Lucene search
Copyright (C) 2022 Greenbone AGOPENVAS:13614125623111020140532HistoryJan 28, 2022 - 12:00 a.m.
Mageia: Security Advisory (MGASA-2014-0532)
2022-01-2800:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
7.7 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.063 Low
EPSS
Percentile
93.6%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2014.0532");
script_cve_id("CVE-2014-8091", "CVE-2014-8092", "CVE-2014-8093", "CVE-2014-8094", "CVE-2014-8095", "CVE-2014-8096", "CVE-2014-8097", "CVE-2014-8098", "CVE-2014-8099", "CVE-2014-8100", "CVE-2014-8101", "CVE-2014-8102");
script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
script_version("2024-02-02T05:06:08+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:08 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"6.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_name("Mageia: Security Advisory (MGASA-2014-0532)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA4");
script_xref(name:"Advisory-ID", value:"MGASA-2014-0532");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2014-0532.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=14767");
script_xref(name:"URL", value:"http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/");
script_xref(name:"URL", value:"https://www.debian.org/security/2014/dsa-3095");
script_tag(name:"summary", value:"The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2014-0532 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Ilja van Sprundel of IOActive discovered several security issues in the X.org
X server, which may lead to privilege escalation or denial of service
(CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095,
CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100,
CVE-2014-8101, CVE-2014-8102).");
script_tag(name:"affected", value:"'x11-server' package(s) on Mageia 4.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA4") {
if(!isnull(res = isrpmvuln(pkg:"x11-server", rpm:"x11-server~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-common", rpm:"x11-server-common~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-devel", rpm:"x11-server-devel~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-source", rpm:"x11-server-source~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xdmx", rpm:"x11-server-xdmx~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xephyr", rpm:"x11-server-xephyr~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xfake", rpm:"x11-server-xfake~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xfbdev", rpm:"x11-server-xfbdev~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xnest", rpm:"x11-server-xnest~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xorg", rpm:"x11-server-xorg~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"x11-server-xvfb", rpm:"x11-server-xvfb~1.14.5~2.1.mga4", rls:"MAGEIA4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
openvas
openvas
Debian Security Advisory DSA 3095-1 (xorg-server - security update)
2014-12-10 00:00:00
Debian: Security Advisory (DSA-3095-1)
2014-12-09 00:00:00
SUSE: Security Advisory for xorg-x11-server (SUSE-SU-2015:0045-1)
2015-10-13 00:00:00
freebsd
freebsd
xserver -- multiple issue with X client request handling
2014-12-09 00:00:00
NVIDIA UNIX driver -- remote denial of service or arbitrary code execution
2014-12-03 00:00:00
osv
osv
xorg-server - security update
2014-12-10 00:00:00
nessus
nessus
Debian DSA-3095-1 : xorg-server - security update
2014-12-15 00:00:00
Scientific Linux Security Update : xorg-x11-server on SL5.x i386/x86_64 (20141211)
2014-12-15 00:00:00
RHEL 5 : xorg-x11-server (RHSA-2014:1982)
2014-12-15 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2014:1982) Important: xorg-x11-server security update
2014-12-11 00:00:00
(RHSA-2014:1983) Important: xorg-x11-server security update
2014-12-11 00:00:00
centos
centos
xorg security update
2014-12-11 20:11:55
xorg security update
2014-12-11 19:58:14
debian
debian
[SECURITY] [DLA 120-1] xorg-server security update
2014-12-22 10:23:33
[SECURITY] [DSA 3095-1] xorg-server security update
2014-12-10 18:33:14
[SECURITY] [DLA 120-2] xorg-server regression update
2015-05-04 04:07:57
mageia
mageia
Updated x11-server packages fix security vulnerabilities
2014-12-19 18:06:35
Updated nvidia packages fix security vulnerabilities
2015-01-07 18:14:58
Updated x11-server packages fix CVE-2015-3418
2015-05-06 18:16:01
suse
suse
Security update for xorg-x11-server (important)
2015-01-14 23:04:43
securityvulns
securityvulns
[USN-2436-1] X.Org X server vulnerabilities
2014-12-11 00:00:00
X.Org X server and video drivers multiple security vulnerabilities
2014-12-11 00:00:00
[USN-2438-1] NVIDIA graphics drivers vulnerabilities
2014-12-11 00:00:00
amazon
amazon
Important: xorg-x11-server
2015-01-15 14:49:00
archlinux
archlinux
xorg-server: multiple issues
2014-12-12 00:00:00
nvidia-304xx: arbitrary code execution
2014-12-12 00:00:00
nvidia-340xx: arbitrary code execution
2014-12-12 00:00:00
oraclelinux
oraclelinux
xorg-x11-server security update
2014-12-11 00:00:00
xorg-x11-server security update
2014-12-11 00:00:00
ubuntu
ubuntu
X.Org X server vulnerabilities
2014-12-09 00:00:00
NVIDIA graphics drivers vulnerabilities
2014-12-10 00:00:00
slackware
slackware
[slackware-security] xorg-server
2014-12-23 05:39:09
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2015-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: nx-libs-3.5.0.29-1.fc21
2015-03-26 21:51:39
[SECURITY] Fedora 22 Update: nx-libs-3.5.0.29-1.fc22
2015-03-21 04:53:26
[SECURITY] Fedora 20 Update: nx-libs-3.5.0.29-1.fc20
2015-03-26 21:29:40
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:05:57
Denial Of Service (DoS)
2019-01-15 09:03:27
Arbitrary Code Execution
2019-05-02 05:05:57
prion
prion
Null pointer dereference
2014-12-10 15:59:00
Out-of-bounds
2014-12-10 15:59:00
Integer overflow
2014-12-10 15:59:00
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
kaspersky
kaspersky
KLA10630 Multiple vulnerabilities in Oracle VM VirtualBox
2015-07-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
7.7 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.063 Low
EPSS
Percentile
93.6%
Related for OPENVAS:13614125623111020140532