https://www.tenable.com/plugins/nessus/102740", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1865 and \n# CentOS Errata and Security Advisory 2017:1865 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102740);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_xref(name:\"RHSA\", value:\"2017:1865\");\n\n script_name(english:\"CentOS 7 : libICE / libX11 / libXaw / libXcursor / libXdmcp / libXfixes / libXfont / libXfont2 / etc (CESA-2017:1865)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe X11 (Xorg) libraries provide library routines that are used within\nall X Window applications.\n\nThe following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3),\nlibXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1),\nlibXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11),\nlibXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy\n(1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1),\nlibwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1),\nmesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20),\nxorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669,\nBZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ#\n1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681,\nBZ# 1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752,\nBZ#1401753, BZ# 1401754, BZ#1402560, BZ#1410477, BZ#1411390,\nBZ#1411392, BZ#1411393, BZ# 1411452, BZ#1420224)\n\nSecurity Fix(es) :\n\n* An integer overflow flaw leading to a heap-based buffer overflow was\nfound in libXpm. An attacker could use this flaw to crash an\napplication using libXpm via a specially crafted XPM file.\n(CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate\nsession keys. On a multi-user system using xdmcp, a local attacker\ncould potentially use information available from the process list to\nbrute force the key, allowing them to hijack other users' sessions.\n(CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys.\nA local attacker could potentially use this flaw for session hijacking\nusing the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for\nreporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.4 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?166c5e9c\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004269.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ef14f4c\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004270.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9b9095bf\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004273.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?be206971\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004291.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42dd0d2a\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004293.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d1c2f35\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004329.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55e439ae\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004333.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f831a43\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004336.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f15140e2\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cc328e96\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004338.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bc6807e2\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004339.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6649d2ce\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004340.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fed46cd4\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004341.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6ad6a04\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004342.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3920b485\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004343.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e5332b3\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004344.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d283952\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004345.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d66f7d3a\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004346.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1c95ed42\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004347.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?176b1b32\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004348.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a6bf037\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004349.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c45f4b56\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004350.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ff41a9ad\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004351.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f895ff1\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004352.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11c36ee0\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004353.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?202286cf\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004354.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8751d95f\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?79e32cf4\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004375.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2822f355\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004608.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2b07ca9a\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004616.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f2c20b15\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004618.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?002a40e0\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2017-August/004639.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?809e61ea\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10164\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:drm-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libICE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libX11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libX11-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libX11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXcursor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXcursor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXdmcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfixes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfixes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfont2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfont2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXrandr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXrandr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXrender\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXrender-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXtst\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXtst-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXvMC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXvMC-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXxf86vm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXxf86vm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libdrm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libdrm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libepoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libepoxy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libevdev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libevdev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libevdev-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libfontenc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libfontenc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libinput\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libinput-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvdpau\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvdpau-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvdpau-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwacom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwacom-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libwacom-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxcb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxcb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxcb-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxkbcommon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxkbcommon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxkbcommon-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxkbcommon-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxkbfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxkbfile-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-dri-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libEGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libEGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libGLES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libGLES-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libOSMesa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libOSMesa-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libgbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libgbm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libglapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libxatracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-libxatracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-private-llvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-private-llvm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-vdpau-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mesa-vulkan-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vulkan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vulkan-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vulkan-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xcb-proto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xkeyboard-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xkeyboard-config-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-proto-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"drm-utils-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libICE-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libICE-devel-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libX11-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libX11-common-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libX11-devel-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXaw-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXaw-devel-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXcursor-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXcursor-devel-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXdmcp-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXdmcp-devel-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfixes-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfixes-devel-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfont-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfont-devel-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfont2-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfont2-devel-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXi-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXi-devel-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXpm-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXpm-devel-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXrandr-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXrandr-devel-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXrender-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXrender-devel-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXt-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXt-devel-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXtst-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXtst-devel-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXv-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXv-devel-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXvMC-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXvMC-devel-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXxf86vm-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXxf86vm-devel-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libdrm-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libdrm-devel-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libepoxy-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libepoxy-devel-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libevdev-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libevdev-devel-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libevdev-utils-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libfontenc-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libfontenc-devel-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libinput-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libinput-devel-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvdpau-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvdpau-devel-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvdpau-docs-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwacom-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwacom-data-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libwacom-devel-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxcb-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxcb-devel-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxcb-doc-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxkbcommon-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxkbcommon-devel-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxkbcommon-x11-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxkbcommon-x11-devel-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxkbfile-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxkbfile-devel-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-dri-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-filesystem-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libEGL-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libEGL-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libGL-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libGL-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libGLES-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libGLES-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libOSMesa-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libOSMesa-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libgbm-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libgbm-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libglapi-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-devel-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-vdpau-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mesa-vulkan-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"vulkan-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"vulkan-devel-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"vulkan-filesystem-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xcb-proto-1.12-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xkeyboard-config-2.20-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xkeyboard-config-devel-2.20-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xorg-x11-proto-devel-7.7-20.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drm-utils / libICE / libICE-devel / libX11 / libX11-common / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:35:56", "description": "An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe X11 (Xorg) libraries provide library routines that are used within all X Window applications.\n\nThe following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ# 1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681, BZ# 1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752, BZ#1401753, BZ# 1401754, BZ#1402560, BZ#1410477, BZ#1411390, BZ#1411392, BZ#1411393, BZ# 1411452, BZ#1420224)\n\nSecurity Fix(es) :\n\n* An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file.\n(CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.\n(CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys.\nA local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : X.org X11 libraries (RHSA-2017:1865)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:drm-utils", "p-cpe:/a:redhat:enterprise_linux:libICE", "p-cpe:/a:redhat:enterprise_linux:libICE-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libICE-devel", "p-cpe:/a:redhat:enterprise_linux:libX11", "p-cpe:/a:redhat:enterprise_linux:libX11-common", "p-cpe:/a:redhat:enterprise_linux:libX11-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libX11-devel", "p-cpe:/a:redhat:enterprise_linux:libXaw", "p-cpe:/a:redhat:enterprise_linux:libXaw-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXaw-devel", "p-cpe:/a:redhat:enterprise_linux:libXcursor", "p-cpe:/a:redhat:enterprise_linux:libXcursor-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXcursor-devel", "p-cpe:/a:redhat:enterprise_linux:libXdmcp", "p-cpe:/a:redhat:enterprise_linux:libXdmcp-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXdmcp-devel", "p-cpe:/a:redhat:enterprise_linux:libXfixes", "p-cpe:/a:redhat:enterprise_linux:libXfixes-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXfixes-devel", "p-cpe:/a:redhat:enterprise_linux:libXfont", "p-cpe:/a:redhat:enterprise_linux:libXfont-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXfont-devel", "p-cpe:/a:redhat:enterprise_linux:libXfont2", "p-cpe:/a:redhat:enterprise_linux:libXfont2-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXfont2-devel", "p-cpe:/a:redhat:enterprise_linux:libXi", "p-cpe:/a:redhat:enterprise_linux:libXi-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXi-devel", "p-cpe:/a:redhat:enterprise_linux:libXpm", "p-cpe:/a:redhat:enterprise_linux:libXpm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXpm-devel", "p-cpe:/a:redhat:enterprise_linux:libXrandr", "p-cpe:/a:redhat:enterprise_linux:libXrandr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXrandr-devel", "p-cpe:/a:redhat:enterprise_linux:libXrender", "p-cpe:/a:redhat:enterprise_linux:libXrender-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXrender-devel", "p-cpe:/a:redhat:enterprise_linux:libXt", "p-cpe:/a:redhat:enterprise_linux:libXt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXt-devel", "p-cpe:/a:redhat:enterprise_linux:libXtst", "p-cpe:/a:redhat:enterprise_linux:libXtst-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXtst-devel", "p-cpe:/a:redhat:enterprise_linux:libXv", "p-cpe:/a:redhat:enterprise_linux:libXv-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXv-devel", "p-cpe:/a:redhat:enterprise_linux:libXvMC", "p-cpe:/a:redhat:enterprise_linux:libXvMC-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXvMC-devel", "p-cpe:/a:redhat:enterprise_linux:libXxf86vm", "p-cpe:/a:redhat:enterprise_linux:libXxf86vm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libXxf86vm-devel", "p-cpe:/a:redhat:enterprise_linux:libdrm", "p-cpe:/a:redhat:enterprise_linux:libdrm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libdrm-devel", "p-cpe:/a:redhat:enterprise_linux:libepoxy", "p-cpe:/a:redhat:enterprise_linux:libepoxy-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libepoxy-devel", "p-cpe:/a:redhat:enterprise_linux:libevdev", "p-cpe:/a:redhat:enterprise_linux:libevdev-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libevdev-devel", "p-cpe:/a:redhat:enterprise_linux:libevdev-utils", "p-cpe:/a:redhat:enterprise_linux:libfontenc", "p-cpe:/a:redhat:enterprise_linux:libfontenc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libfontenc-devel", "p-cpe:/a:redhat:enterprise_linux:libinput", "p-cpe:/a:redhat:enterprise_linux:libinput-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libinput-devel", "p-cpe:/a:redhat:enterprise_linux:libvdpau", "p-cpe:/a:redhat:enterprise_linux:libvdpau-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libvdpau-devel", "p-cpe:/a:redhat:enterprise_linux:libvdpau-docs", "p-cpe:/a:redhat:enterprise_linux:libwacom", "p-cpe:/a:redhat:enterprise_linux:libwacom-data", "p-cpe:/a:redhat:enterprise_linux:libwacom-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libwacom-devel", "p-cpe:/a:redhat:enterprise_linux:libxcb", "p-cpe:/a:redhat:enterprise_linux:libxcb-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxcb-devel", "p-cpe:/a:redhat:enterprise_linux:libxcb-doc", "p-cpe:/a:redhat:enterprise_linux:libxkbcommon", "p-cpe:/a:redhat:enterprise_linux:libxkbcommon-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxkbcommon-devel", "p-cpe:/a:redhat:enterprise_linux:libxkbcommon-x11", "p-cpe:/a:redhat:enterprise_linux:libxkbcommon-x11-devel", "p-cpe:/a:redhat:enterprise_linux:libxkbfile", "p-cpe:/a:redhat:enterprise_linux:libxkbfile-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxkbfile-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mesa-dri-drivers", "p-cpe:/a:redhat:enterprise_linux:mesa-filesystem", "p-cpe:/a:redhat:enterprise_linux:mesa-libEGL", "p-cpe:/a:redhat:enterprise_linux:mesa-libEGL-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-libGL", "p-cpe:/a:redhat:enterprise_linux:mesa-libGL-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-libGLES", "p-cpe:/a:redhat:enterprise_linux:mesa-libGLES-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-libOSMesa", "p-cpe:/a:redhat:enterprise_linux:mesa-libOSMesa-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-libgbm", "p-cpe:/a:redhat:enterprise_linux:mesa-libgbm-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-libglapi", "p-cpe:/a:redhat:enterprise_linux:mesa-libxatracker", "p-cpe:/a:redhat:enterprise_linux:mesa-libxatracker-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-private-llvm", "p-cpe:/a:redhat:enterprise_linux:mesa-private-llvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mesa-private-llvm-devel", "p-cpe:/a:redhat:enterprise_linux:mesa-vulkan-drivers", "p-cpe:/a:redhat:enterprise_linux:vulkan", "p-cpe:/a:redhat:enterprise_linux:vulkan-debuginfo", "p-cpe:/a:redhat:enterprise_linux:vulkan-devel", "p-cpe:/a:redhat:enterprise_linux:vulkan-filesystem", "p-cpe:/a:redhat:enterprise_linux:xcb-proto", "p-cpe:/a:redhat:enterprise_linux:xkeyboard-config", "p-cpe:/a:redhat:enterprise_linux:xkeyboard-config-devel", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-proto-devel", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2017-1865.NASL", "href": "https://www.tenable.com/plugins/nessus/102147", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1865. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102147);\n script_version(\"3.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_xref(name:\"RHSA\", value:\"2017:1865\");\n\n script_name(english:\"RHEL 7 : X.org X11 libraries (RHSA-2017:1865)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe X11 (Xorg) libraries provide library routines that are used within\nall X Window applications.\n\nThe following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3),\nlibXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1),\nlibXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11),\nlibXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy\n(1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1),\nlibwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1),\nmesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20),\nxorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669,\nBZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ#\n1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681,\nBZ# 1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752,\nBZ#1401753, BZ# 1401754, BZ#1402560, BZ#1410477, BZ#1411390,\nBZ#1411392, BZ#1411393, BZ# 1411452, BZ#1420224)\n\nSecurity Fix(es) :\n\n* An integer overflow flaw leading to a heap-based buffer overflow was\nfound in libXpm. An attacker could use this flaw to crash an\napplication using libXpm via a specially crafted XPM file.\n(CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate\nsession keys. On a multi-user system using xdmcp, a local attacker\ncould potentially use information available from the process list to\nbrute force the key, allowing them to hijack other users' sessions.\n(CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys.\nA local attacker could potentially use this flaw for session hijacking\nusing the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for\nreporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.4 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-10164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2626\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:drm-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libICE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libICE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libX11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libX11-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libX11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libX11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXaw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXcursor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXcursor-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXcursor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXdmcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXdmcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfixes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfixes-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfixes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfont-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfont2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfont2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXfont2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXrandr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXrandr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXrandr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXrender\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXrender-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXrender-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXtst\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXtst-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXtst-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXvMC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXvMC-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXvMC-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXxf86vm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXxf86vm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libXxf86vm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libdrm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libdrm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libdrm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libepoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libepoxy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libepoxy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libevdev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libevdev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libevdev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libevdev-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libfontenc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libfontenc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libfontenc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libinput\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libinput-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libinput-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvdpau\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvdpau-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvdpau-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvdpau-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwacom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwacom-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwacom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwacom-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxcb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxcb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxcb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxcb-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbcommon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbcommon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbcommon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbcommon-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbcommon-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbfile-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxkbfile-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-dri-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libEGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libEGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libGLES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libGLES-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libOSMesa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libOSMesa-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libgbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libgbm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libglapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libxatracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-libxatracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-private-llvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-private-llvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-private-llvm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mesa-vulkan-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vulkan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vulkan-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vulkan-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vulkan-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xcb-proto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xkeyboard-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xkeyboard-config-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-proto-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1865\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"drm-utils-2.4.74-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"drm-utils-2.4.74-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libICE-1.0.9-9.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libICE-debuginfo-1.0.9-9.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libICE-devel-1.0.9-9.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libX11-1.6.5-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libX11-common-1.6.5-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libX11-debuginfo-1.6.5-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libX11-devel-1.6.5-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXaw-1.0.13-4.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXaw-debuginfo-1.0.13-4.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXaw-devel-1.0.13-4.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXcursor-1.1.14-8.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXcursor-debuginfo-1.1.14-8.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXcursor-devel-1.1.14-8.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXdmcp-1.1.2-6.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXdmcp-debuginfo-1.1.2-6.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXdmcp-devel-1.1.2-6.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfixes-5.0.3-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfixes-debuginfo-5.0.3-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfixes-devel-5.0.3-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfont-1.5.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfont-debuginfo-1.5.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfont-devel-1.5.2-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfont2-2.0.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfont2-debuginfo-2.0.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXfont2-devel-2.0.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXi-1.7.9-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXi-debuginfo-1.7.9-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXi-devel-1.7.9-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXpm-3.5.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXpm-debuginfo-3.5.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXpm-devel-3.5.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXrandr-1.5.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXrandr-debuginfo-1.5.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXrandr-devel-1.5.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXrender-0.9.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXrender-debuginfo-0.9.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXrender-devel-0.9.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXt-1.1.5-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXt-debuginfo-1.1.5-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXt-devel-1.1.5-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXtst-1.2.3-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXtst-debuginfo-1.2.3-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXtst-devel-1.2.3-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXv-1.0.11-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXv-debuginfo-1.0.11-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXv-devel-1.0.11-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libXvMC-1.0.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libXvMC-1.0.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libXvMC-debuginfo-1.0.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libXvMC-debuginfo-1.0.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libXvMC-devel-1.0.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libXvMC-devel-1.0.10-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXxf86vm-1.1.4-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXxf86vm-debuginfo-1.1.4-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libXxf86vm-devel-1.1.4-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libdrm-2.4.74-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libdrm-debuginfo-2.4.74-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libdrm-devel-2.4.74-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libepoxy-1.3.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libepoxy-debuginfo-1.3.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libepoxy-devel-1.3.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libevdev-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libevdev-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libevdev-debuginfo-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libevdev-debuginfo-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libevdev-devel-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libevdev-devel-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libevdev-utils-1.5.6-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libfontenc-1.1.3-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libfontenc-debuginfo-1.1.3-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libfontenc-devel-1.1.3-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libinput-1.6.3-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libinput-1.6.3-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libinput-debuginfo-1.6.3-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libinput-debuginfo-1.6.3-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libinput-devel-1.6.3-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libinput-devel-1.6.3-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libvdpau-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvdpau-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libvdpau-debuginfo-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvdpau-debuginfo-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"libvdpau-devel-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvdpau-devel-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libvdpau-docs-1.1.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwacom-0.24-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwacom-data-0.24-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwacom-debuginfo-0.24-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libwacom-devel-0.24-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxcb-1.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxcb-debuginfo-1.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxcb-devel-1.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxcb-doc-1.12-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbcommon-0.7.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbcommon-debuginfo-0.7.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbcommon-devel-0.7.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbcommon-x11-0.7.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbcommon-x11-devel-0.7.1-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbfile-1.0.9-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbfile-debuginfo-1.0.9-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxkbfile-devel-1.0.9-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-debuginfo-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-dri-drivers-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-filesystem-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libEGL-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libEGL-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libGL-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libGL-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libGLES-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libGLES-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libOSMesa-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libOSMesa-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libgbm-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libgbm-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"mesa-libglapi-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"mesa-libxatracker-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"mesa-libxatracker-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-devel-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"mesa-private-llvm-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"mesa-private-llvm-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"mesa-private-llvm-debuginfo-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"mesa-private-llvm-debuginfo-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-debuginfo-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"mesa-private-llvm-devel-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"mesa-private-llvm-devel-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-devel-3.9.1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mesa-vulkan-drivers-17.0.1-6.20170307.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"vulkan-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"vulkan-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"vulkan-debuginfo-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"vulkan-debuginfo-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"vulkan-devel-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"vulkan-devel-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"vulkan-filesystem-1.0.39.1-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xcb-proto-1.12-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xkeyboard-config-2.20-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xkeyboard-config-devel-2.20-1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xorg-x11-proto-devel-7.7-20.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drm-utils / libICE / libICE-debuginfo / libICE-devel / libX11 / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:35:36", "description": "According to the versions of the libXpm, libXdmcp, libICE packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\n - It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\n - It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-09-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libICE", "p-cpe:/a:huawei:euleros:libICE-devel", "p-cpe:/a:huawei:euleros:libXdmcp", "p-cpe:/a:huawei:euleros:libXpm", "p-cpe:/a:huawei:euleros:libXpm-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1212.NASL", "href": "https://www.tenable.com/plugins/nessus/103070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103070);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10164\",\n \"CVE-2017-2625\",\n \"CVE-2017-2626\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libXpm, libXdmcp, libICE packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An integer overflow flaw leading to a heap-based buffer\n overflow was found in libXpm. An attacker could use\n this flaw to crash an application using libXpm via a\n specially crafted XPM file. (CVE-2016-10164)\n\n - It was discovered that libXdmcp used weak entropy to\n generate session keys. On a multi-user system using\n xdmcp, a local attacker could potentially use\n information available from the process list to brute\n force the key, allowing them to hijack other users'\n sessions. (CVE-2017-2625)\n\n - It was discovered that libICE used a weak entropy to\n generate keys. A local attacker could potentially use\n this flaw for session hijacking using the information\n available from the process list. (CVE-2017-2626)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1212\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ef14cfcf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libXpm, libXdmcp, libICE packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libICE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libXpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libICE-1.0.9-9\",\n \"libICE-devel-1.0.9-9\",\n \"libXdmcp-1.1.2-6\",\n \"libXpm-3.5.12-1\",\n \"libXpm-devel-3.5.12-1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXpm, libXdmcp, libICE\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:35:59", "description": "The following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel (7.7).\n\nSecurity Fix(es) :\n\n - An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\n - It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\n - It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : X.org X11 libraries on SL7.x x86_64 (20170801)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:drm-utils", "p-cpe:/a:fermilab:scientific_linux:libICE", "p-cpe:/a:fermilab:scientific_linux:libICE-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libICE-devel", "p-cpe:/a:fermilab:scientific_linux:libX11", "p-cpe:/a:fermilab:scientific_linux:libX11-common", "p-cpe:/a:fermilab:scientific_linux:libX11-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libX11-devel", "p-cpe:/a:fermilab:scientific_linux:libXaw", "p-cpe:/a:fermilab:scientific_linux:libXaw-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXaw-devel", "p-cpe:/a:fermilab:scientific_linux:libXcursor", "p-cpe:/a:fermilab:scientific_linux:libXcursor-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXcursor-devel", "p-cpe:/a:fermilab:scientific_linux:libXdmcp", "p-cpe:/a:fermilab:scientific_linux:libXdmcp-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXdmcp-devel", "p-cpe:/a:fermilab:scientific_linux:libXfixes", "p-cpe:/a:fermilab:scientific_linux:libXfixes-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXfixes-devel", "p-cpe:/a:fermilab:scientific_linux:libXfont", "p-cpe:/a:fermilab:scientific_linux:libXfont-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXfont-devel", "p-cpe:/a:fermilab:scientific_linux:libXfont2", "p-cpe:/a:fermilab:scientific_linux:libXfont2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXfont2-devel", "p-cpe:/a:fermilab:scientific_linux:libXi", "p-cpe:/a:fermilab:scientific_linux:libXi-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXi-devel", "p-cpe:/a:fermilab:scientific_linux:libXpm", "p-cpe:/a:fermilab:scientific_linux:libXpm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXpm-devel", "p-cpe:/a:fermilab:scientific_linux:libXrandr", "p-cpe:/a:fermilab:scientific_linux:libXrandr-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXrandr-devel", "p-cpe:/a:fermilab:scientific_linux:libXrender", "p-cpe:/a:fermilab:scientific_linux:libXrender-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXrender-devel", "p-cpe:/a:fermilab:scientific_linux:libXt", "p-cpe:/a:fermilab:scientific_linux:libXt-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXt-devel", "p-cpe:/a:fermilab:scientific_linux:libXtst", "p-cpe:/a:fermilab:scientific_linux:libXtst-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXtst-devel", "p-cpe:/a:fermilab:scientific_linux:libXv", "p-cpe:/a:fermilab:scientific_linux:libXv-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXv-devel", "p-cpe:/a:fermilab:scientific_linux:libXvMC", "p-cpe:/a:fermilab:scientific_linux:libXvMC-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXvMC-devel", "p-cpe:/a:fermilab:scientific_linux:libXxf86vm", "p-cpe:/a:fermilab:scientific_linux:libXxf86vm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libXxf86vm-devel", "p-cpe:/a:fermilab:scientific_linux:libdrm", "p-cpe:/a:fermilab:scientific_linux:libdrm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libdrm-devel", "p-cpe:/a:fermilab:scientific_linux:libepoxy", "p-cpe:/a:fermilab:scientific_linux:libepoxy-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libepoxy-devel", "p-cpe:/a:fermilab:scientific_linux:libevdev", "p-cpe:/a:fermilab:scientific_linux:libevdev-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libevdev-devel", "p-cpe:/a:fermilab:scientific_linux:libevdev-utils", "p-cpe:/a:fermilab:scientific_linux:libfontenc", "p-cpe:/a:fermilab:scientific_linux:libfontenc-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libfontenc-devel", "p-cpe:/a:fermilab:scientific_linux:libinput", "p-cpe:/a:fermilab:scientific_linux:libinput-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libinput-devel", "p-cpe:/a:fermilab:scientific_linux:libvdpau", "p-cpe:/a:fermilab:scientific_linux:libvdpau-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libvdpau-devel", "p-cpe:/a:fermilab:scientific_linux:libvdpau-docs", "p-cpe:/a:fermilab:scientific_linux:libwacom", "p-cpe:/a:fermilab:scientific_linux:libwacom-data", "p-cpe:/a:fermilab:scientific_linux:libwacom-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libwacom-devel", "p-cpe:/a:fermilab:scientific_linux:libxcb", "p-cpe:/a:fermilab:scientific_linux:libxcb-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxcb-devel", "p-cpe:/a:fermilab:scientific_linux:libxcb-doc", "p-cpe:/a:fermilab:scientific_linux:libxkbcommon", "p-cpe:/a:fermilab:scientific_linux:libxkbcommon-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxkbcommon-devel", "p-cpe:/a:fermilab:scientific_linux:libxkbcommon-x11", "p-cpe:/a:fermilab:scientific_linux:libxkbcommon-x11-devel", "p-cpe:/a:fermilab:scientific_linux:libxkbfile", "p-cpe:/a:fermilab:scientific_linux:libxkbfile-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxkbfile-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-debuginfo", "p-cpe:/a:fermilab:scientific_linux:mesa-dri-drivers", "p-cpe:/a:fermilab:scientific_linux:mesa-filesystem", "p-cpe:/a:fermilab:scientific_linux:mesa-libEGL", "p-cpe:/a:fermilab:scientific_linux:mesa-libEGL-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-libGL", "p-cpe:/a:fermilab:scientific_linux:mesa-libGL-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-libGLES", "p-cpe:/a:fermilab:scientific_linux:mesa-libGLES-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-libOSMesa", "p-cpe:/a:fermilab:scientific_linux:mesa-libOSMesa-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-libgbm", "p-cpe:/a:fermilab:scientific_linux:mesa-libgbm-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-libglapi", "p-cpe:/a:fermilab:scientific_linux:mesa-libxatracker", "p-cpe:/a:fermilab:scientific_linux:mesa-libxatracker-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-private-llvm", "p-cpe:/a:fermilab:scientific_linux:mesa-private-llvm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:mesa-private-llvm-devel", "p-cpe:/a:fermilab:scientific_linux:mesa-vulkan-drivers", "p-cpe:/a:fermilab:scientific_linux:vulkan", "p-cpe:/a:fermilab:scientific_linux:vulkan-debuginfo", "p-cpe:/a:fermilab:scientific_linux:vulkan-devel", "p-cpe:/a:fermilab:scientific_linux:vulkan-filesystem", "p-cpe:/a:fermilab:scientific_linux:xcb-proto", "p-cpe:/a:fermilab:scientific_linux:xkeyboard-config", "p-cpe:/a:fermilab:scientific_linux:xkeyboard-config-devel", "p-cpe:/a:fermilab:scientific_linux:xorg-x11-proto-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170801_X_ORG_X11_LIBRARIES_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/102636", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102636);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n\n script_name(english:\"Scientific Linux Security Update : X.org X11 libraries on SL7.x x86_64 (20170801)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3),\nlibXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1),\nlibXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11),\nlibXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy\n(1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1),\nlibwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1),\nmesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20),\nxorg-x11-proto-devel (7.7).\n\nSecurity Fix(es) :\n\n - An integer overflow flaw leading to a heap-based buffer\n overflow was found in libXpm. An attacker could use this\n flaw to crash an application using libXpm via a\n specially crafted XPM file. (CVE-2016-10164)\n\n - It was discovered that libXdmcp used weak entropy to\n generate session keys. On a multi-user system using\n xdmcp, a local attacker could potentially use\n information available from the process list to brute\n force the key, allowing them to hijack other users'\n sessions. (CVE-2017-2625)\n\n - It was discovered that libICE used a weak entropy to\n generate keys. A local attacker could potentially use\n this flaw for session hijacking using the information\n available from the process list. (CVE-2017-2626)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1708&L=scientific-linux-errata&F=&S=&P=11032\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5a41ac0d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:drm-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libICE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libICE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libX11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libX11-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libX11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libX11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXaw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXcursor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXcursor-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXcursor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXdmcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXdmcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfixes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfixes-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfixes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfont-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfont2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfont2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXfont2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXrandr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXrandr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXrandr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXrender\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXrender-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXrender-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXtst\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXtst-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXtst-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXvMC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXvMC-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXvMC-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXxf86vm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXxf86vm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libXxf86vm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libdrm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libdrm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libdrm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libepoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libepoxy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libepoxy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libevdev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libevdev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libevdev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libevdev-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libfontenc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libfontenc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libfontenc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libinput\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libinput-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libinput-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvdpau\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvdpau-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvdpau-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvdpau-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwacom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwacom-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwacom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libwacom-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxcb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxcb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxcb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxcb-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbcommon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbcommon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbcommon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbcommon-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbcommon-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbfile-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxkbfile-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-dri-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libEGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libEGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libGLES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libGLES-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libOSMesa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libOSMesa-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libgbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libgbm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libglapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libxatracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-libxatracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-private-llvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-private-llvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-private-llvm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mesa-vulkan-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:vulkan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:vulkan-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:vulkan-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:vulkan-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xcb-proto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xkeyboard-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xkeyboard-config-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xorg-x11-proto-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"drm-utils-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libICE-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libICE-debuginfo-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libICE-devel-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libX11-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"libX11-common-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libX11-debuginfo-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libX11-devel-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXaw-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXaw-debuginfo-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXaw-devel-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXcursor-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXcursor-debuginfo-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXcursor-devel-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXdmcp-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXdmcp-debuginfo-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXdmcp-devel-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfixes-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfixes-debuginfo-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfixes-devel-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfont-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfont-debuginfo-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfont-devel-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfont2-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfont2-debuginfo-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXfont2-devel-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXi-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXi-debuginfo-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXi-devel-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXpm-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXpm-debuginfo-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXpm-devel-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXrandr-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXrandr-debuginfo-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXrandr-devel-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXrender-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXrender-debuginfo-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXrender-devel-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXt-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXt-debuginfo-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXt-devel-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXtst-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXtst-debuginfo-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXtst-devel-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXv-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXv-debuginfo-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXv-devel-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXvMC-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXvMC-debuginfo-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXvMC-devel-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXxf86vm-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXxf86vm-debuginfo-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libXxf86vm-devel-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libdrm-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libdrm-debuginfo-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libdrm-devel-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libepoxy-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libepoxy-debuginfo-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libepoxy-devel-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libevdev-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libevdev-debuginfo-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libevdev-devel-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libevdev-utils-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libfontenc-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libfontenc-debuginfo-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libfontenc-devel-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libinput-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libinput-debuginfo-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libinput-devel-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libvdpau-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libvdpau-debuginfo-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libvdpau-devel-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"libvdpau-docs-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwacom-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"libwacom-data-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwacom-debuginfo-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libwacom-devel-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxcb-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxcb-debuginfo-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxcb-devel-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"libxcb-doc-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbcommon-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbcommon-debuginfo-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbcommon-devel-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbcommon-x11-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbcommon-x11-devel-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbfile-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbfile-debuginfo-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxkbfile-devel-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-debuginfo-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-dri-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-filesystem-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libEGL-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libEGL-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libGL-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libGL-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libGLES-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libGLES-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libOSMesa-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libOSMesa-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libgbm-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libgbm-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libglapi-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-debuginfo-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-devel-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mesa-vulkan-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"vulkan-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"vulkan-debuginfo-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"vulkan-devel-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"vulkan-filesystem-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"xcb-proto-1.12-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"xkeyboard-config-2.20-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"xkeyboard-config-devel-2.20-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"xorg-x11-proto-devel-7.7-20.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drm-utils / libICE / libICE-debuginfo / libICE-devel / libX11 / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:35:43", "description": "From Red Hat Security Advisory 2017:1865 :\n\nAn update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe X11 (Xorg) libraries provide library routines that are used within all X Window applications.\n\nThe following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ# 1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681, BZ# 1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752, BZ#1401753, BZ# 1401754, BZ#1402560, BZ#1410477, BZ#1411390, BZ#1411392, BZ#1411393, BZ# 1411452, BZ#1420224)\n\nSecurity Fix(es) :\n\n* An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file.\n(CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.\n(CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys.\nA local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-10T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : X.org / X11 / libraries (ELSA-2017-1865)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:drm-utils", "p-cpe:/a:oracle:linux:libICE", "p-cpe:/a:oracle:linux:libICE-devel", "p-cpe:/a:oracle:linux:libX11", "p-cpe:/a:oracle:linux:libX11-common", "p-cpe:/a:oracle:linux:libX11-devel", "p-cpe:/a:oracle:linux:libXaw", "p-cpe:/a:oracle:linux:libXaw-devel", "p-cpe:/a:oracle:linux:libXcursor", "p-cpe:/a:oracle:linux:libXcursor-devel", "p-cpe:/a:oracle:linux:libXdmcp", "p-cpe:/a:oracle:linux:libXdmcp-devel", "p-cpe:/a:oracle:linux:libXfixes", "p-cpe:/a:oracle:linux:libXfixes-devel", "p-cpe:/a:oracle:linux:libXfont", "p-cpe:/a:oracle:linux:libXfont-devel", "p-cpe:/a:oracle:linux:libXfont2", "p-cpe:/a:oracle:linux:libXfont2-devel", "p-cpe:/a:oracle:linux:libXi", "p-cpe:/a:oracle:linux:libXi-devel", "p-cpe:/a:oracle:linux:libXpm", "p-cpe:/a:oracle:linux:libXpm-devel", "p-cpe:/a:oracle:linux:libXrandr", "p-cpe:/a:oracle:linux:libXrandr-devel", "p-cpe:/a:oracle:linux:libXrender", "p-cpe:/a:oracle:linux:libXrender-devel", "p-cpe:/a:oracle:linux:libXt", "p-cpe:/a:oracle:linux:libXt-devel", "p-cpe:/a:oracle:linux:libXtst", "p-cpe:/a:oracle:linux:libXtst-devel", "p-cpe:/a:oracle:linux:libXv", "p-cpe:/a:oracle:linux:libXv-devel", "p-cpe:/a:oracle:linux:libXvMC", "p-cpe:/a:oracle:linux:libXvMC-devel", "p-cpe:/a:oracle:linux:libXxf86vm", "p-cpe:/a:oracle:linux:libXxf86vm-devel", "p-cpe:/a:oracle:linux:libdrm", "p-cpe:/a:oracle:linux:libdrm-devel", "p-cpe:/a:oracle:linux:libepoxy", "p-cpe:/a:oracle:linux:libepoxy-devel", "p-cpe:/a:oracle:linux:libevdev", "p-cpe:/a:oracle:linux:libevdev-devel", "p-cpe:/a:oracle:linux:libevdev-utils", "p-cpe:/a:oracle:linux:libfontenc", "p-cpe:/a:oracle:linux:libfontenc-devel", "p-cpe:/a:oracle:linux:libinput", "p-cpe:/a:oracle:linux:libinput-devel", "p-cpe:/a:oracle:linux:libvdpau", "p-cpe:/a:oracle:linux:libvdpau-devel", "p-cpe:/a:oracle:linux:libvdpau-docs", "p-cpe:/a:oracle:linux:libwacom", "p-cpe:/a:oracle:linux:libwacom-data", "p-cpe:/a:oracle:linux:libwacom-devel", "p-cpe:/a:oracle:linux:libxcb", "p-cpe:/a:oracle:linux:libxcb-devel", "p-cpe:/a:oracle:linux:libxcb-doc", "p-cpe:/a:oracle:linux:libxkbcommon", "p-cpe:/a:oracle:linux:libxkbcommon-devel", "p-cpe:/a:oracle:linux:libxkbcommon-x11", "p-cpe:/a:oracle:linux:libxkbcommon-x11-devel", "p-cpe:/a:oracle:linux:libxkbfile", "p-cpe:/a:oracle:linux:libxkbfile-devel", "p-cpe:/a:oracle:linux:mesa-dri-drivers", "p-cpe:/a:oracle:linux:mesa-filesystem", "p-cpe:/a:oracle:linux:mesa-libEGL", "p-cpe:/a:oracle:linux:mesa-libEGL-devel", "p-cpe:/a:oracle:linux:mesa-libGL", "p-cpe:/a:oracle:linux:mesa-libGL-devel", "p-cpe:/a:oracle:linux:mesa-libGLES", "p-cpe:/a:oracle:linux:mesa-libGLES-devel", "p-cpe:/a:oracle:linux:mesa-libOSMesa", "p-cpe:/a:oracle:linux:mesa-libOSMesa-devel", "p-cpe:/a:oracle:linux:mesa-libgbm", "p-cpe:/a:oracle:linux:mesa-libgbm-devel", "p-cpe:/a:oracle:linux:mesa-libglapi", "p-cpe:/a:oracle:linux:mesa-libxatracker", "p-cpe:/a:oracle:linux:mesa-libxatracker-devel", "p-cpe:/a:oracle:linux:mesa-private-llvm", "p-cpe:/a:oracle:linux:mesa-private-llvm-devel", "p-cpe:/a:oracle:linux:mesa-vulkan-drivers", "p-cpe:/a:oracle:linux:vulkan", "p-cpe:/a:oracle:linux:vulkan-devel", "p-cpe:/a:oracle:linux:vulkan-filesystem", "p-cpe:/a:oracle:linux:xcb-proto", "p-cpe:/a:oracle:linux:xkeyboard-config", "p-cpe:/a:oracle:linux:xkeyboard-config-devel", "p-cpe:/a:oracle:linux:xorg-x11-proto-devel", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2017-1865.NASL", "href": "https://www.tenable.com/plugins/nessus/102340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:1865 and \n# Oracle Linux Security Advisory ELSA-2017-1865 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102340);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10164\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_xref(name:\"RHSA\", value:\"2017:1865\");\n\n script_name(english:\"Oracle Linux 7 : X.org / X11 / libraries (ELSA-2017-1865)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:1865 :\n\nAn update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe X11 (Xorg) libraries provide library routines that are used within\nall X Window applications.\n\nThe following packages have been upgraded to a later upstream version:\nlibX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3),\nlibXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1),\nlibXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11),\nlibXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy\n(1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1),\nlibwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1),\nmesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20),\nxorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669,\nBZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ#\n1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681,\nBZ# 1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752,\nBZ#1401753, BZ# 1401754, BZ#1402560, BZ#1410477, BZ#1411390,\nBZ#1411392, BZ#1411393, BZ# 1411452, BZ#1420224)\n\nSecurity Fix(es) :\n\n* An integer overflow flaw leading to a heap-based buffer overflow was\nfound in libXpm. An attacker could use this flaw to crash an\napplication using libXpm via a specially crafted XPM file.\n(CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate\nsession keys. On a multi-user system using xdmcp, a local attacker\ncould potentially use information available from the process list to\nbrute force the key, allowing them to hijack other users' sessions.\n(CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys.\nA local attacker could potentially use this flaw for session hijacking\nusing the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for\nreporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.4 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-August/007109.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libraries, x.org and / or x11 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:drm-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libICE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libX11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libX11-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libX11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXcursor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXcursor-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXdmcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfixes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfixes-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXrandr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXrandr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXrender\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXrender-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXtst\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXtst-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXvMC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXvMC-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXxf86vm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXxf86vm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libdrm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libdrm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libepoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libepoxy-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libevdev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libevdev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libevdev-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libfontenc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libfontenc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libinput\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libinput-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvdpau\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvdpau-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvdpau-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwacom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwacom-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libwacom-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxcb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxcb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxcb-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxkbcommon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxkbcommon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxkbcommon-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxkbcommon-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxkbfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxkbfile-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-dri-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libEGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libEGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libGL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libGLES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libGLES-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libOSMesa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libOSMesa-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libgbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libgbm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libglapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libxatracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-libxatracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-private-llvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-private-llvm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mesa-vulkan-drivers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vulkan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vulkan-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vulkan-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xcb-proto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xkeyboard-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xkeyboard-config-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xorg-x11-proto-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"drm-utils-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libICE-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libICE-devel-1.0.9-9.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libX11-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libX11-common-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libX11-devel-1.6.5-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXaw-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXaw-devel-1.0.13-4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXcursor-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXcursor-devel-1.1.14-8.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXdmcp-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXdmcp-devel-1.1.2-6.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfixes-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfixes-devel-5.0.3-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfont-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfont-devel-1.5.2-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfont2-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfont2-devel-2.0.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXi-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXi-devel-1.7.9-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXpm-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXpm-devel-3.5.12-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXrandr-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXrandr-devel-1.5.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXrender-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXrender-devel-0.9.10-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXt-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXt-devel-1.1.5-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXtst-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXtst-devel-1.2.3-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXv-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXv-devel-1.0.11-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXvMC-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXvMC-devel-1.0.10-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXxf86vm-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXxf86vm-devel-1.1.4-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libdrm-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libdrm-devel-2.4.74-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libepoxy-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libepoxy-devel-1.3.1-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libevdev-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libevdev-devel-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libevdev-utils-1.5.6-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libfontenc-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libfontenc-devel-1.1.3-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libinput-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libinput-devel-1.6.3-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libvdpau-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libvdpau-devel-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libvdpau-docs-1.1.1-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwacom-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwacom-data-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libwacom-devel-0.24-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxcb-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxcb-devel-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxcb-doc-1.12-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxkbcommon-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxkbcommon-devel-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxkbcommon-x11-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxkbcommon-x11-devel-0.7.1-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxkbfile-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxkbfile-devel-1.0.9-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-dri-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-filesystem-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libEGL-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libEGL-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libGL-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libGL-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libGLES-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libGLES-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libOSMesa-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libOSMesa-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libgbm-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libgbm-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libglapi-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-libxatracker-devel-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-private-llvm-devel-3.9.1-3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mesa-vulkan-drivers-17.0.1-6.20170307.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"vulkan-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"vulkan-devel-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"vulkan-filesystem-1.0.39.1-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xcb-proto-1.12-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xkeyboard-config-2.20-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xkeyboard-config-devel-2.20-1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xorg-x11-proto-devel-7.7-20.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drm-utils / libICE / libICE-devel / libX11 / libX11-common / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:37:26", "description": "The remote host is affected by the vulnerability described in GLSA-201704-03 (X.Org: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in X.Org server and libraries. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A local or remote users can utilize the vulnerabilities to attach to the X.Org session as a user and execute arbitrary code.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-04-11T00:00:00", "type": "nessus", "title": "GLSA-201704-03 : X.Org: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5407", "CVE-2016-7942", "CVE-2016-7943", "CVE-2016-7944", "CVE-2016-7945", "CVE-2016-7946", "CVE-2016-7947", "CVE-2016-7948", "CVE-2016-7949", "CVE-2016-7950", "CVE-2016-7953", "CVE-2017-2624", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libICE", "p-cpe:/a:gentoo:linux:libXdmcp", "p-cpe:/a:gentoo:linux:libXfixes", "p-cpe:/a:gentoo:linux:libXi", "p-cpe:/a:gentoo:linux:libXrandr", "p-cpe:/a:gentoo:linux:libXrender", "p-cpe:/a:gentoo:linux:libXv", "p-cpe:/a:gentoo:linux:xorg-server", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201704-03.NASL", "href": "https://www.tenable.com/plugins/nessus/99276", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201704-03.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99276);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5407\", \"CVE-2016-7942\", \"CVE-2016-7943\", \"CVE-2016-7944\", \"CVE-2016-7945\", \"CVE-2016-7946\", \"CVE-2016-7947\", \"CVE-2016-7948\", \"CVE-2016-7949\", \"CVE-2016-7950\", \"CVE-2016-7953\", \"CVE-2017-2624\", \"CVE-2017-2625\", \"CVE-2017-2626\");\n script_xref(name:\"GLSA\", value:\"201704-03\");\n\n script_name(english:\"GLSA-201704-03 : X.Org: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201704-03\n(X.Org: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in X.Org server and\n libraries. Please review the CVE identifiers referenced below for\n details.\n \nImpact :\n\n A local or remote users can utilize the vulnerabilities to attach to the\n X.Org session as a user and execute arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201704-03\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All X.Org-server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-base/xorg-server-1.19.2'\n All libICE users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libICE-1.0.9-r1'\n All libXdmcp users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libXdmcp-1.1.2-r1'\n All libXrender users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libXrender-0.9.10'\n All libXi users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libXi-1.7.7'\n All libXrandr users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libXrandr-1.5.1'\n All libXfixes users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libXfixes-5.0.3'\n All libXv users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/libXv-1.0.11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libICE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libXdmcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libXfixes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libXi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libXrandr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libXrender\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libXv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xorg-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"x11-base/xorg-server\", unaffected:make_list(\"ge 1.19.2\"), vulnerable:make_list(\"lt 1.19.2\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libICE\", unaffected:make_list(\"ge 1.0.9-r1\"), vulnerable:make_list(\"lt 1.0.9-r1\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libXdmcp\", unaffected:make_list(\"ge 1.1.2-r1\"), vulnerable:make_list(\"lt 1.1.2-r1\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libXfixes\", unaffected:make_list(\"ge 5.0.3\"), vulnerable:make_list(\"lt 5.0.3\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libXi\", unaffected:make_list(\"ge 1.7.7\"), vulnerable:make_list(\"lt 1.7.7\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libXrandr\", unaffected:make_list(\"ge 1.5.1\"), vulnerable:make_list(\"lt 1.5.1\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libXrender\", unaffected:make_list(\"ge 0.9.10\"), vulnerable:make_list(\"lt 0.9.10\"))) flag++;\nif (qpkg_check(package:\"x11-libs/libXv\", unaffected:make_list(\"ge 1.0.11\"), vulnerable:make_list(\"lt 1.0.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"X.Org\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2021-12-14T17:50:05", "description": "It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-07-27T18:29:00", "type": "debiancve", "title": "CVE-2017-2625", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2018-07-27T18:29:00", "id": "DEBIANCVE:CVE-2017-2625", "href": "https://security-tracker.debian.org/tracker/CVE-2017-2625", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T15:55:21", "description": "It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-27T18:29:00", "type": "cve", "title": "CVE-2017-2625", "cwe": ["CWE-320"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2019-10-09T23:26:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_eus:7.4", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.4"], "id": "CVE-2017-2625", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2625", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"]}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "XDM uses weak entropy to generate the session keys on non BSD systems. On multi user systems it might possible to check the PID of the process and how long it is running to get an estimate of these values, which could allow an attacker to attach to the session of a different user (CVE-2017-2625). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-09-07T09:07:16", "type": "mageia", "title": "Updated libxdmcp packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2017-09-07T09:07:16", "id": "MGASA-2017-0330", "href": "https://advisories.mageia.org/MGASA-2017-0330.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "debian": [{"lastseen": "2022-01-04T15:21:03", "description": "Package : libxdmcp\nVersion : 1:1.1.1-1+deb8u1\nCVE ID : CVE-2017-2625\n\n\nIt has been found, that libxdmcp, an X11 Display Manager Control Protocol \nlibrary, uses weak entropy to generate keys.\n\n\nUsing arc4random_buf() from libbsd should avoid this flaw.\n\n\nFor Debian 8 &quot;Jessie&quot;, this problem has been fixed in version\n1:1.1.1-1+deb8u1.\n\nWe recommend that you upgrade your libxdmcp packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-11-25T21:20:20", "type": "debian", "title": "[SECURITY] [DLA 2006-1] libxdmcp security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2019-11-25T21:20:20", "id": "DEBIAN:DLA-2006-1:68876", "href": "https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "redhatcve": [{"lastseen": "2022-01-21T00:06:16", "description": "It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-03-01T00:18:14", "type": "redhatcve", "title": "CVE-2017-2625", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2022-01-20T21:16:03", "id": "RH:CVE-2017-2625", "href": "https://access.redhat.com/security/cve/cve-2017-2625", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2021-06-08T18:43:12", "description": "X Display Manager Control Protocol library. ", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-03-03T03:57:52", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: libXdmcp-1.1.2-5.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2017-03-03T03:57:52", "id": "FEDORA:8A3986087653", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-06-08T18:43:12", "description": "X Display Manager Control Protocol library. ", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-04-01T17:55:41", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: libXdmcp-1.1.2-5.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2017-04-01T17:55:41", "id": "FEDORA:A19526042F15", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-06-08T18:43:12", "description": "X Display Manager Control Protocol library. ", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-03-05T20:52:58", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: libXdmcp-1.1.2-5.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2017-03-05T20:52:58", "id": "FEDORA:335966123D3F", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2022-01-31T11:48:10", "description": "It was discovered that libXdmcp before 1.1.2 including used weak entropy to\ngenerate session keys. On a multi-user system using xdmcp, a local attacker\ncould potentially use information available from the process list to brute\nforce the key, allowing them to hijack other users' sessions.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856399>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | 1.1.2 and lower are affected\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-07-27T00:00:00", "type": "ubuntucve", "title": "CVE-2017-2625", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2018-07-27T00:00:00", "id": "UB:CVE-2017-2625", "href": "https://ubuntu.com/security/CVE-2017-2625", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nThe freedesktop and x.org project reports:\n\nIt was discovered that libXdmcp before 1.1.3 used weak\n\t entropy to generate session keys on platforms without\n\t arc4random_buf() but with getentropy(). On a multi-user system using\n\t xdmcp, a local attacker could potentially use information available\n\t from the process list to brute force the key, allowing them to\n\t hijack other users' sessions.\nPlease note, that since FreeBSD provides arc4random_buf(), it is\n\t unknown if FreeBSD is affected by this vulnerability\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-04-04T00:00:00", "type": "freebsd", "title": "libXdmcp -- insufficient entropy generating session keys", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2625"], "modified": "2019-03-22T00:00:00", "id": "1B6A10E9-4B7B-11E9-9E89-54E1AD3D6335", "href": "https://vuxml.freebsd.org/freebsd/1b6a10e9-4b7b-11e9-9e89-54e1ad3d6335.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "packetstorm": [{"lastseen": "2017-03-02T14:52:43", "description": "", "cvss3": {}, "published": "2017-03-01T00:00:00", "type": "packetstorm", "title": "X.org Privilege Escalation / Use-After-Free / Weak Entropy", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-2625", "CVE-2017-2626", "CVE-2017-2624"], "modified": "2017-03-01T00:00:00", "id": "PACKETSTORM:141367", "href": "https://packetstormsecurity.com/files/141367/X.org-Privilege-Escalation-Use-After-Free-Weak-Entropy.html", "sourceData": "` \nX41 D-Sec GmbH Security Advisory: X41-2017-001 \n \nMultiple Vulnerabilities in X.org \n================================= \n \nOverview \n-------- \nVendor: X.org/Freedesktop.org \nVendor URL: https://www.x.org/wiki/ \nCredit: X41 D-Sec GmbH, Eric Sesterhenn \nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ \nStatus: Public \n \n \nTiming attack against MIT Cookie \n================================ \nVulnerability Type: Other \nAffected Products: Xorg Server \nAttack Type: Local \nImpact: Escalation of Privileges \nSeverity Rating: low \nConfirmed Affected Version: 1.19.0 and lower \nConfirmed Patched Version: - \nVector: local \nCVE: CVE-2017-2624 \nCVSS Score: 5.9 \nCVSS Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N \n \n \nSummary and Impact \n------------------ \nThe xorg-server uses memcmp() to check the received MIT cookie against a \nseries of valid cookies. If the cookie is correct, it is allowed to \nattach to the Xorg session: \n \nXID \nMitCheckCookie(unsigned short data_length, \nconst char *data, ClientPtr client, const char **reason) \n{ \nstruct auth *auth; \n \nfor (auth = mit_auth; auth; auth = auth->next) { \nif (data_length == auth->len && \nmemcmp(data, auth->data, (int) data_length) == 0) \nreturn auth->id; \n} \n*reason = \"Invalid MIT-MAGIC-COOKIE-1 key\"; \nreturn (XID) -1; \n} \n \nSince most memcmp() implementations return after an invalid byte is \nseen, this causes a time difference between a valid and invalid byte, \nwhich in theory could allow an efficient brute force attack[1]. \n \nAnalysis \n-------- \nX41 was not able to measure a significant difference using the optimised \nmemcmp() version of a standard Linux system, but for a naive \nimplementation consisting of a loop comparing the bytes. Since timing \nattacks against memcmp() have been successful in the past [2] and fixed \nelsewhere [3][4] X41 would consider this an issue. If this would be \nexploited, it would allow a local attacker to run code in the Xorg \nsession of another user. \n \nIn order to prevent this, MIT-COOKIES should be removed or a memcmp() \nsimilar to timingsafe_memcmp()[5] used. Other projects (e.g. openssl) \nuse timing safe memcmp() implementations to compare cookies retrieved \nvia the network[6]. \n \nWorkaround \n---------- \n \nNone \n \nReferences \n---------- \n \n[1] \nhttps://cryptocoding.net/index.php/Coding_rules#Compare_secret_strings_in_constant_time \n[2] \nhttp://de.slideshare.net/cisoplatform7/defcon-22paulmcmillanattackingtheiotusingtimingattac \n[3] http://seb.dbzteam.org/crypto/python-oauth-timing-hmac.pdf \n[4] https://bugs.ruby-lang.org/issues/10098 \n[5] \nhttp://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/string/timingsafe_memcmp.c \n[6] https://github.com/openssl/openssl/blob/master/ssl/t1_lib.c#L1249 \n \n \n \n \n \nPotential Use after Free in Xorg Server \n======================================= \nVulnerability Type: Other \nAffected Products: Xorg Server \nAttack Type: Local \nImpact: - \nSeverity Rating: none \nConfirmed Affected Version: 1.19.0 and lower \nConfirmed Patched Version: \nVector: local \nCVE: - \nCVSS Score: - \nCVSS Vector: - \n \nSummary and Impact \n------------------ \n \nIn XDM is a (currently non security) issue, regarding a potential use \nafter free. \n \nThe ToID() function in os/auth.c is not used anywhere, just defined in \nthe struct and filled by the protocols, but there are no users. \n \nAuthToIDFunc ToID; /* convert cookie to ID */ \n \nX41 noticed that, XdmToID() frees the cookie argument in case it can \nresolve the ID or on failure, but not if it can't allocate memory for plain: \n \nXdmToID(unsigned short cookie_length, char *cookie) \n{ \nXdmAuthorizationPtr auth; \nXdmClientAuthPtr client; \nunsigned char *plain; \n \nplain = malloc(cookie_length); \nif (!plain) \nreturn (XID) -1; \nfor (auth = xdmAuth; auth; auth = auth->next) { \nXdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key, \nplain, cookie_length); \nif ((client = \nXdmAuthorizationValidate(plain, cookie_length, &auth->rho, \nNULL, \nNULL)) != NULL) { \nfree(client); \nfree(cookie); \nfree(plain); \nreturn auth->id; \n} \n} \nfree(cookie); \nfree(plain); \nreturn (XID) -1; \n} \n \nThe same return value is given, whether no memory could be allocated or \nit just failed to lookup the ID, so the caller cannot distinguish \nwhether this memory is freed or not, which might lead to double-free or \nmemory leaks. The other ToID functions do not free this parameter. \n \n \nWeak entropy usage for session keys in libxdm \n============================================= \nVulnerability Type: Other \nAffected Products: libXdmcp \nAttack Type: Local \nImpact: Escalation of Privileges \nSeverity Rating: medium \nConfirmed Affected Version: 1.1.2 and lower \nConfirmed Patched Version: \nVector: local \nCVE: CVE-2017-2625 \nCVSS Score: 7.1 \nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N \n \n \nSummary and Impact \n------------------ \n \nTo further explore the auth mechanism libXdmcp-1.1.2 was checked as well. \n \nXDM uses weak entropy to generate the session keys on non BSD systems: \n \nvoid \nXdmcpGenerateKey (XdmAuthKeyPtr key) \n{ \n#ifndef HAVE_ARC4RANDOM_BUF \nlong lowbits, highbits; \n \nsrandom ((int)getpid() ^ time((Time_t *)0)); \nlowbits = random (); \nhighbits = random (); \ngetbits (lowbits, key->data); \ngetbits (highbits, key->data + 4); \n#else \narc4random_buf(key->data, 8); \n#endif \n} \n \nOn multi user systems it might possible to check the PID of the process \nand how long it is running to get an estimate of these values, which \ncould allow an attacker to attach to the session of a different user. \nSeveral checked Linux distributions (debian testing, archlinux and \nUbuntu) did not link against libbsd at the time this was found. \n \nWorkaround \n---------- \n \nCompile against libbsd \n \n \nWeak Entropy Usage in Session Keys in libICE \n============================================ \nVulnerability Type: Other \nAffected Products: libICE \nAttack Type: Local \nImpact: Escalation of Privileges \nSeverity Rating: medium \nConfirmed Affected Version: 1.0.9 and lower \nConfirmed Patched Version: \nVector: local \nCVE: CVE-2017-2626 \nCVSS Score: 7.1 \nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N \n \nSummary and Impact \n------------------ \n \nlibICE depends on arc4random() as well to generate the session cookies, \nthereby falling back to the same weak mechanism as libXdmcp: \n \nIceGenerateMagicCookie ( \nint len \n) \n{ \nchar *auth; \n#ifndef HAVE_ARC4RANDOM_BUF \nlong ldata[2]; \nint seed; \nint value; \nint i; \n#endif \n \nif ((auth = malloc (len + 1)) == NULL) \nreturn (NULL); \n \n#ifdef HAVE_ARC4RANDOM_BUF \narc4random_buf(auth, len); \n#else \n#ifdef ITIMER_REAL \n{ \nstruct timeval now; \nX_GETTIMEOFDAY (&now); \nldata[0] = now.tv_sec; \nldata[1] = now.tv_usec; \n} \n#else \n{ \nlong time (); \nldata[0] = time ((long *) 0); \nldata[1] = getpid (); \n} \n#endif \nseed = (ldata[0]) + (ldata[1] << 16); \nsrand (seed); \nfor (i = 0; i < len; i++) \n{ \nvalue = rand (); \nauth[i] = value & 0xff; \n} \n#endif \nauth[len] = '\\0'; \nreturn (auth); \n} \n \nFor this issue a PoC is available which takes 2-3 seconds to retrieve \nthe key: \n \nhttps://www.x41-dsec.de/lab/sources/icetest.c \n \nWorkaround \n---------- \n \nCompile against libbsd \n \n \nWeak Entropy Usage in xorg server \n================================= \nVulnerability Type: Other \nAffected Products: Xorg Server \nAttack Type: Local \nImpact: Unknown \nSeverity Rating: unclear \nConfirmed Affected Version: 1.19.0 and lower \nConfirmed Patched Version: \nVector: local \nCVE: - \nCVSS Score: - \nCVSS Vector: - \n \nSummary and Impact \n------------------ \n \nWhen looking at other places that use entropy, X41 also noticed \nos/auth.c and hw/xwin/winauth.c providing GenerateRandomData() \n \nvoid \nGenerateRandomData(int len, char *buf) \n{ \nint fd; \n \nfd = open(\"/dev/urandom\", O_RDONLY); \nread(fd, buf, len); \nclose(fd); \n} \n \nWhen the call to open or read fails, the contents of buf might be \nundefined. This should be handled more gracefully, it might fail in \nchrooted environments (unlikely) or when file descriptors are exhausted. \nNewer Linux Kernels provide getrandom() to protect against this and \nOpenBSD provides getentropy(). \n \nThis security impact of these functions has not been further inspected. \n \n \n \nAbout X41 D-Sec GmbH \n-------------------- \nX41 D-Sec GmbH is an expert provider for application security services. \nHaving extensive industry experience and expertise in the area of \ninformation security, a strong core security team of world class \nsecurity experts enables X41 to perform premium security services. \n \nFields of expertise in the area of application security are security \ncentric code reviews, binary reverse engineering and vulnerability \ndiscovery. Custom research and a IT security consulting and support \nservices are core competencies of X41. \n \n \n \nTimeline \n-------- \n2017-01-17 to Report to xorg-security@lists.x.org \n01-23 \n2017-02-10 CVE Request at secalert@redhat.com \n2017-02-13 CVE IDs assigned \n2017-02-16 Information of distros@vs.openwall.org \n2017-02-20 Patch for CVE-2017-2624 provided by Matthieu Herrb \n2017-02-28 Advisory release \n \n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen \nT: +49 241 9809418-0, Fax: -9 \nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 \nGeschA$?ftsfA1/4hrer: Markus Vervier \n \n \n \n \n \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/141367/X41-2017-001.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2018-01-04T01:03:37", "description": "Exploit for windows platform in category local exploits", "cvss3": {}, "published": "2017-03-02T00:00:00", "type": "zdt", "title": "X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-2625", "CVE-2017-2626", "CVE-2017-2624"], "modified": "2017-03-02T00:00:00", "id": "1337DAY-ID-27167", "href": "https://0day.today/exploit/description/27167", "sourceData": "Multiple Vulnerabilities in X.org\r\n=================================\r\n\r\nOverview\r\n--------\r\nVendor: X.org/Freedesktop.org\r\nVendor URL: https://www.x.org/wiki/\r\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\r\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/\r\nStatus: Public\r\n\r\n\r\nTiming attack against MIT Cookie\r\n================================\r\nVulnerability Type: Other\r\nAffected Products: Xorg Server\r\nAttack Type: Local\r\nImpact: Escalation of Privileges \r\nSeverity Rating: low\r\nConfirmed Affected Version: 1.19.0 and lower\r\nConfirmed Patched Version: -\r\nVector: local\r\nCVE: CVE-2017-2624\r\nCVSS Score: 5.9\r\nCVSS Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\r\n\r\n\r\nSummary and Impact\r\n------------------\r\nThe xorg-server uses memcmp() to check the received MIT cookie against a\r\nseries of valid cookies. If the cookie is correct, it is allowed to\r\nattach to the Xorg session:\r\n\r\n XID\r\n MitCheckCookie(unsigned short data_length,\r\n const char *data, ClientPtr client, const char **reason)\r\n {\r\n struct auth *auth;\r\n \r\n for (auth = mit_auth; auth; auth = auth->next) {\r\n if (data_length == auth->len &&\r\n memcmp(data, auth->data, (int) data_length) == 0)\r\n return auth->id;\r\n }\r\n *reason = \"Invalid MIT-MAGIC-COOKIE-1 key\";\r\n return (XID) -1;\r\n }\r\n\r\nSince most memcmp() implementations return after an invalid byte is\r\nseen, this causes a time difference between a valid and invalid byte,\r\nwhich in theory could allow an efficient brute force attack[1].\r\n\r\nAnalysis\r\n--------\r\nX41 was not able to measure a significant difference using the optimised\r\nmemcmp() version of a standard Linux system, but for a naive\r\nimplementation consisting of a loop comparing the bytes. Since timing\r\nattacks against memcmp() have been successful in the past [2] and fixed\r\nelsewhere [3][4] X41 would consider this an issue. If this would be\r\nexploited, it would allow a local attacker to run code in the Xorg\r\nsession of another user.\r\n\r\nIn order to prevent this, MIT-COOKIES should be removed or a memcmp()\r\nsimilar to timingsafe_memcmp()[5] used. Other projects (e.g. openssl)\r\nuse timing safe memcmp() implementations to compare cookies retrieved\r\nvia the network[6].\r\n\r\nWorkaround\r\n----------\r\n\r\nNone\r\n\r\nReferences\r\n----------\r\n\r\n[1]\r\nhttps://cryptocoding.net/index.php/Coding_rules#Compare_secret_strings_in_constant_time\r\n[2]\r\nhttp://de.slideshare.net/cisoplatform7/defcon-22paulmcmillanattackingtheiotusingtimingattac\r\n[3] http://seb.dbzteam.org/crypto/python-oauth-timing-hmac.pdf\r\n[4] https://bugs.ruby-lang.org/issues/10098\r\n[5]\r\nhttp://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/string/timingsafe_memcmp.c\r\n[6] https://github.com/openssl/openssl/blob/master/ssl/t1_lib.c#L1249\r\n\r\n\r\n\r\n\r\n\r\nPotential Use after Free in Xorg Server\r\n=======================================\r\nVulnerability Type: Other\r\nAffected Products: Xorg Server\r\nAttack Type: Local\r\nImpact: - \r\nSeverity Rating: none\r\nConfirmed Affected Version: 1.19.0 and lower\r\nConfirmed Patched Version:\r\nVector: local\r\nCVE: -\r\nCVSS Score: -\r\nCVSS Vector: -\r\n\r\nSummary and Impact\r\n------------------\r\n\r\nIn XDM is a (currently non security) issue, regarding a potential use\r\nafter free.\r\n\r\nThe ToID() function in os/auth.c is not used anywhere, just defined in\r\nthe struct and filled by the protocols, but there are no users.\r\n\r\n AuthToIDFunc ToID; /* convert cookie to ID */\r\n\r\nX41 noticed that, XdmToID() frees the cookie argument in case it can\r\nresolve the ID or on failure, but not if it can't allocate memory for plain:\r\n\r\n XdmToID(unsigned short cookie_length, char *cookie)\r\n {\r\n XdmAuthorizationPtr auth;\r\n XdmClientAuthPtr client;\r\n unsigned char *plain;\r\n \r\n plain = malloc(cookie_length);\r\n if (!plain)\r\n return (XID) -1;\r\n for (auth = xdmAuth; auth; auth = auth->next) {\r\n XdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key,\r\n plain, cookie_length);\r\n if ((client =\r\n XdmAuthorizationValidate(plain, cookie_length, &auth->rho,\r\nNULL,\r\n NULL)) != NULL) {\r\n free(client);\r\n free(cookie);\r\n free(plain);\r\n return auth->id;\r\n }\r\n }\r\n free(cookie);\r\n free(plain);\r\n return (XID) -1;\r\n }\r\n\r\nThe same return value is given, whether no memory could be allocated or\r\nit just failed to lookup the ID, so the caller cannot distinguish\r\nwhether this memory is freed or not, which might lead to double-free or\r\nmemory leaks. The other ToID functions do not free this parameter.\r\n\r\n\r\nWeak entropy usage for session keys in libxdm\r\n=============================================\r\nVulnerability Type: Other\r\nAffected Products: libXdmcp\r\nAttack Type: Local\r\nImpact: Escalation of Privileges \r\nSeverity Rating: medium\r\nConfirmed Affected Version: 1.1.2 and lower\r\nConfirmed Patched Version:\r\nVector: local\r\nCVE: CVE-2017-2625\r\nCVSS Score: 7.1\r\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N\r\n\r\n\r\nSummary and Impact\r\n------------------\r\n\r\nTo further explore the auth mechanism libXdmcp-1.1.2 was checked as well.\r\n\r\nXDM uses weak entropy to generate the session keys on non BSD systems:\r\n\r\n void\r\n XdmcpGenerateKey (XdmAuthKeyPtr key)\r\n {\r\n #ifndef HAVE_ARC4RANDOM_BUF\r\n long lowbits, highbits;\r\n \r\n srandom ((int)getpid() ^ time((Time_t *)0));\r\n lowbits = random ();\r\n highbits = random ();\r\n getbits (lowbits, key->data);\r\n getbits (highbits, key->data + 4);\r\n #else\r\n arc4random_buf(key->data, 8);\r\n #endif\r\n }\r\n\r\nOn multi user systems it might possible to check the PID of the process\r\nand how long it is running to get an estimate of these values, which\r\ncould allow an attacker to attach to the session of a different user.\r\nSeveral checked Linux distributions (debian testing, archlinux and\r\nUbuntu) did not link against libbsd at the time this was found.\r\n\r\nWorkaround\r\n----------\r\n\r\nCompile against libbsd\r\n\r\n\r\nWeak Entropy Usage in Session Keys in libICE\r\n============================================\r\nVulnerability Type: Other\r\nAffected Products: libICE\r\nAttack Type: Local\r\nImpact: Escalation of Privileges \r\nSeverity Rating: medium\r\nConfirmed Affected Version: 1.0.9 and lower\r\nConfirmed Patched Version:\r\nVector: local\r\nCVE: CVE-2017-2626\r\nCVSS Score: 7.1\r\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N\r\n\r\nSummary and Impact\r\n------------------\r\n\r\nlibICE depends on arc4random() as well to generate the session cookies,\r\nthereby falling back to the same weak mechanism as libXdmcp:\r\n\r\n IceGenerateMagicCookie (\r\n int len\r\n )\r\n {\r\n char *auth;\r\n #ifndef HAVE_ARC4RANDOM_BUF\r\n long ldata[2];\r\n int seed;\r\n int value;\r\n int i;\r\n #endif\r\n \r\n if ((auth = malloc (len + 1)) == NULL)\r\n return (NULL);\r\n \r\n #ifdef HAVE_ARC4RANDOM_BUF\r\n arc4random_buf(auth, len);\r\n #else\r\n #ifdef ITIMER_REAL\r\n {\r\n struct timeval now;\r\n X_GETTIMEOFDAY (&now);\r\n ldata[0] = now.tv_sec;\r\n ldata[1] = now.tv_usec;\r\n }\r\n #else\r\n {\r\n long time ();\r\n ldata[0] = time ((long *) 0);\r\n ldata[1] = getpid ();\r\n }\r\n #endif\r\n seed = (ldata[0]) + (ldata[1] << 16);\r\n srand (seed);\r\n for (i = 0; i < len; i++)\r\n {\r\n value = rand ();\r\n auth[i] = value & 0xff;\r\n }\r\n #endif\r\n auth[len] = '\\0';\r\n return (auth);\r\n }\r\n\r\nFor this issue a PoC is available which takes 2-3 seconds to retrieve\r\nthe key:\r\n\r\nhttps://www.x41-dsec.de/lab/sources/icetest.c\r\n\r\nWorkaround\r\n----------\r\n\r\nCompile against libbsd\r\n\r\n\r\nWeak Entropy Usage in xorg server\r\n=================================\r\nVulnerability Type: Other\r\nAffected Products: Xorg Server\r\nAttack Type: Local\r\nImpact: Unknown \r\nSeverity Rating: unclear\r\nConfirmed Affected Version: 1.19.0 and lower\r\nConfirmed Patched Version:\r\nVector: local\r\nCVE: -\r\nCVSS Score: -\r\nCVSS Vector: -\r\n\r\nSummary and Impact\r\n------------------\r\n\r\nWhen looking at other places that use entropy, X41 also noticed\r\nos/auth.c and hw/xwin/winauth.c providing GenerateRandomData()\r\n\r\n void\r\n GenerateRandomData(int len, char *buf)\r\n {\r\n int fd;\r\n \r\n fd = open(\"/dev/urandom\", O_RDONLY);\r\n read(fd, buf, len);\r\n close(fd);\r\n }\r\n\r\nWhen the call to open or read fails, the contents of buf might be\r\nundefined. This should be handled more gracefully, it might fail in\r\nchrooted environments (unlikely) or when file descriptors are exhausted.\r\nNewer Linux Kernels provide getrandom() to protect against this and\r\nOpenBSD provides getentropy().\r\n\r\nThis security impact of these functions has not been further inspected.\n\n# 0day.today [2018-01-03] #", "sourceHref": "https://0day.today/exploit/27167", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2021-10-21T04:46:44", "description": "The X11 (Xorg) libraries provide library routines that are used within all X Window applications.\n\nThe following packages have been upgraded to a later upstream version: libX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ#1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681, BZ#1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752, BZ#1401753, BZ#1401754, BZ#1402560, BZ#1410477, BZ#1411390, BZ#1411392, BZ#1411393, BZ#1411452, BZ#1420224)\n\nSecurity Fix(es):\n\n* An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-01T05:55:26", "type": "redhat", "title": "(RHSA-2017:1865) Moderate: X.org X11 libraries security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2018-04-11T23:32:43", "id": "RHSA-2017:1865", "href": "https://access.redhat.com/errata/RHSA-2017:1865", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T16:06:06", "description": "**CentOS Errata and Security Advisory** CESA-2017:1865\n\n\nThe X11 (Xorg) libraries provide library routines that are used within all X Window applications.\n\nThe following packages have been upgraded to a later upstream version: libX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), libXfont (1.5.2), libXi (1.7.9), libXpm (3.5.12), libXrandr (1.5.1), libXrender (0.9.10), libXt (1.1.5), libXtst (1.2.3), libXv (1.0.11), libXvMC (1.0.10), libXxf86vm (1.1.4), libdrm (2.4.74), libepoxy (1.3.1), libevdev (1.5.6), libfontenc (1.1.3), libvdpau (1.1.1), libwacom (0.24), libxcb (1.12), libxkbfile (1.0.9), mesa (17.0.1), mesa-private-llvm (3.9.1), xcb-proto (1.12), xkeyboard-config (2.20), xorg-x11-proto-devel (7.7). (BZ#1401667, BZ#1401668, BZ#1401669, BZ#1401670, BZ#1401671, BZ#1401672, BZ#1401673, BZ#1401675, BZ#1401676, BZ#1401677, BZ#1401678, BZ#1401679, BZ#1401680, BZ#1401681, BZ#1401682, BZ#1401683, BZ#1401685, BZ#1401690, BZ#1401752, BZ#1401753, BZ#1401754, BZ#1402560, BZ#1410477, BZ#1411390, BZ#1411392, BZ#1411393, BZ#1411452, BZ#1420224)\n\nSecurity Fix(es):\n\n* An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file. (CVE-2016-10164)\n\n* It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. (CVE-2017-2625)\n\n* It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. (CVE-2017-2626)\n\nRed Hat would like to thank Eric Sesterhenn (X41 D-Sec GmbH) for reporting CVE-2017-2625 and CVE-2017-2626.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017158.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017159.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017160.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017163.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017181.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017183.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017219.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017223.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017226.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017227.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017228.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017229.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017230.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017231.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017232.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017233.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017234.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017235.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017236.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017237.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017238.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017239.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017240.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017241.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017242.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017243.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017244.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017264.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017265.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017498.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017506.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017508.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2017-August/017529.html\n\n**Affected packages:**\ndrm-utils\nlibICE\nlibICE-devel\nlibX11\nlibX11-common\nlibX11-devel\nlibXaw\nlibXaw-devel\nlibXcursor\nlibXcursor-devel\nlibXdmcp\nlibXdmcp-devel\nlibXfixes\nlibXfixes-devel\nlibXfont\nlibXfont-devel\nlibXfont2\nlibXfont2-devel\nlibXi\nlibXi-devel\nlibXpm\nlibXpm-devel\nlibXrandr\nlibXrandr-devel\nlibXrender\nlibXrender-devel\nlibXt\nlibXt-devel\nlibXtst\nlibXtst-devel\nlibXv\nlibXv-devel\nlibXvMC\nlibXvMC-devel\nlibXxf86vm\nlibXxf86vm-devel\nlibdrm\nlibdrm-devel\nlibepoxy\nlibepoxy-devel\nlibevdev\nlibevdev-devel\nlibevdev-utils\nlibfontenc\nlibfontenc-devel\nlibinput\nlibinput-devel\nlibvdpau\nlibvdpau-devel\nlibvdpau-docs\nlibwacom\nlibwacom-data\nlibwacom-devel\nlibxcb\nlibxcb-devel\nlibxcb-doc\nlibxkbcommon\nlibxkbcommon-devel\nlibxkbcommon-x11\nlibxkbcommon-x11-devel\nlibxkbfile\nlibxkbfile-devel\nmesa-dri-drivers\nmesa-filesystem\nmesa-libEGL\nmesa-libEGL-devel\nmesa-libGL\nmesa-libGL-devel\nmesa-libGLES\nmesa-libGLES-devel\nmesa-libOSMesa\nmesa-libOSMesa-devel\nmesa-libgbm\nmesa-libgbm-devel\nmesa-libglapi\nmesa-libxatracker\nmesa-libxatracker-devel\nmesa-private-llvm\nmesa-private-llvm-devel\nmesa-vdpau-drivers\nmesa-vulkan-drivers\nvulkan\nvulkan-devel\nvulkan-filesystem\nxcb-proto\nxkeyboard-config\nxkeyboard-config-devel\nxorg-x11-proto-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:1865", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-24T01:38:44", "type": "centos", "title": "drm, libICE, libX11, libXaw, libXcursor, libXdmcp, libXfixes, libXfont, libXfont2, libXi, libXpm, libXrandr, libXrender, libXt, libXtst, libXv, libXvMC, libXxf86vm, libdrm, libepoxy, libevdev, libfontenc, libinput, libvdpau, libwacom, libxcb, libxkbcommon, libxkbfile, mesa, vulkan, xcb, xkeyboard, xorg security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10164", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2017-08-24T01:42:27", "id": "CESA-2017:1865", "href": "https://lists.centos.org/pipermail/centos-cr-announce/2017-August/017158.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:54", "description": "libICE\n[1.0.9-9]\n- Add upstream patch to not pull libbsd\n- Add custom patch for Fedora 24 & 25\n[1.0.9-8]\n- Fix changelog\n[1.0.9-7]\n- Use libbsd for randoms (CVE-2017-2626, rhbz#1427715)\n[1.0.9-6]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[1.0.9-5]\n- Force disable documentation generation\n[1.0.9-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.0.9-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\nlibX11\n[1.6.5-1]\n- libX11 1.6.5\n[1.6.4-4]\n- Actually apply the patch from 1.6.4-3\n[1.6.4-3]\n- Fix a bug in the memory leak fix from 1.6.4-2\n[1.6.4-2]\n- Plug a memory leak in XListFonts()\n[1.6.4-1]\n- libX11 1.6.4\nlibXaw\n[1.0.13-4]\n- Force disable documentation generation\n[1.0.13-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.0.13-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.0.13-1]\n- libXaw 1.0.13\nlibXcursor\n[1.1.14-8]\n- Remove RHEL default cursor theme variant (rhbz#1388458)\n[1.1.14-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[1.1.14-6]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.1.14-5]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.1.14-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n[1.1.14-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\nlibXdmcp\n[1.1.2-6]\n- Do not pull libbsd, use getentropy or getrandom syscall instead\n[1.1.2-5]\n- Use libbsd for randoms (CVE-2017-2625, rhbz#1427716)\n[1.1.2-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[1.1.2-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.1.2-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.1.2-1]\n- libXdmcp 1.1.2\n[1.1.1-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\nlibXfixes\n[5.0.3-1]\n- libXfixes 5.0.3\nlibXfont\n[1.5.2-1]\n- libXfont 1.5.2\nlibXfont2\n[2.0.1-2]\n- Add some fixes from upstream git master\n[2.0.2-1]\n- Initial packaging forked from libXfont\nlibXi\n[1.7.9-1]\n- libXi 1.7.9\n[1.7.8-1]\n- libXi 1.7.8\nlibXpm\n[3.5.12-1]\n- libXpm 3.5.12\nlibXrandr\n[1.5.1-2]\n- rebuild for new build of libXrender\n[1.5.1-1]\n- libXrandr 1.5.1\n[1.5.0-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.5.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.5.0-1]\n- libXrandr 1.5.0 - fixup requires/br\nlibXrender\n[0.9.10-1]\n- libXrender 0.9.10\nlibXt\n[1.1.5-3]\n- libXt 1.1.5\n- Merge F25:\n- Fix duplicate documentation (#1001246) by not using %doc\n- Turn on verbose build output via V=1 make\n- Remove %defattr\n- Use %?_isa in explicit package deps\n- Exclude docs from main package\nlibXtst\n[1.2.3-1]\n- libXtst 1.2.3\nlibXv\n[1.0.11-1]\n- libXv 1.0.11\n- fixes CVE-2016-5407\n[1.0.10-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.0.10-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\nlibXvMC\n[1.0.10-1]\n- libXvMC 1.0.10\n- fixes CVE-2016-7953\n[1.0.9-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.0.9-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.0.9-1]\n- libXvMC 1.0.9\n[1.0.8-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n[1.0.8-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\nlibXxf86vm\n[1.1.4-1]\n- libXxf86vm 1.1.4\nlibdrm\n[2.4.74-1]\n- libdrm 2.4.74\nlibepoxy\n[1.3.1-1]\n- libepoxy 1.3.1\nlibevdev\n[1.5.6-1]\n- libevdev 1.5.6 (#1401754)\nlibfontenc\n[1.1.3-3]\n- libfontenc 1.1.3 (Merge fedora 25)\nlibinput\n[1.6.3-2]\n- Fix test suite to build on RHEL 7.x (#1431640)\n[1.6.3-1]\n- libinput 1.6.3 (#1388484)\n[1.6.2-1]\n- libinput 1.6.2 (#1388484)\n[1.6.0-1]\n- libinput 1.6\n[1.5.902-1]\n- libinput 1.6rc2\n[1.5.901-1]\n- libinput 1.6rc1\n[1.5.3-1]\n- libinput 1.5.3\n[1.5.2-2]\n- Swap to the correct tarball so we match the checksums from upstream (had a\n local mixup of tarballs)\n[1.5.2-1]\n- libinput 1.5.2\n[1.5.1-2]\n- Improve responsiveness of touchpads by reducing the motion history.\n[1.5.1-1]\n- libinput 1.5.1\n[1.5.0-2]\n- Drop the synaptics 3-slot workaround\n[1.5.0-1]\n- libinput 1.5.0\n[1.4.901-2]\n- Avoid spurious trackpoint events halting the touchpad (related #1364850)\n[1.4.901-1]\n- libinput 1.5rc1\n[1.4.2-2]\n- Add quirk for the HP 8510w touchpad (#1351285)\n[1.4.2-1]\n- libinput 1.4.2\n[1.4.1-1]\n- libinput 1.4.1\n[1.4.0-1]\n- libinput 1.4\n[1.3.901-1]\n- libinput 1.4rc1\n[1.3.3-2]\n- Drop the now unnecessary patch\n[1.3.3-1]\n- libinput 1.3.3\n[1.3.2-1]\n- libinput 1.3.2\n[1.3.1-1]\n- libinput 1.3.1\n[1.3.0-3]\n- Stop pointer jitter on the Dell E5420, E530 and Lenovo Yoga 2\n[1.3.0-2]\n- Disable negative pressure transition on non-synaptics pads to avoid\n jerky movement (#1335249)\n[1.3.0-1]\n- libinput 1.3.0\n[1.2.903-1]\n- libinput 1.3rc3\n[1.2.902-1]\n- libinput 1.3rc2\n[1.2.4-1]\n- libinput 1.2.4\n[1.2.3-1]\n- libinput 1.2.3\n[1.2.2-1]\n- libinput 1.2.2\n[1.2.1-4]\n- Fix jerky pointer motion on the Lenovo T450/T460/X1 3rd hardware\n[1.2.1-3]\n- Fix segfault on mislabeled tablets (#1314955)\n[1.2.1-2]\n- Bump to maintain upgrade path with F23\n[1.2.1-1]\n- libinput 1.2.1\n[1.2.0-1]\n- libinput 1.2.0\n[1.1.902-2]\n- Add libwacom-devel to BuildRequires\n[1.1.902-1]\n- libinput 1.2rc2\n[1.1.7-1]\n- libinput 1.1.7\n[1.1.6-1]\n- libinput 1.1.6\n[1.1.5-4]\n- Fix patches from -3, they got corrupted somehow\n[1.1.5-3]\n- Disable the mode button on the Cyborg RAT 5\n- Drop touchpad motion hysteresis by default\n[1.1.5-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.1.5-1]\n- libinput 1.1.5\n[1.1.4-3]\n- disable MT for semi-mt devices to solve the various two- and three-finger\n issues (at the cost of pinch gestures) (#1295073)\n[1.1.4-2]\n- fix disable-while-typing on macbooks\n[1.1.4-1]\n- libinput 1.1.4\n[1.1.3-1]\n- libinput 1.1.3\n[1.1.2-1]\n- libinput 1.1.2\n[1.1.1-2]\n- Reduce 2fg scroll threshold to 1mm (#1247958)\n[1.1.1-1]\n- libinput 1.1.1\n[1.1.0-3]\n- Fix invalid device group pointer, causing invalid memory access\n[1.1.0-2]\n- Fix crash triggered by Asus RoG Gladius mouse (#1275407)\n[1.1.0-1]\n- libinput 1.1.0\n[1.0.2-1]\n- libinput 1.0.2\n[1.0.1-3]\n- Fix the number of clicks sent in multitap (fdo #92016)\n[1.0.1-2]\n- Don't interpret short scrolls as right click (#1256045)\n[1.0.1-1]\n- libinput 1.0.1\n[1.0.0-1]\n- libinput 1.0\n[0.99.1-1]\n- libinput 1.0RC1\n[0.21.0-3]\n- Fix 2fg scroll threshold handling (#1249365)\n[0.21.0-2]\n- Fix pointer speed configuration, broke with 0.21.0\n[0.21.0-1]\n- libinput 0.21.0\n- fix 3fg touch detection on Synaptics semi-mt touchpads\n[0.20.0-6]\n- Fix broken 2fg scrolling on single-touch touchpads (#1246651)\n- Drop distance threshold for 2fg gesture detection (#1246868)\n[0.20.0-5]\n- Add a size hint for Apple one-button touchpads (#1246651)\n[0.20.0-4]\n- Disable 2fg scrolling on Synaptics semi-mt (#1235175)\n[0.20.0-3]\n- Disable thumb detection, too many false positives (#1246093)\n[0.20.0-2]\n- Restore parsing for trackpoing const accel\n[0.20.0-1]\n- libinput 0.20\n[0.19.0-3]\n- Only edge scroll when the finger is on the actual edge\n[0.19.0-2]\n- enable edge scrolling on clickpads (#1225579)\n[0.19.0-1]\n- libinput 0.19.0\n[0.18.0-5]\n- Improve trackpoint->touchpad transition responsiveness (#1233844)\n[0.18.0-4]\n- Steepen deceleration curve to get better 1:1 movement on slow speeds\n (#1231304)\n- Provide custom accel method for <1000dpi mice (#1227039)\n[0.18.0-3]\n- Fix stuck finger after a clickpad click on resolutionless touchpads\n[0.18.0-2]\n- Fix initial jump during edge scrolling\n[0.18.0-1]\n- libinput 0.18.0\n[0.17.0-5]\n- Use physical values for the hystersis where possible (#1230462)\n- Disable right-edge palm detection when edge scrolling is active\n (fdo#90980)\n[0.17.0-4]\n- Avoid erroneous finger movement after a physical click (#1230441)\n[0.17.0-3]\n- Require udev.pc for the build\n[0.17.0-2]\n- Cap the minimum acceleration slowdown at 0.3 (#1227796)\n[0.17.0-1]\n- libinput 0.17\n[0.16.0-4]\n- Always set the middle button as default button for button-scrolling\n (#1227182)\n[0.16.0-3]\n- Reduce tap-n-drag timeout (#1225998)\n[0.16.0-2]\n- Handle slow motions better (#1227039)\n[0.16.0-1]\n- libinput 0.16.0\n[0.15.0-4]\n- Add tap-to-end-drag patch (#1225998)\n[0.15.0-3]\n- Refine disable-while-typing (#1209753)\n[0.15.0-2]\n- Add disable-while-typing feature (#1209753)\n[0.15.0-1]\n- libinput 0.15.0\n[0.14.1-2]\n- Fix crash with the MS Surface Type Cover (#1206869)\n[0.14.1-1]\n- libinput 0.14.1\n[0.13.0-6]\n- git add the patch...\n[0.13.0-5]\n- Reduce palm detection threshold to 70mm (#1209753)\n- Don't allow taps in the top part of the palm zone (#1209753)\n[0.13.0-4]\n- Fix finger miscounts on single-touch touchpads (#1209151)\n[0.13.0-3]\n- Fix mouse slowdown (#1208992)\n[0.13.0-2]\n- Fix crasher triggered by fake MT devices without ABS_X/Y (#1207574)\n[0.13.0-1]\n- libinput 0.13.0\n[0.12.0-2]\n- Install the udev rules in the udevdir, not libdir (#1203645)\n[0.12.0-1]\n- libinput 0.12.0\n[0.11.0-1]\n- libinput 0.11.0\n[0.10.0-1]\n- libinput 0.10.0\n[0.9.0-1]\n- libinput 0.9.0\n[0.8.0-1]\n- libinput 0.8.0\n[0.7.0-2.20141211git58abea394]\n- git snapshot, fixes a crasher and fd confusion after suspending a device\n[0.7.0-1]\n- libinput 0.7.0\n[0.6.0-3.20141124git92d178f16]\n- Add the hooks to build from a git snapshot\n- Disable silent rules\n- Update to today's git master\n[0.6.0-2]\n- libinput 0.6.0\n[0.5.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n[0.5.0-1]\n- libinput 0.5.0\n[0.4.0-2]\n- Add the new touchpad pointer acceleration code\n[0.4.0-1]\n- Update to 0.4.0\n[0.2.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\n[0.2.0-1]\n- libinput 0.2.0\n[0.1.0-1]\n- Initial Fedora packaging\nlibvdpau\n[1.1.1-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\nlibwacom\n[0.24-1]\n- libwacom 0.24 (#1401752)\n[0.22-2]\n- Merge libwacom 0.22 from F25 (#1401752)\nlibxcb\n[1.12-1]\n- libxcb 1.12\n[1.11.1-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.11.1-1]\n- libxcb 1.11.1\n[1.11-8]\n- followup fix for thread deadlocks (#1193742, fdo#84252)\n[1.11-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.11-6]\n- pull in (partial?) upstream fix for deadlocks (#1193742, fdo#84252)\n[1.11-5]\n- fix rpath harder (#1136546)\n- %build: --disable-silent-rules\nlibxkbcommon\n[0.7.1-1]\n- xkbcommon 0.7.1\n[0.7.0-1]\n- xkbcommon 0.7.0\n[0.6.1-1]\n- xkbcommon 0.6.1\n[0.5.0-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[0.5.0-3]\n- always build the x11 subpackage\n[0.5.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[0.5.0-1]\n- Update to 0.5.0 (#1154574)\n[0.4.3-2]\n- Require xkeyboard-config (#1145260)\n[0.4.3-1]\n- Update to 0.4.3\n[0.4.2-5]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n[0.4.2-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\n[0.4.2-3]\n- make -x11 support conditional (f21+, #1000497)\n- --disable-silent-rules\n[0.4.2-2]\n- Bump release to 2 to avoid confusion with non official non scratch 0.4.2-1\n[0.4.2-1]\n- xkbcommon 0.4.2 (#1000497)\n- own %{_includedir}/xkbcommon/\n- -x11: +ldconfig scriptlets\n- -devel: don't include xkbcommon-x11.h\n- run reautoconf in %prep (instead of %build)\n- tighten subpkg deps via %_isa\n- .spec cleanup, remove deprecated stuff\n- BR: pkgconfig(xcb-xkb) >= 1.10\n[0.4.0-1]\n- xkbcommon 0.4.0\n- Add new xkbcommon-x11 and xkbcommon-x11-devel subpackages\n[0.3.1-1]\n- xkbcommon 0.3.1\n[0.3.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild\n[0.3.0-1]\n- xkbcommon 0.3.0\n[0.2.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild\n[0.2.0-1]\n- xkbcommon 0.2.0\n[0.1.0-8.20120917]\n- Today's git snapshot\n[0.1.0-7.20120306]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild\n[0.1.0-6.20120306]\n- BuildRequire xkeyboard-config-devel to get the right XKB target path (#799717)\n[0.1.0-5.20120306]\n- Today's git snapshot\n[0.1.0-4.20111109]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild\n[0.1.0-3]\n- Today's git snap\n[0.1.0-2.20101110]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild\n[0.1.0-1.20101110]\n- inital import\nlibxkbfile\n[1.0.9-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.0.9-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.0.9-1]\n- libxkbfile 1.0.9\n[1.0.8-6]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\nmesa\n[17.0.1-6.20170307]\n- enable VDPAU drivers (#1297276)\n[17.0.1-5.20170307]\n- Use correct datalayout for llvmpipe (#1445423)\n[17.0.1-4.20170307]\n- Add ppc64le vulkan build\n[17.0.1-3.20170307]\n- Add temporary revert for #1438891\n[17.0.1-2.20170307]\n- Allow compat shaders override. (#1429813)\n[17.0.1-1.20170307]\n- mesa 17.0.1 release\n[17.0.0-2.20170215]\n- enable more drivers on aarch64 + vulkan drivers (#1358444)\n[17.0.0-1.20170215]\n- mesa 17.0.0 release\n[17.0.0-0.2.20170123]\n- Rebuild against (and BuildRequire) mesa-private-llvm >= 3.9\n[17.0.0-0.1.20170123]\n- mesa 17.0.0-rc1\nmesa-private-llvm\n[3.9.1-3]\n- Add temporary revert for #1445423\n[3.9.1-2]\n- Add fix for radeonsi regression\n[3.9.1-1]\n- Update to 3.9.1\nvulkan\n[1.0.39.1-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[1.0.39.1-1]\n- Update to 1.0.39.1 release\n[1.0.39.0-1]\n- Update to 1.0.39.0 release\n- Add build requires libXrandr-devel\n[1.0.37.0-1]\n- Update to 1.0.37.0 release\n- Disable Mir as it's lame ubuntu rubbish\n[1.0.34.0-0.1.gitd4cd34f]\n- Update to latest git\n[1.0.30.0-2]\n- Fix VkLayer undefined symbol: util_GetExtensionProperties\n[1.0.30.0-1]\n- Update to 1.0.30.0 release\n[1.0.26.0-4]\n- Build with wayland support (rhbz 1383115)\n[1.0.26.0-3]\n- Move unversioned libraries\n- Disable vkjson build\n- Fix license tag\n[1.0.26.0-2]\n- Make layers conditional.\n[1.0.26.0-1]\n- Update to 1.0.26.0 release\n[1.0.26.0-0.3.gitfbb8667]\n- Clean up\n[1.0.26.0-0.2.gitfbb8667]\n- Change build requires python3\n- Use release for cmake\n- Make build verbose\n[1.0.26.0-0.1.gitfbb8667]\n- Update to latest git\n[1.0.3-0.1.git1affe90]\n- Add ldconfig in post/postun\n- Use upstream tarball from commit + patches\n- Fix versioning. In fact it was never released\n- Fixup mixing of spaces/tabs\n- Remove rpath from vulkaninfo\n- Make filesystem subpkg noarch (it is really noarch)\n- BuildRequire gcc and gcc-c++ explicitly\n- Require main pkg with isa tag\n- Fix perms and perm of README.md\n- Use %license tag\n[1.0.3-0]\n- Update loader to not build cube or tri. Drop bundled LunarGLASS and llvm\n since they're only needed for those demos.\n[1.0.3-0]\n- Initial packaging\nxcb-proto\n[1.12-2]\n- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages\n[1.12-1]\n- xcb-proto 1.12\n[1.11-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.11-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\nxkeyboard-config\n[2.20-1]\n- xkeyboard-config 2.20 (#1401753)\nxorg-x11-proto-devel\n[7.7-20]\n- xproto 7.0.31\n[7.7-19]\n- inputproto 2.3.2\n[7.7-18]\n- videoproto 2.3.3\n[7.7-17]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n- s/define/global/\n[7.7-16]\n- xproto 7.0.28\n[7.7-15]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[7.7-14]\n- randrproto-1.5.0", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-07T00:00:00", "type": "oraclelinux", "title": "X.org X11 libraries security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10164", "CVE-2016-5407", "CVE-2016-7953", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2017-08-07T00:00:00", "id": "ELSA-2017-1865", "href": "http://linux.oracle.com/errata/ELSA-2017-1865.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:05:31", "description": "### Background\n\nX.Org X servers\n\n### Description\n\nMultiple vulnerabilities have been discovered in X.Org server and libraries. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local or remote users can utilize the vulnerabilities to attach to the X.Org session as a user and execute arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll X.Org-server users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-base/xorg-server-1.19.2\"\n \n\nAll libICE users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libICE-1.0.9-r1\"\n \n\nAll libXdmcp users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXdmcp-1.1.2-r1\"\n \n\nAll libXrender users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXrender-0.9.10\"\n \n\nAll libXi users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXi-1.7.7\"\n \n\nAll libXrandr users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXrandr-1.5.1\"\n \n\nAll libXfixes users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXfixes-5.0.3\"\n \n\nAll libXv users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXv-1.0.11\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-10T00:00:00", "type": "gentoo", "title": "X.Org: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5407", "CVE-2016-7942", "CVE-2016-7943", "CVE-2016-7944", "CVE-2016-7945", "CVE-2016-7946", "CVE-2016-7947", "CVE-2016-7948", "CVE-2016-7949", "CVE-2016-7950", "CVE-2016-7953", "CVE-2017-2624", "CVE-2017-2625", "CVE-2017-2626"], "modified": "2017-04-10T00:00:00", "id": "GLSA-201704-03", "href": "https://security.gentoo.org/glsa/201704-03", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}