Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310130063
HistoryOct 15, 2015 - 12:00 a.m.

Mageia: Security Advisory (MGASA-2015-0316)

2015-10-1500:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
8

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.130063");
  script_cve_id("CVE-2015-3164");
  script_tag(name:"creation_date", value:"2015-10-15 07:42:16 +0000 (Thu, 15 Oct 2015)");
  script_version("2024-02-02T05:06:05+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"3.6");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:P/A:N");

  script_name("Mageia: Security Advisory (MGASA-2015-0316)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("Mageia Linux Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA5");

  script_xref(name:"Advisory-ID", value:"MGASA-2015-0316");
  script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2015-0316.html");
  script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=16182");
  script_xref(name:"URL", value:"http://lists.x.org/archives/xorg-announce/2015-June/002611.html");
  script_xref(name:"URL", value:"http://lists.opensuse.org/opensuse-updates/2015-06/msg00044.html");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2015-0316 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the
server in non-authenticating mode, which allows local users to read from or
send information to arbitrary X11 clients via vectors involving a UNIX socket
(CVE-2015-3164).");

  script_tag(name:"affected", value:"'x11-server' package(s) on Mageia 5.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "MAGEIA5") {

  if(!isnull(res = isrpmvuln(pkg:"x11-server", rpm:"x11-server~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-common", rpm:"x11-server-common~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-devel", rpm:"x11-server-devel~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-source", rpm:"x11-server-source~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xdmx", rpm:"x11-server-xdmx~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xephyr", rpm:"x11-server-xephyr~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xfake", rpm:"x11-server-xfake~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xfbdev", rpm:"x11-server-xfbdev~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xnest", rpm:"x11-server-xnest~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xorg", rpm:"x11-server-xorg~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xvfb", rpm:"x11-server-xvfb~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"x11-server-xwayland", rpm:"x11-server-xwayland~1.16.4~2.1.mga5", rls:"MAGEIA5"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

ubuntucve 1
mageia 1
cvelist 1
nessus 3
cve 2
prion 1
fedora 1
debiancve 1
gentoo 1
ubuntucve
ubuntucve
CVE-2015-3164
2015-07-01 00:00:00
mageia
mageia
Updated x11-server packages fix security vulnerability
2015-08-21 21:54:52
cvelist
cvelist
CVE-2015-3164
2015-07-01 14:00:00
nessus
nessus
openSUSE Security Update : XWayland (openSUSE-2015-438)
2015-06-23 00:00:00
Fedora 22 : xorg-x11-server (2015-10336)
2016-07-14 00:00:00
GLSA-201701-64 : X.Org X Server: Multiple vulnerabilities
2017-01-26 00:00:00
cve
cve
CVE-2015-3164
2015-07-01 14:59:00
CVE-2015-3168
2015-05-19 10:59:00
prion
prion
Authentication flaw
2015-07-01 14:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: xorg-x11-server-1.17.2-1.fc22
2015-06-23 09:15:27
debiancve
debiancve
CVE-2015-3164
2015-07-01 14:59:00
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2017-01-25 00:00:00

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for OPENVAS:1361412562310130063
ubuntucve1mageia1cvelist1nessus3cve2prion1fedora1debiancve1gentoo1