Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:1361412562310830008HistoryApr 09, 2009 - 12:00 a.m.
Mandriva Update for xorg-x11 MDKSA-2007-005 (xorg-x11)
2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
12
0.006 Low
EPSS
Percentile
76.6%
Check for the Version of xorg-x11
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for xorg-x11 MDKSA-2007-005 (xorg-x11)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Sean Larsson of iDefense Labs discovered several vulnerabilities in
X.Org/XFree86:
Local exploitation of a memory corruption vulnerability in the
'ProcRenderAddGlyphs()' function in the X.Org and XFree86 X server
could allow an attacker to execute arbitrary code with privileges of
the X server, typically root. (CVE-2006-6101)
Local exploitation of a memory corruption vulnerability in the
'ProcDbeGetVisualInfo()' function in the X.Org and XFree86 X server
could allow an attacker to execute arbitrary code with privileges of
the X server, typically root. (CVE-2006-6102)
Local exploitation of a memory corruption vulnerability in the
'ProcDbeSwapBuffers()' function in the X.Org and XFree86 X server could
allow an attacker to execute arbitrary code with privileges of the X
server, typically root. (CVE-2006-6103)
Updated packages are patched to address these issues.";
tag_affected = "xorg-x11 on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2007-01/msg00008.php");
script_oid("1.3.6.1.4.1.25623.1.0.830008");
script_version("$Revision: 9370 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "MDKSA", value: "2007-005");
script_cve_id("CVE-2006-6101", "CVE-2006-6102", "CVE-2006-6103");
script_name( "Mandriva Update for xorg-x11 MDKSA-2007-005 (xorg-x11)");
script_tag(name:"summary", value:"Check for the Version of xorg-x11");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2007.0")
{
if ((res = isrpmvuln(pkg:"x11-server", rpm:"x11-server~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-common", rpm:"x11-server-common~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-devel", rpm:"x11-server-devel~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xati", rpm:"x11-server-xati~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xchips", rpm:"x11-server-xchips~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xdmx", rpm:"x11-server-xdmx~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xephyr", rpm:"x11-server-xephyr~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xepson", rpm:"x11-server-xepson~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xfake", rpm:"x11-server-xfake~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xfbdev", rpm:"x11-server-xfbdev~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xi810", rpm:"x11-server-xi810~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xmach64", rpm:"x11-server-xmach64~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xmga", rpm:"x11-server-xmga~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xneomagic", rpm:"x11-server-xneomagic~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xnest", rpm:"x11-server-xnest~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xnvidia", rpm:"x11-server-xnvidia~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xorg", rpm:"x11-server-xorg~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xpm2", rpm:"x11-server-xpm2~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xprt", rpm:"x11-server-xprt~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xr128", rpm:"x11-server-xr128~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xsdl", rpm:"x11-server-xsdl~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xsmi", rpm:"x11-server-xsmi~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xvesa", rpm:"x11-server-xvesa~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xvfb", rpm:"x11-server-xvfb~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x11-server-xvia", rpm:"x11-server-xvia~1.1.1~11.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
openvas
openvas
Ubuntu Update for xorg, xorg-server vulnerabilities USN-403-1
2009-03-23 00:00:00
Mandriva Update for xorg-x11 MDKSA-2007-005 (xorg-x11)
2009-04-09 00:00:00
Slackware Advisory SSA:2007-066-02 x11
2012-09-11 00:00:00
securityvulns
securityvulns
X.org / XFree68 multiple integer overflows
2007-01-10 00:00:00
[USN-403-1] X.org vulnerabilities
2007-01-09 00:00:00
nessus
nessus
HP-UX PHSS_34389 : HP-UX Running Xserver, Local Denial of Service (DoS) (HPSBUX02225 SSRT071295 rev.1)
2007-09-25 00:00:00
SUSE-SA:2007:008: XFree86-server,xorg-x11-server,xloader
2007-02-18 00:00:00
Oracle Linux 3 : XFree86 (ELSA-2007-0002)
2013-07-12 00:00:00
centos
centos
XFree86 security update
2007-01-10 19:02:34
libgsf, xorg security update
2007-01-11 19:01:11
XFree86 security update
2007-01-14 23:13:01
debian
debian
[SECURITY] [DSA 1249-1] New xfree86 packages fix privilege escalation
2007-01-15 23:09:41
redhat
redhat
(RHSA-2007:0003) Important: xorg-x11 security update
2007-01-10 00:00:00
(RHSA-2007:0002) Important: XFree86 security update
2007-01-10 00:00:00
slackware
slackware
[slackware-security] x11
2007-03-08 02:36:15
osv
osv
xfree86
2007-01-15 00:00:00
oraclelinux
oraclelinux
Important: xorg-x11 security update
2007-01-12 00:00:00
Important: XFree86 security update
2007-03-22 00:00:00
Important: xorg-x11 security update
2007-04-04 00:00:00
gentoo
gentoo
X.Org X server: Multiple vulnerabilities
2007-01-27 00:00:00
altlinux
altlinux
ubuntu
ubuntu
X.org vulnerabilities
2007-01-09 00:00:00
suse
suse
local privilege escalation in XFree86-server,xorg-x11-server,xloader
2007-01-12 17:40:25
cvelist
cvelist
cve
cve
ubuntucve
ubuntucve
debiancve
debiancve