SuSE Update for XFree86-server,xorg-x11-server,xloader SUSE-SA:2007:008

SuSE Update for XFree86-server,xorg-x11-server,xloader SUSE-SA:2007:008 - Fix Memory Corruption

Reporter	Title	Published	Views	Family All 157
ALT Linux	Security fix for the ALT Linux 6 package fetchmail version 6.3.6-alt1	8 Jan 200700:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package xorg-server version 2:1.1.99.903-alt5	9 Jan 200700:00	–	altlinux
FreeBSD	fetchmail -- crashes when refusing a message bound for an MDA	4 Jan 200700:00	–	freebsd
FreeBSD	fetchmail -- TLS enforcement problem/MITM attack/password exposure	4 Jan 200700:00	–	freebsd
Tenable Nessus	CentOS 3 : XFree86 (CESA-2007:0002)	11 Jan 200700:00	–	nessus
Tenable Nessus	CentOS 4 : xorg-x11 (CESA-2007:0003)	17 Jan 200700:00	–	nessus
Tenable Nessus	CentOS 3 / 4 : fetchmail (CESA-2007:0018)	9 Feb 200700:00	–	nessus
Tenable Nessus	Debian DSA-1249-1 : xfree86 - several vulnerabilities	17 Jan 200700:00	–	nessus
Tenable Nessus	Debian DSA-1259-1 : fetchmail - programming error	15 Feb 200700:00	–	nessus
Tenable Nessus	Fedora Core 5 : fetchmail-6.3.6-1.fc5 (2007-041)	17 Jan 200700:00	–	nessus

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_suse_2007_008.nasl 8050 2017-12-08 09:34:29Z santu $
#
# SuSE Update for XFree86-server,xorg-x11-server,xloader SUSE-SA:2007:008
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "This update fixes three memory corruptions within the X server which
  could be used by local attackers with access to this display to crash
  the X server and potentially execute code.

  CVE-2006-6101: Integer overflow in the ProcRenderAddGlyphs function
  in the Render extension for X.Org 6.8.2, 6.9.0, 7.0,
  and 7.1, and XFree86 X server, allows local users to
  execute arbitrary code via a crafted X protocol request
  that triggers memory corruption during processing of
  glyph management data structures.

  CVE-2006-6102: Integer overflow in the ProcDbeGetVisualInfo function
  in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0,
  and 7.1, and XFree86 X server, allows local users to
  execute arbitrary code via a crafted X protocol request
  that triggers memory corruption during processing of
  unspecified data structures.

  CVE-2006-6103: Integer overflow in the ProcDbeSwapBuffers function in
  the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1,
  and XFree86 X server, allows local users to execute
  arbitrary code via a crafted X protocol request
  that triggers memory corruption during processing of
  unspecified data structures.";

tag_impact = "local privilege escalation";
tag_affected = "XFree86-server,xorg-x11-server,xloader on Novell Linux Desktop 9, Novell Linux POS 9, Open Enterprise Server, openSUSE 10.2, SUSE LINUX 10.1, SuSE Linux Enterprise Server 8, SUSE SLED 10, SUSE SLES 10, SUSE SLES 9";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_id(850054);
  script_version("$Revision: 8050 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $");
  script_tag(name:"creation_date", value:"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name: "SUSE-SA", value: "2007-008");
  script_cve_id("CVE-2006-6101", "CVE-2006-6102", "CVE-2006-6103", "CVE-2006-5867", "CVE-2006-5974");
  script_name( "SuSE Update for XFree86-server,xorg-x11-server,xloader SUSE-SA:2007:008");

  script_summary("Check for the Version of XFree86-server,xorg-x11-server,xloader");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("SuSE Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "openSUSE10.2")
{

  if ((res = isrpmvuln(pkg:"xorg-x11-server", rpm:"xorg-x11-server~7.2~30.4", rls:"openSUSE10.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "SLES10")
{

  if ((res = isrpmvuln(pkg:"xorg-x11-server", rpm:"xorg-x11-server~6.9.0~50.30", rls:"SLES10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "SLESSr8")
{

  if ((res = isrpmvuln(pkg:"xloader", rpm:"xloader~4.2.0~280", rls:"SLESSr8")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "NLPOS9")
{

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.99.902~43.82", rls:"NLPOS9")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.0~142", rls:"NLPOS9")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "OES")
{

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.99.902~43.82", rls:"OES")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.0~142", rls:"OES")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "SLES9")
{

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.99.902~43.82", rls:"SLES9")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.0~142", rls:"SLES9")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "NLDk9")
{

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.99.902~43.82", rls:"NLDk9")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"XFree86-server", rpm:"XFree86-server~4.3.0~142", rls:"NLDk9")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "SL10.1")
{

  if ((res = isrpmvuln(pkg:"xorg-x11-server", rpm:"xorg-x11-server~6.9.0~50.30", rls:"SL10.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "SLED10")
{

  if ((res = isrpmvuln(pkg:"xorg-x11-server", rpm:"xorg-x11-server~6.9.0~50.30", rls:"SLED10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

08 Dec 2017 00:00Current

0.5Low risk

Vulners AI Score0.5

EPSS0.13761