Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310870497
HistoryOct 10, 2011 - 12:00 a.m.

RedHat Update for xorg-x11-server RHSA-2011:1359-01

2011-10-1000:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
9

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.4%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2011-October/msg00003.html");
  script_oid("1.3.6.1.4.1.25623.1.0.870497");
  script_tag(name:"cvss_base", value:"8.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:C/I:C/A:C");
  script_version("2024-03-21T05:06:54+0000");
  script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
  script_tag(name:"creation_date", value:"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)");
  script_xref(name:"RHSA", value:"2011:1359-01");
  script_cve_id("CVE-2010-4818", "CVE-2010-4819");
  script_name("RedHat Update for xorg-x11-server RHSA-2011:1359-01");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'xorg-x11-server'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_5");
  script_tag(name:"affected", value:"xorg-x11-server on Red Hat Enterprise Linux (v. 5 server)");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"insight", value:"X.Org is an open source implementation of the X Window System. It provides
  the basic low-level functionality that full-fledged graphical user
  interfaces are designed upon.

  Multiple input sanitization flaws were found in the X.Org GLX (OpenGL
  extension to the X Window System) extension. A malicious, authorized client
  could use these flaws to crash the X.Org server or, potentially, execute
  arbitrary code with root privileges. (CVE-2010-4818)

  An input sanitization flaw was found in the X.Org Render extension. A
  malicious, authorized client could use this flaw to leak arbitrary memory
  from the X.Org server process, or possibly crash the X.Org server.
  (CVE-2010-4819)

  Users of xorg-x11-server should upgrade to these updated packages, which
  contain backported patches to resolve these issues. All running X.Org
  server instances must be restarted for this update to take effect.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "RHENT_5")
{

  if ((res = isrpmvuln(pkg:"xorg-x11-server-Xdmx", rpm:"xorg-x11-server-Xdmx~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-Xephyr", rpm:"xorg-x11-server-Xephyr~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-Xnest", rpm:"xorg-x11-server-Xnest~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-Xorg", rpm:"xorg-x11-server-Xorg~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-Xvfb", rpm:"xorg-x11-server-Xvfb~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-Xvnc-source", rpm:"xorg-x11-server-Xvnc-source~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-debuginfo", rpm:"xorg-x11-server-debuginfo~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xorg-x11-server-sdk", rpm:"xorg-x11-server-sdk~1.1.1~48.76.el5_7.5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

nessus 15
centos 2
openvas 20
amazon 1
redhat 2
oraclelinux 2
ubuntu 3
securityvulns 2
cve 2
prion 2
veracode 2
nvd 2
debiancve 2
ubuntucve 3
cvelist 2
nessus
nessus
CentOS 5 : xorg-x11-server (CESA-2011:1359)
2011-10-07 00:00:00
CentOS 4 : xorg-x11 (CESA-2011:1360)
2011-11-14 00:00:00
Amazon Linux AMI : xorg-x11-server (ALAS-2011-13)
2013-09-04 00:00:00
centos
centos
xorg security update
2011-10-06 22:11:34
xorg security update
2011-11-09 20:44:47
openvas
openvas
RedHat Update for xorg-x11-server RHSA-2011:1359-01
2011-10-10 00:00:00
RedHat Update for xorg-x11 RHSA-2011:1360-01
2011-10-10 00:00:00
CentOS Update for xorg-x11 CESA-2011:1360 centos4 i386
2011-11-11 00:00:00
amazon
amazon
Medium: xorg-x11-server
2011-10-31 18:25:00
redhat
redhat
(RHSA-2011:1360) Moderate: xorg-x11 security update
2011-10-06 00:00:00
(RHSA-2011:1359) Moderate: xorg-x11-server security update
2011-10-06 00:00:00
oraclelinux
oraclelinux
xorg-x11 security update
2011-10-06 00:00:00
xorg-x11-server security update
2011-10-06 00:00:00
ubuntu
ubuntu
X.Org X server vulnerabilities
2011-10-18 00:00:00
X.Org X server vulnerability
2011-10-20 00:00:00
X.Org X server regression
2011-10-19 00:00:00
securityvulns
securityvulns
X.Org multiple security vulnerabilities
2011-10-20 00:00:00
[USN-1232-1] X.Org X server vulnerabilities
2011-10-20 00:00:00
cve
cve
CVE-2010-4818
2012-09-05 23:55:01
CVE-2010-4819
2012-09-05 23:55:01
prion
prion
Design/Logic Flaw
2012-09-05 23:55:00
Design/Logic Flaw
2012-09-05 23:55:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:07:03
Denial Of Service (DoS)
2020-04-10 01:07:03
nvd
nvd
CVE-2010-4818
2012-09-05 23:55:01
CVE-2010-4819
2012-09-05 23:55:01
debiancve
debiancve
CVE-2010-4818
2012-09-05 23:55:01
CVE-2010-4819
2012-09-05 23:55:01
ubuntucve
ubuntucve
CVE-2010-4818
2011-10-03 00:00:00
CVE-2010-4819
2011-10-03 00:00:00
CVE-2011-4818
2012-03-13 00:00:00
cvelist
cvelist
CVE-2010-4818
2012-09-05 23:00:00
CVE-2010-4819
2012-09-05 23:00:00

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.4%

JSON
Related for OPENVAS:1361412562310870497
nessus15centos2openvas20amazon1redhat2oraclelinux2ubuntu3securityvulns2cve2prion2veracode2nvd2debiancve2ubuntucve3cvelist2