ID RHSA-2005:044 Type redhat Reporter RedHat Modified 2018-03-14T19:27:09
Description
XFree86 is an open source implementation of the X Window System. It
provides the basic low level functionality which full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.
An integer overflow flaw was found in libXpm, which is used by some
applications for loading of XPM images. An attacker could create a
malicious XPM file that would execute arbitrary code if opened by a victim
using an application linked to the vulnerable library. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0605 to this issue.
XFree86 4.1.0 was not functional on systems that did not have a legacy
keyboard controller (8042). During startup, the X server would attempt to
update registers on the 8042 controller, but if that chip was not present,
the X server would hang during startup. This new release has a workaround
so that the access to those registers time out if they are not present.
A bug in libXaw could cause applications to segfault on 64-bit systems
under certain circumstances. This has been fixed with a patch backported
from XFree86 4.3.0.
Xlib contained a memory leak caused by double allocation, which has been
fixed in XFree86 4.3.0 using backported patch.
All users of XFree86 should upgrade to these updated packages, which
resolve these issues.
{"id": "RHSA-2005:044", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2005:044) XFree86 security update", "description": "XFree86 is an open source implementation of the X Window System. It\nprovides the basic low level functionality which full-fledged graphical\nuser interfaces (GUIs) such as GNOME and KDE are designed upon.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a victim\nusing an application linked to the vulnerable library. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0605 to this issue.\n\nXFree86 4.1.0 was not functional on systems that did not have a legacy\nkeyboard controller (8042). During startup, the X server would attempt to\nupdate registers on the 8042 controller, but if that chip was not present,\nthe X server would hang during startup. This new release has a workaround\nso that the access to those registers time out if they are not present.\n\nA bug in libXaw could cause applications to segfault on 64-bit systems\nunder certain circumstances. This has been fixed with a patch backported\nfrom XFree86 4.3.0.\n\nXlib contained a memory leak caused by double allocation, which has been\nfixed in XFree86 4.3.0 using backported patch.\n\nAll users of XFree86 should upgrade to these updated packages, which\nresolve these issues.", "published": "2005-04-06T04:00:00", "modified": "2018-03-14T19:27:09", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://access.redhat.com/errata/RHSA-2005:044", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2005-0605"], "lastseen": "2019-08-13T18:45:21", "viewCount": 0, "enchantments": {"score": {"value": 6.1, "vector": "NONE", "modified": "2019-08-13T18:45:21", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-0605"]}, {"type": "redhat", "idList": ["RHSA-2008:0261", "RHSA-2005:473", "RHSA-2005:412", "RHSA-2005:198", "RHSA-2008:0524", "RHSA-2005:331"]}, {"type": "gentoo", "idList": ["GLSA-200503-08", "GLSA-200503-15"]}, {"type": "debian", "idList": ["DEBIAN:DSA-723-1:C8A12"]}, {"type": "openvas", "idList": ["OPENVAS:65464", "OPENVAS:855829", "OPENVAS:54880", "OPENVAS:54873", "OPENVAS:1361412562310855829", "OPENVAS:53555", "OPENVAS:1361412562310855820", "OPENVAS:855820", "OPENVAS:136141256231065464"]}, {"type": "centos", "idList": ["CESA-2005:412", "CESA-2005:412-01", "CESA-2005:473-01", "CESA-2005:198", "CESA-2005:044-01"]}, {"type": "nessus", "idList": ["UBUNTU_USN-97-1.NASL", "GENTOO_GLSA-200503-15.NASL", "MANDRAKE_MDKSA-2005-081.NASL", "SOLARIS10_119063-01.NASL", "FEDORA_2005-272.NASL", "SOLARIS10_X86_119064-01.NASL", "REDHAT-RHSA-2005-198.NASL", "UBUNTU_USN-92-1.NASL", "FEDORA_2005-273.NASL", "CENTOS_RHSA-2005-331.NASL"]}, {"type": "ubuntu", "idList": ["USN-97-1", "USN-92-1"]}, {"type": "osvdb", "idList": ["OSVDB:14373"]}], "modified": "2019-08-13T18:45:21", "rev": 2}, "vulnersScore": 6.1}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-ISO8859-9-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-doc", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-doc-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-ISO8859-9-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-twm", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-twm-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-Xnest", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-Xnest-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-xfs", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-xfs-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-Xvfb", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-Xvfb-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-tools", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-tools-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-ISO8859-15-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-devel", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-devel-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-xf86cfg", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-xf86cfg-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-xdm", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-xdm-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-cyrillic-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-cyrillic-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-ISO8859-15-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-100dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-twm", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-twm-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-ISO8859-2-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-libs", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-libs-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-Xvfb", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-Xvfb-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-xdm", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-xdm-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-ISO8859-15-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-ISO8859-2-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-Xnest", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-Xnest-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-xfs", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-xfs-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-ISO8859-9-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-ISO8859-2-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-ISO8859-15-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-devel", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-devel-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-cyrillic-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-75dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-75dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-libs", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-libs-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-ISO8859-2-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-doc", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-doc-4.1.0-71.EL.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "XFree86-ISO8859-9-100dpi-fonts", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "XFree86-tools", "packageVersion": "4.1.0-71.EL", "packageFilename": "XFree86-tools-4.1.0-71.EL.i386.rpm", "operator": "lt"}], "immutableFields": []}
{"cve": [{"lastseen": "2021-04-21T20:27:28", "description": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.", "edition": 5, "cvss3": {}, "published": "2005-03-02T05:00:00", "title": "CVE-2005-0605", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-0605"], "modified": "2018-10-03T21:29:00", "cpe": ["cpe:/o:suse:suse_linux:6.2", "cpe:/o:suse:suse_linux:7.0", "cpe:/a:xfree86_project:x11r6:4.0", "cpe:/a:xfree86_project:x11r6:4.2.1", "cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0", "cpe:/a:xfree86_project:x11r6:4.2.0", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/a:xfree86_project:x11r6:4.0.2.11", "cpe:/o:suse:suse_linux:6.4", "cpe:/a:x.org:x11r6:6.8", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "cpe:/a:xfree86_project:x11r6:4.0.3", "cpe:/o:suse:suse_linux:9.1", "cpe:/a:x.org:x11r6:6.8.1", "cpe:/a:sgi:propack:3.0", "cpe:/o:redhat:enterprise_linux:3.0", "cpe:/a:xfree86_project:x11r6:3.3.2", "cpe:/o:altlinux:alt_linux:2.3", "cpe:/a:xfree86_project:x11r6:3.3.3", "cpe:/a:xfree86_project:x11r6:4.3.0", "cpe:/o:suse:suse_linux:7.1", "cpe:/a:xfree86_project:x11r6:3.3.4", "cpe:/o:redhat:fedora_core:core_2.0", "cpe:/a:lesstif:lesstif:0.93.94", "cpe:/o:suse:suse_linux:8.1", "cpe:/o:suse:suse_linux:8.2", "cpe:/o:redhat:enterprise_linux_desktop:3.0", "cpe:/a:xfree86_project:x11r6:4.1.0", "cpe:/o:suse:suse_linux:9.2", "cpe:/o:suse:suse_linux:6.1", "cpe:/o:redhat:enterprise_linux_desktop:4.0", "cpe:/a:xfree86_project:x11r6:4.3.0.2", "cpe:/o:mandrakesoft:mandrake_linux:10.2", "cpe:/o:suse:suse_linux:6.3", "cpe:/o:suse:suse_linux:7.3", "cpe:/a:xfree86_project:x11r6:4.3.0.1", "cpe:/o:redhat:fedora_core:core_3.0", "cpe:/o:suse:suse_linux:8.0", "cpe:/a:xfree86_project:x11r6:4.1.11", "cpe:/a:xfree86_project:x11r6:3.3", "cpe:/a:xfree86_project:x11r6:3.3.5", "cpe:/a:x.org:x11r6:6.7.0", "cpe:/a:xfree86_project:x11r6:4.1.12", "cpe:/o:suse:suse_linux:9.0", "cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1", "cpe:/a:xfree86_project:x11r6:4.0.1", "cpe:/a:xfree86_project:x11r6:3.3.6", "cpe:/o:suse:suse_linux:7.2", "cpe:/o:redhat:enterprise_linux:4.0"], "id": "CVE-2005-0605", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0605", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86_64:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-09T19:36:53", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "Several vulnerabilities have been found in the XPM image decoding \nfunctions of the LessTif library. If an attacker tricked a user into \nloading a malicious XPM image with an application that uses LessTif, \nhe could exploit this to execute arbitrary code in the context of the \nuser opening the image.\n\nUbuntu does not contain any server applications using LessTif, so \nthere is no possibility of privilege escalation.", "edition": 5, "modified": "2005-03-08T00:00:00", "published": "2005-03-08T00:00:00", "id": "USN-92-1", "href": "https://ubuntu.com/security/notices/USN-92-1", "title": "LessTif vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-09T19:36:10", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "Chris Gilbert discovered a buffer overflow in the XPM library shipped \nwith XFree86. If an attacker tricked a user into loading a malicious \nXPM image with an application that uses libxpm, he could exploit this \nto execute arbitrary code with the privileges of the user opening the \nimage.\n\nThese overflows do not allow privilege escalation through the X \nserver; the overflows are in a client-side library.", "edition": 5, "modified": "2005-03-16T00:00:00", "published": "2005-03-16T00:00:00", "id": "USN-97-1", "href": "https://ubuntu.com/security/notices/USN-97-1", "title": "libxpm vulnerability", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-26T08:55:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n XFree86-libs\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016773 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65464", "href": "http://plugins.openvas.org/nasl.php?oid=65464", "type": "openvas", "title": "SLES9: Security update for XFree86-libs", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5016773.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for XFree86-libs\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n XFree86-libs\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016773 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65464);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0605\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for XFree86-libs\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"XFree86-libs\", rpm:\"XFree86-libs~4.3.99.902~43.42.5\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n XFree86-libs\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016773 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065464", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065464", "type": "openvas", "title": "SLES9: Security update for XFree86-libs", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5016773.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for XFree86-libs\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n XFree86-libs\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016773 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65464\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0605\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for XFree86-libs\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"XFree86-libs\", rpm:\"XFree86-libs~4.3.99.902~43.42.5\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "Check for the Version of Runtime library for Solaris 10", "modified": "2017-12-28T00:00:00", "published": "2010-02-03T00:00:00", "id": "OPENVAS:1361412562310855829", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855829", "type": "openvas", "title": "Solaris Update for Runtime library for Solaris 10 119281-22", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Runtime library for Solaris 10 119281-22\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Runtime library for Solaris 10 on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Runtime library for Solaris 10\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855829\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"119281-22\");\n script_cve_id(\"CVE-2005-0605\");\n script_name(\"Solaris Update for Runtime library for Solaris 10 119281-22\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-119281-22-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Runtime library for Solaris 10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"119281-22\", package:\"SUNWdtdst SUNWdtma SUNWdtmad SUNWdtbas SUNWmfrun SUNWdtinc\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-26T11:05:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "Check for the Version of CDE 1.6", "modified": "2018-01-25T00:00:00", "published": "2010-02-03T00:00:00", "id": "OPENVAS:1361412562310855820", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855820", "type": "openvas", "title": "Solaris Update for CDE 1.6 119280-22", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for CDE 1.6 119280-22\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"CDE 1.6 on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n CDE 1.6\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855820\");\n script_version(\"$Revision: 8528 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"119280-22\");\n script_cve_id(\"CVE-2005-0605\");\n script_name(\"Solaris Update for CDE 1.6 119280-22\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-119280-22-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of CDE 1.6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"119280-22\", package:\"SUNWdtdst SUNWdtma SUNWdtmad SUNWdtbas SUNWmfrun SUNWdtinc\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "Check for the Version of CDE 1.6", "modified": "2017-12-26T00:00:00", "published": "2010-02-03T00:00:00", "id": "OPENVAS:855820", "href": "http://plugins.openvas.org/nasl.php?oid=855820", "type": "openvas", "title": "Solaris Update for CDE 1.6 119280-22", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for CDE 1.6 119280-22\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"CDE 1.6 on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n CDE 1.6\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855820);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"119280-22\");\n script_cve_id(\"CVE-2005-0605\");\n script_name(\"Solaris Update for CDE 1.6 119280-22\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-119280-22-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of CDE 1.6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"119280-22\", package:\"SUNWdtdst SUNWdtma SUNWdtmad SUNWdtbas SUNWmfrun SUNWdtinc\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "Check for the Version of Runtime library for Solaris 10", "modified": "2017-12-14T00:00:00", "published": "2010-02-03T00:00:00", "id": "OPENVAS:855829", "href": "http://plugins.openvas.org/nasl.php?oid=855829", "type": "openvas", "title": "Solaris Update for Runtime library for Solaris 10 119281-22", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Runtime library for Solaris 10 119281-22\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Runtime library for Solaris 10 on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Runtime library for Solaris 10\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855829);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"119281-22\");\n script_cve_id(\"CVE-2005-0605\");\n script_name(\"Solaris Update for Runtime library for Solaris 10 119281-22\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-119281-22-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Runtime library for Solaris 10\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"119281-22\", package:\"SUNWdtdst SUNWdtma SUNWdtmad SUNWdtbas SUNWmfrun SUNWdtinc\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "The remote host is missing an update to xfree86\nannounced via advisory DSA 723-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53555", "href": "http://plugins.openvas.org/nasl.php?oid=53555", "type": "openvas", "title": "Debian Security Advisory DSA 723-1 (xfree86)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_723_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 723-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow has been discovered in the Xpm library which is used\nin XFree86. A remote attacker could provide a specially crafted XPM\nimage that could lead to the execution or arbitrary code.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 4.1.0-16woody6\n\nFor the unstable distribution (sid) this problem will be fixed in\nversion 4.3.0.dfsg.1-13, which is currently in preparation.\n\nWe recommend that you upgrade your xfree86 and associated packages.\";\ntag_summary = \"The remote host is missing an update to xfree86\nannounced via advisory DSA 723-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20723-1\";\n\nif(description)\n{\n script_id(53555);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(12714);\n script_cve_id(\"CVE-2005-0605\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 723-1 (xfree86)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"x-window-system\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-100dpi-transcoded\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-100dpi\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-75dpi-transcoded\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-75dpi\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-base-transcoded\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-base\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-cyrillic\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-pex\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfonts-scalable\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfree86-common\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlib6g-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlib6g\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xspecs\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lbxproxy\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdps-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdps1\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdps1-dbg\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxaw6\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxaw6-dbg\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxaw6-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxaw7\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxaw7-dbg\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxaw7-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proxymngr\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"twm\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"x-window-system-core\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xbase-clients\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xdm\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfs\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xfwp\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibmesa-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibmesa3\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibmesa3-dbg\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibosmesa-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibosmesa3\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibosmesa3-dbg\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibs\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibs-dbg\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibs-dev\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xlibs-pic\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xmh\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xnest\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xprt\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xserver-common\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xserver-xfree86\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xterm\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xutils\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xvfb\", ver:\"4.1.0-16woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200503-15.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54880", "href": "http://plugins.openvas.org/nasl.php?oid=54880", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200503-15 (X.org)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A new vulnerability has been discovered in libXpm, which is included in\nX.org, that can potentially lead to remote code execution.\";\ntag_solution = \"All X.org users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose x11-base/xorg-x11\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-15\nhttp://bugs.gentoo.org/show_bug.cgi?id=83598\nhttps://bugs.freedesktop.org/show_bug.cgi?id=1920\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200503-15.\";\n\n \n\nif(description)\n{\n script_id(54880);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(12714);\n script_cve_id(\"CVE-2005-0605\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200503-15 (X.org)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"x11-base/xorg-x11\", unaffected: make_list(\"rge 6.8.0-r5\", \"ge 6.8.2-r1\"), vulnerable: make_list(\"lt 6.8.2-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200503-08.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54873", "href": "http://plugins.openvas.org/nasl.php?oid=54873", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200503-08 (openmotif)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A new vulnerability has been discovered in libXpm, which is included in\nOpenMotif and LessTif, that can potentially lead to remote code execution.\";\ntag_solution = \"All OpenMotif users should upgrade to an unaffected version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose x11-libs/openmotif\n\nAll LessTif users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/lesstif-0.94.0-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=83655\nhttp://bugs.gentoo.org/show_bug.cgi?id=83656\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200503-08.\";\n\n \n\nif(description)\n{\n script_id(54873);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(12714);\n script_cve_id(\"CVE-2005-0605\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200503-08 (openmotif)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"x11-libs/openmotif\", unaffected: make_list(\"ge 2.2.3-r3\", \"rge 2.1.30-r9\"), vulnerable: make_list(\"lt 2.2.3-r3\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"x11-libs/lesstif\", unaffected: make_list(\"ge 0.94.0-r2\"), vulnerable: make_list(\"lt 0.94.0-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:45", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "edition": 1, "description": "### Background\n\nlibXpm is a pixmap manipulation library for the X Window System, included in X.org. \n\n### Description\n\nChris Gilbert has discovered potentially exploitable buffer overflow cases in libXpm that weren't fixed in previous libXpm versions. \n\n### Impact\n\nA carefully-crafted XPM file could crash X.org, potentially allowing the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll X.org users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose x11-base/xorg-x11", "modified": "2005-03-12T00:00:00", "published": "2005-03-12T00:00:00", "id": "GLSA-200503-15", "href": "https://security.gentoo.org/glsa/200503-15", "type": "gentoo", "title": "X.org: libXpm vulnerability", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:46", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "edition": 1, "description": "### Background\n\nLessTif is a clone of OSF/Motif, which is a standard user interface toolkit available on Unix and Linux. OpenMotif also provides a free version of the Motif toolkit for open source applications. \n\n### Description\n\nChris Gilbert discovered potentially exploitable buffer overflow cases in libXpm that weren't fixed in previous libXpm security advisories. \n\n### Impact\n\nA carefully-crafted XPM file could crash applications making use of the OpenMotif or LessTif toolkits, potentially allowing the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll OpenMotif users should upgrade to an unaffected version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose x11-libs/openmotif\n\nAll LessTif users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/lesstif-0.94.0-r2\"", "modified": "2005-03-04T00:00:00", "published": "2005-03-04T00:00:00", "id": "GLSA-200503-08", "href": "https://security.gentoo.org/glsa/200503-08", "type": "gentoo", "title": "OpenMotif, LessTif: New libXpm buffer overflows", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:42", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "LessTif provides libraries which implement the Motif industry standard\r\ngraphical user interface.\r\n\r\nAn integer overflow flaw was found in libXpm; a vulnerable version of this\r\nlibrary is found within LessTif. An attacker could create a malicious XPM\r\nfile that would execute arbitrary code if opened by a victim using an\r\napplication linked to LessTif. The Common Vulnerabilities and Exposures\r\nproject (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue.\r\n\r\nUsers of LessTif should upgrade to these updated packages, which contain a\r\nbackported patch to correct this issue.", "modified": "2018-03-14T19:26:37", "published": "2005-05-24T04:00:00", "id": "RHSA-2005:473", "href": "https://access.redhat.com/errata/RHSA-2005:473", "type": "redhat", "title": "(RHSA-2005:473) lesstif security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:30", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "XFree86 is an open source implementation of the X Window System. It\nprovides the basic low-level functionality that full-fledged graphical\nuser interfaces (GUIs) such as GNOME and KDE are designed upon.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a victim\nusing an application linked to the vulnerable library. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0605 to this issue.\n\nThe updated XFree86 packages also address the following minor issues:\n\n- Updated XFree86-4.3.0-keyboard-disable-ioport-access-v3.patch to make\n warning messages less alarmist.\n\n- Backported XFree86-4.3.0-libX11-stack-overflow.patch from xorg-x11-6.8.1\n packaging to fix stack overflow in libX11, which was discovered by new\n security features of gcc4.\n\nUsers of XFree86 should upgrade to these updated packages, which contain a\nbackported patch and are not vulnerable to this issue.", "modified": "2017-07-29T20:26:43", "published": "2005-03-30T05:00:00", "id": "RHSA-2005:331", "href": "https://access.redhat.com/errata/RHSA-2005:331", "type": "redhat", "title": "(RHSA-2005:331) XFree86 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:24", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "OpenMotif provides libraries which implement the Motif industry standard\ngraphical user interface. \n\nAn integer overflow flaw was found in libXpm, which is used to decode XPM\n(X PixMap) images. A vulnerable version of this library was\nfound within OpenMotif. An attacker could create a carefully crafted XPM\nfile which would cause an application to crash or potentially execute\narbitrary code if opened by a victim. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to\nthis issue.\n\nUsers of OpenMotif are advised to upgrade to these erratum packages, which\ncontains a backported security patch to the embedded libXpm library.", "modified": "2019-03-22T23:42:37", "published": "2005-05-11T04:00:00", "id": "RHSA-2005:412", "href": "https://access.redhat.com/errata/RHSA-2005:412", "type": "redhat", "title": "(RHSA-2005:412) openmotif security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "X.Org X11 is the X Window System which provides the core functionality\r\nof the Linux GUI desktop.\r\n\r\nAn integer overflow flaw was found in libXpm, which is used by some\r\napplications for loading of XPM images. An attacker could create a\r\ncarefully crafted XPM file in such a way that it could cause an application\r\nlinked with libXpm to execute arbitrary code when the file was opened by a\r\nvictim. The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\nhas assigned the name CAN-2005-0605 to this issue. \r\n\r\nSince the initial release of Red Hat Enterprise Linux 4, a number of issues\r\nhave been addressed in the X.Org X11 X Window System. This erratum also\r\nupdates X11R6.8 to the latest stable point release (6.8.2), which includes\r\nvarious stability and reliability fixes including (but not limited to) the\r\nfollowing:\r\n\r\n- The 'radeon' driver has been modified to disable \"RENDER\" acceleration\r\n by default, due to a bug in the implementation which has not yet\r\n been isolated. This can be manually re-enabled by using the\r\n following option in the device section of the X server config file:\r\n\r\n Option \"RenderAccel\"\r\n\r\n- The 'vmware' video driver is now available on 64-bit AMD64 and\r\n compatible systems.\r\n\r\n- The Intel 'i810' video driver is now available on 64-bit EM64T\r\n systems.\r\n\r\n- Stability fixes in the X Server's PCI handling layer for 64-bit systems,\r\n which resolve some issues reported by \"vesa\" and \"nv\" driver users.\r\n\r\n- Support for Hewlett Packard's Itanium ZX2 chipset.\r\n\r\n- Nvidia \"nv\" video driver update provides support for some of\r\n the newer Nvidia chipsets, as well as many stability and reliability\r\n fixes.\r\n\r\n- Intel i810 video driver stability update, which fixes the widely\r\n reported i810/i815 screen refresh issues many have experienced.\r\n\r\n- Packaging fixes for multilib systems, which permit both 32-bit\r\n and 64-bit X11 development environments to be simultaneously installed\r\n without file conflicts.\r\n\r\nIn addition to the above highlights, the X.Org X11 6.8.2 release has a\r\nlarge number of additional stability fixes which resolve various other\r\nissues reported since the initial release of Red Hat Enterprise Linux 4. \r\n\r\nAll users of X11 should upgrade to these updated packages, which resolve\r\nthese issues.", "modified": "2017-09-08T12:10:55", "published": "2005-06-08T04:00:00", "id": "RHSA-2005:198", "href": "https://access.redhat.com/errata/RHSA-2005:198", "type": "redhat", "title": "(RHSA-2005:198) xorg-x11 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:52", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0885", "CVE-2005-0605", "CVE-2005-2090", "CVE-2005-3510", "CVE-2005-3964", "CVE-2005-4838", "CVE-2006-0254", "CVE-2006-0898", "CVE-2006-1329", "CVE-2006-3835", "CVE-2006-5752", "CVE-2006-7195", "CVE-2006-7196", "CVE-2006-7197", "CVE-2007-0243", "CVE-2007-0450", "CVE-2007-1349", "CVE-2007-1355", "CVE-2007-1358", "CVE-2007-1860", "CVE-2007-2435", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3304", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-4465", "CVE-2007-5000", "CVE-2007-5461", "CVE-2007-5961", "CVE-2007-6306", "CVE-2007-6388", "CVE-2008-0128"], "description": "During an internal security review, a cross-site scripting flaw was found\nthat affected the Red Hat Network channel search feature. (CVE-2007-5961)\n\nThis release also corrects several security vulnerabilities in various\ncomponents shipped as part of the Red Hat Network Satellite Server. In a\ntypical operating environment, these components are not exposed to users of\nSatellite Server in a vulnerable manner. These security updates will reduce\nrisk in unique Satellite Server environments.\n\nMultiple flaws were fixed in the Apache HTTPD server. These flaws could\nresult in a cross-site scripting, denial-of-service, or information\ndisclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197,\nCVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388)\n\nA denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)\n\nA denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)\n\nMultiple cross-site scripting flaws were fixed in the image map feature in\nthe JFreeChart package. (CVE-2007-6306)\n\nMultiple flaws were fixed in the IBM Java 1.4.2 Runtime. (CVE-2007-0243,\nCVE-2007-2435, CVE-2007-2788, CVE-2007-2789)\n\nTwo arbitrary code execution flaws were fixed in the OpenMotif package.\n(CVE-2005-3964, CVE-2005-0605)\n\nA flaw which could result in weak encryption was fixed in the\nperl-Crypt-CBC package. (CVE-2006-0898)\n\nMultiple flaws were fixed in the Tomcat package. (CVE-2008-0128,\nCVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355,\nCVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195,\nCVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510)\n\nUsers of Red Hat Network Satellite Server 5.0 are advised to upgrade to\n5.0.2, which resolves these issues.", "modified": "2019-03-22T23:44:36", "published": "2008-05-20T04:00:00", "id": "RHSA-2008:0261", "href": "https://access.redhat.com/errata/RHSA-2008:0261", "type": "redhat", "title": "(RHSA-2008:0261) Moderate: Red Hat Network Satellite Server security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:36", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0687", "CVE-2004-0688", "CVE-2004-0885", "CVE-2004-0914", "CVE-2005-0605", "CVE-2005-2090", "CVE-2005-3510", "CVE-2005-3964", "CVE-2005-4838", "CVE-2006-0254", "CVE-2006-0898", "CVE-2006-1329", "CVE-2006-3835", "CVE-2006-5752", "CVE-2006-7195", "CVE-2006-7196", "CVE-2006-7197", "CVE-2007-0243", "CVE-2007-0450", "CVE-2007-1349", "CVE-2007-1355", "CVE-2007-1358", "CVE-2007-1860", "CVE-2007-2435", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3304", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-4465", "CVE-2007-5000", "CVE-2007-5461", "CVE-2007-6306", "CVE-2007-6388", "CVE-2008-0128"], "description": "This release corrects several security vulnerabilities in various\ncomponents shipped as part of the Red Hat Network Satellite Server 4.2. In\na typical operating environment, these components are not exposed to users\nof Satellite Server in a vulnerable manner. These security updates will\nreduce risk in unique Satellite Server environments.\n\nMultiple flaws were fixed in the Apache HTTPD server. These flaws could\nresult in a cross-site scripting, denial-of-service, or information\ndisclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197,\nCVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388)\n\nA denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)\n\nA denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)\n\nMultiple cross-site scripting flaws were fixed in the image map feature in\nthe JFreeChart package. (CVE-2007-6306)\n\nMultiple flaws were fixed in the IBM Java 1.4.2 Runtime. (CVE-2007-0243,\nCVE-2007-2435, CVE-2007-2788, CVE-2007-2789)\n\nMultiple flaws were fixed in the OpenMotif package. (CVE-2004-0687,\nCVE-2004-0688, CVE-2004-0914, CVE-2005-3964, CVE-2005-0605)\n\nA flaw which could result in weak encryption was fixed in the\nperl-Crypt-CBC package. (CVE-2006-0898)\n\nMultiple flaws were fixed in the Tomcat package. (CVE-2008-0128,\nCVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355,\nCVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195,\nCVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510)\n\nUsers of Red Hat Network Satellite Server 4.2 are advised to upgrade to\n4.2.3, which resolves these issues.", "modified": "2019-03-22T23:44:23", "published": "2008-06-30T04:00:00", "id": "RHSA-2008:0524", "href": "https://access.redhat.com/errata/RHSA-2008:0524", "type": "redhat", "title": "(RHSA-2008:0524) Low: Red Hat Network Satellite Server security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:23", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "**CentOS Errata and Security Advisory** CESA-2005:198\n\n\nX.Org X11 is the X Window System which provides the core functionality\r\nof the Linux GUI desktop.\r\n\r\nAn integer overflow flaw was found in libXpm, which is used by some\r\napplications for loading of XPM images. An attacker could create a\r\ncarefully crafted XPM file in such a way that it could cause an application\r\nlinked with libXpm to execute arbitrary code when the file was opened by a\r\nvictim. The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\nhas assigned the name CAN-2005-0605 to this issue. \r\n\r\nSince the initial release of Red Hat Enterprise Linux 4, a number of issues\r\nhave been addressed in the X.Org X11 X Window System. This erratum also\r\nupdates X11R6.8 to the latest stable point release (6.8.2), which includes\r\nvarious stability and reliability fixes including (but not limited to) the\r\nfollowing:\r\n\r\n- The 'radeon' driver has been modified to disable \"RENDER\" acceleration\r\n by default, due to a bug in the implementation which has not yet\r\n been isolated. This can be manually re-enabled by using the\r\n following option in the device section of the X server config file:\r\n\r\n Option \"RenderAccel\"\r\n\r\n- The 'vmware' video driver is now available on 64-bit AMD64 and\r\n compatible systems.\r\n\r\n- The Intel 'i810' video driver is now available on 64-bit EM64T\r\n systems.\r\n\r\n- Stability fixes in the X Server's PCI handling layer for 64-bit systems,\r\n which resolve some issues reported by \"vesa\" and \"nv\" driver users.\r\n\r\n- Support for Hewlett Packard's Itanium ZX2 chipset.\r\n\r\n- Nvidia \"nv\" video driver update provides support for some of\r\n the newer Nvidia chipsets, as well as many stability and reliability\r\n fixes.\r\n\r\n- Intel i810 video driver stability update, which fixes the widely\r\n reported i810/i815 screen refresh issues many have experienced.\r\n\r\n- Packaging fixes for multilib systems, which permit both 32-bit\r\n and 64-bit X11 development environments to be simultaneously installed\r\n without file conflicts.\r\n\r\nIn addition to the above highlights, the X.Org X11 6.8.2 release has a\r\nlarge number of additional stability fixes which resolve various other\r\nissues reported since the initial release of Red Hat Enterprise Linux 4. \r\n\r\nAll users of X11 should upgrade to these updated packages, which resolve\r\nthese issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023835.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023844.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023845.html\n\n**Affected packages:**\nfonts-xorg\nfonts-xorg-100dpi\nfonts-xorg-75dpi\nfonts-xorg-ISO8859-14-100dpi\nfonts-xorg-ISO8859-14-75dpi\nfonts-xorg-ISO8859-15-100dpi\nfonts-xorg-ISO8859-15-75dpi\nfonts-xorg-ISO8859-2-100dpi\nfonts-xorg-ISO8859-2-75dpi\nfonts-xorg-ISO8859-9-100dpi\nfonts-xorg-ISO8859-9-75dpi\nfonts-xorg-base\nfonts-xorg-cyrillic\nfonts-xorg-syriac\nfonts-xorg-truetype\nxorg-x11\nxorg-x11-Mesa-libGL\nxorg-x11-Mesa-libGLU\nxorg-x11-Xdmx\nxorg-x11-Xnest\nxorg-x11-Xvfb\nxorg-x11-deprecated-libs\nxorg-x11-deprecated-libs-devel\nxorg-x11-devel\nxorg-x11-doc\nxorg-x11-font-utils\nxorg-x11-libs\nxorg-x11-sdk\nxorg-x11-tools\nxorg-x11-twm\nxorg-x11-xauth\nxorg-x11-xdm\nxorg-x11-xfs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-198.html", "edition": 4, "modified": "2005-06-08T23:47:47", "published": "2005-06-08T17:50:00", "href": "http://lists.centos.org/pipermail/centos-announce/2005-June/023835.html", "id": "CESA-2005:198", "title": "fonts, xorg security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:26:21", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "**CentOS Errata and Security Advisory** CESA-2005:412\n\n\nOpenMotif provides libraries which implement the Motif industry standard\ngraphical user interface. \n\nAn integer overflow flaw was found in libXpm, which is used to decode XPM\n(X PixMap) images. A vulnerable version of this library was\nfound within OpenMotif. An attacker could create a carefully crafted XPM\nfile which would cause an application to crash or potentially execute\narbitrary code if opened by a victim. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to\nthis issue.\n\nUsers of OpenMotif are advised to upgrade to these erratum packages, which\ncontains a backported security patch to the embedded libXpm library.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023687.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023693.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023694.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023697.html\n\n**Affected packages:**\nopenmotif\nopenmotif-devel\nopenmotif21\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-412.html", "edition": 4, "modified": "2005-05-12T03:20:38", "published": "2005-05-11T16:44:52", "href": "http://lists.centos.org/pipermail/centos-announce/2005-May/023687.html", "id": "CESA-2005:412", "title": "openmotif, openmotif21 security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:26:34", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "**CentOS Errata and Security Advisory** CESA-2005:044-01\n\n\nXFree86 is an open source implementation of the X Window System. It\nprovides the basic low level functionality which full-fledged graphical\nuser interfaces (GUIs) such as GNOME and KDE are designed upon.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a victim\nusing an application linked to the vulnerable library. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-0605 to this issue.\n\nXFree86 4.1.0 was not functional on systems that did not have a legacy\nkeyboard controller (8042). During startup, the X server would attempt to\nupdate registers on the 8042 controller, but if that chip was not present,\nthe X server would hang during startup. This new release has a workaround\nso that the access to those registers time out if they are not present.\n\nA bug in libXaw could cause applications to segfault on 64-bit systems\nunder certain circumstances. This has been fixed with a patch backported\nfrom XFree86 4.3.0.\n\nXlib contained a memory leak caused by double allocation, which has been\nfixed in XFree86 4.3.0 using backported patch.\n\nAll users of XFree86 should upgrade to these updated packages, which\nresolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023590.html\n\n**Affected packages:**\nXFree86\nXFree86-100dpi-fonts\nXFree86-75dpi-fonts\nXFree86-ISO8859-15-100dpi-fonts\nXFree86-ISO8859-15-75dpi-fonts\nXFree86-ISO8859-2-100dpi-fonts\nXFree86-ISO8859-2-75dpi-fonts\nXFree86-ISO8859-9-100dpi-fonts\nXFree86-ISO8859-9-75dpi-fonts\nXFree86-Xnest\nXFree86-Xvfb\nXFree86-cyrillic-fonts\nXFree86-devel\nXFree86-doc\nXFree86-libs\nXFree86-tools\nXFree86-twm\nXFree86-xdm\nXFree86-xf86cfg\nXFree86-xfs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2005-04-07T00:41:23", "published": "2005-04-07T00:41:23", "href": "http://lists.centos.org/pipermail/centos-announce/2005-April/023590.html", "id": "CESA-2005:044-01", "title": "XFree86 security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:27:45", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "**CentOS Errata and Security Advisory** CESA-2005:412-01\n\n\nOpenMotif provides libraries which implement the Motif industry standard\ngraphical user interface. \n\nAn integer overflow flaw was found in libXpm, which is used to decode XPM\n(X PixMap) images. A vulnerable version of this library was\nfound within OpenMotif. An attacker could create a carefully crafted XPM\nfile which would cause an application to crash or potentially execute\narbitrary code if opened by a victim. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to\nthis issue.\n\nUsers of OpenMotif are advised to upgrade to these erratum packages, which\ncontains a backported security patch to the embedded libXpm library.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023698.html\n\n**Affected packages:**\nopenmotif\nopenmotif-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2005-05-12T23:58:58", "published": "2005-05-12T23:58:58", "href": "http://lists.centos.org/pipermail/centos-announce/2005-May/023698.html", "id": "CESA-2005:412-01", "title": "openmotif security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:26:05", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "**CentOS Errata and Security Advisory** CESA-2005:473-01\n\n\nLessTif provides libraries which implement the Motif industry standard\r\ngraphical user interface.\r\n\r\nAn integer overflow flaw was found in libXpm; a vulnerable version of this\r\nlibrary is found within LessTif. An attacker could create a malicious XPM\r\nfile that would execute arbitrary code if opened by a victim using an\r\napplication linked to LessTif. The Common Vulnerabilities and Exposures\r\nproject (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue.\r\n\r\nUsers of LessTif should upgrade to these updated packages, which contain a\r\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023794.html\n\n**Affected packages:**\nlesstif\nlesstif-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2005-05-24T23:32:07", "published": "2005-05-24T23:32:07", "href": "http://lists.centos.org/pipermail/centos-announce/2005-May/023794.html", "id": "CESA-2005:473-01", "title": "lesstif security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:10", "bulletinFamily": "software", "cvelist": ["CVE-2005-0605"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.x.org/\nVendor Specific News/Changelog Entry: https://bugs.freedesktop.org/attachment.cgi?id=1909\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt)\n[Vendor Specific Advisory URL](http://rhn.redhat.com/errata/RHSA-2005-473.html)\n[Vendor Specific Advisory URL](http://www.ubuntulinux.org/support/documentation/usn/usn-92-1)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U.asc)\n[Vendor Specific Advisory URL](http://docs.info.apple.com/article.html?artnum=302163)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt)\nSecurity Tracker: 1013339\n[Secunia Advisory ID:14473](https://secuniaresearch.flexerasoftware.com/advisories/14473/)\n[Secunia Advisory ID:14460](https://secuniaresearch.flexerasoftware.com/advisories/14460/)\n[Secunia Advisory ID:14572](https://secuniaresearch.flexerasoftware.com/advisories/14572/)\n[Secunia Advisory ID:15264](https://secuniaresearch.flexerasoftware.com/advisories/15264/)\n[Secunia Advisory ID:15316](https://secuniaresearch.flexerasoftware.com/advisories/15316/)\n[Secunia Advisory ID:16449](https://secuniaresearch.flexerasoftware.com/advisories/16449/)\n[Secunia Advisory ID:16592](https://secuniaresearch.flexerasoftware.com/advisories/16592/)\n[Secunia Advisory ID:14481](https://secuniaresearch.flexerasoftware.com/advisories/14481/)\n[Secunia Advisory ID:14724](https://secuniaresearch.flexerasoftware.com/advisories/14724/)\n[Secunia Advisory ID:14900](https://secuniaresearch.flexerasoftware.com/advisories/14900/)\n[Secunia Advisory ID:15189](https://secuniaresearch.flexerasoftware.com/advisories/15189/)\n[Secunia Advisory ID:18316](https://secuniaresearch.flexerasoftware.com/advisories/18316/)\n[Secunia Advisory ID:19624](https://secuniaresearch.flexerasoftware.com/advisories/19624/)\n[Secunia Advisory ID:14621](https://secuniaresearch.flexerasoftware.com/advisories/14621/)\n[Secunia Advisory ID:14788](https://secuniaresearch.flexerasoftware.com/advisories/14788/)\n[Secunia Advisory ID:15350](https://secuniaresearch.flexerasoftware.com/advisories/15350/)\n[Secunia Advisory ID:15637](https://secuniaresearch.flexerasoftware.com/advisories/15637/)\n[Secunia Advisory ID:18049](https://secuniaresearch.flexerasoftware.com/advisories/18049/)\nRedHat RHSA: RHSA-2005:198\nRedHat RHSA: RHSA-2005:412\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-331.html\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:081\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200503-15.xml\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200503-08.xml\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_10_sr.html\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:080\nOther Advisory URL: http://www.debian.org/security/2005/dsa-723\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-97-1\nGeneric Informational URL: http://news.com.com/Apple+unloads+dozens+of+fixes+for+OS+X/2100-1002_3-5834873.html\n[CVE-2005-0605](https://vulners.com/cve/CVE-2005-0605)\n", "modified": "2005-03-01T17:42:31", "published": "2005-03-01T17:42:31", "href": "https://vulners.com/osvdb/OSVDB:14373", "id": "OSVDB:14373", "type": "osvdb", "title": "libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:30:52", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0605"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 723-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMay 9th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xfree86\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-0605\nDebian Bug : 298939\n\nA buffer overflow has been discovered in the Xpm library which is used\nin XFree86. A remote attacker could provide a specially crafted XPM\nimage that could lead to the execution or arbitrary code.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 4.1.0-16woody6\n\nFor the unstable distribution (sid) this problem will be fixed in\nversion 4.3.0.dfsg.1-13, which is currently in preparation.\n\nWe recommend that you upgrade your xfree86 and associated packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody6.dsc\n Size/MD5 checksum: 1512 008341b53216f4243930c7ab9eefee78\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody6.diff.gz\n Size/MD5 checksum: 1620968 30487abd663a975a939c91657964104d\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0.orig.tar.gz\n Size/MD5 checksum: 54433247 ea7a32e6a81a850e9f19428f3104c300\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 60812 08a53813d34d9a2e5e74454c5f7e7c53\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 8334022 a69ba7cf04cd93648c57e92fe5d67fa1\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 4442704 ba27930aebe12207c6cc44ef44a87cdd\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 7226068 0f0faa942f6df46ff5a38908f21db063\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 3931950 25cd64b4d052a7d1385be6ee9b372c01\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 1105448 fdcef7a8e491ed8123de040769a8e6d3\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 5029172 365fb081b267cd113804dc5084f37fdf\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 438980 fd9d3acaf63fa2a3b2f690a48a8a4a2b\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-pex_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 69324 30b4a4293af19e2686f66469514cd739\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 796742 5018c7dd32cc4f45d03e3129c43706d1\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 546908 12473d63f53c71aae0f13b63cbc161c2\n http://security.debian.org/pool/updates/main/x/xfree86/xlib6g-dev_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 60770 7a75e5d70dc15331d3d14727eb61c05b\n http://security.debian.org/pool/updates/main/x/xfree86/xlib6g_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 60970 84a188aabd59f70cae09e66601212fbe\n http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.1.0-16woody6_all.deb\n Size/MD5 checksum: 4165046 adfd6a36e51dbddd5bc5890027bab8f4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 166036 f2a13fa5f2c731d4945a16be356c60f6\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 307248 3a436cac71a5ae0bf9f70dc3311a837f\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 199006 28bb863dba8b7aad36756a1a213b278a\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 779394 16c791c3500ad0e8477f6407febd1314\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 204320 64c78f7cb906b0ff2aff29d59d68009a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 650134 fa1fe7f88f11d99e8b0501d6c7290e16\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 391092 0e3088a289ce9594490026d6a13fd59e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 264700 0d23de5a4f943859c57da9d631f6d2d7\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 821246 9e86869cf9dd863514c2c616daad205f\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 390974 8c7b0cca650ecee95d1e6e5c30924b60\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 79616 46d94787afc2ea7bde23e94a3a2eb17c\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 178460 9ee76870b91b1790530f3559a1c17c1d\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 60980 78decb3305363a097981b0e04c313db0\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 1991832 78e508de35dc3904bba6a5ff337033a9\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 190694 5978b8e9d93d8dacc8ccf9aabb7dca30\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 375974 ae9dcbf4bd180b17363a9a8177652b18\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 85588 e47cd4244723a2e78bc17e30f95a1803\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 694974 54c446f330386c0554bf7dfb6c275acc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 4135066 13d21c2c330eb9e6930908cec6011ad3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 1490886 5fb2622a6e6dbdf57a7348f3d078d2ab\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 712802 d11af831bd275f6599b13f4f666342b6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 612148 d26404d3496bbeb93207a3ea4fbc90a8\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 1604216 ed50210f2238437046e2744f23a3b911\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 1376452 3c202d14495f03afcee64dd79ae4563d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 4401670 874b98071d872095369220b7241a7dba\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 3230264 7916f6fe298923fbf8070f85f9ca76a1\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 85150 47df4d1f02075578730ee3e413207dd5\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 151496 3c017c328cbd086ee1075cd9c0f63508\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 1889850 0ba6d0aa557720c753a2b26c664fb25a\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 1476608 9b1fcbcf3f3e719f20b29c0aad0d2b75\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 220914 3cead0f807ead287e47ead5c52806aa4\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 5721156 283b2944fedf31177bef765db7581c39\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 526230 7dfcca0f291d3210dd7e148363ddab9d\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 713716 d8af9409f7b5b4cd9a94dfc774fdea2c\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_alpha.deb\n Size/MD5 checksum: 2048498 d40adf712b6adb1340744038a25c4787\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 145826 17c7a992796711d9f675e8c971b18a83\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 253722 29ccb6e048c24c34acc35934a3448d34\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 179680 916dc6b1131b5d5af4215b97ba1a5269\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 445090 cd9aa832021e67561e298793e015a851\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 189516 7d968495158e4f5a6a42aa4be674d4f2\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 378632 b6b53f4f07340f0d536e0a04c2494f58\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 349150 62cd7dc3f369c8e058c5f3594bf9b37e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 241450 005eca185c31d6eb82bccaaedd944000\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 491852 d096ee076cdc0c83660ea7fc14d959b8\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 349048 ad8994a5b186a1f32601fe252c53ffbb\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 77156 8cc6f18e1984c920cb1acf4342203e07\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 169790 e8ff405b45f836e869e21f16ca1bb9fa\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 60982 5365922294d642b249655b8770ee8617\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 1625506 402ed8168964914e5bb23d67b99a54b7\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 176294 fbaa1caf109cf9607558d24d68538061\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 325760 662d18158e57068a07b5665009dbd016\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 82722 75220213c0bb69a2546670d9990530d7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 607548 119dd1351c6b3e5eb7d207d8c864d4ab\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 352734 36de77038d6e43d7424718cf9cf5cc0f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 932988 b27830cf9b1ecd4e6b4b2143460d859f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 1317900 0242043c42f7fbcf420851374a60801d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 2763960 e41327ea89e598b0379bf1646a2de81b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 3096018 c831174b3d6d019f3af1ee704cc4e808\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 85212 5cd8cc5cd044f07dc449786be166952e\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 134092 498b93e2f514c1ca7de9f5c25791ea5f\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 1656690 abb6e35ab85893043212910e7d85b142\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 1340806 59a68b1bb785424c499dcbe6ff3f07c8\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 220142 f57ea6b37985ca5da18d24c1e2f1a42c\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 4833814 913019d1ae05b16983ee11fc7df49829\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 495270 535fe2999315ae2e9cd8abc37b468778\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 621936 bfd364463c18267c36309cc296b64df2\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_arm.deb\n Size/MD5 checksum: 1787926 0b539dbaf5ce51e5deb91ac6f6dfe21b\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 133000 b1ba67a9a10908935e8961b766e85530\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 230214 8412f3746460070a7d66408ef016880c\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 169012 1be447f435dec9eec3aa8fdd53b43d1a\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 409984 71649732d82736d8c3f0d21a7eda1fa1\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 166946 88c283658ea3e0814505a5422222e49a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 334774 e6331e8cf32ee6ce1c5a84b1f1d6f1ee\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 293140 1d4dff32b2890d37b899c483a452679f\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 213832 bf853c81cda1142dd088ec4af3f55e77\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 434412 e22f0d638c3b7a67e4e238fdc2bf8ee0\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 293030 71a6b5367ce70883eb796d71e6d7057a\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 76940 8c1ffeb1a17b8084a1a580761840d7da\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 152192 41c5bea9ad9b40af7f8ba1f02885c22a\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 60978 ada17159f82a098e5f5dff77489d2b07\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 1456922 1a3caa4b53f948de0f91c00db0320cb6\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 171606 641dafe2cfa306344ee0eb0233702080\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 276226 b37f933ac306a1fce88d70f1f3e45977\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 81512 7956612f3e997caffe37364b76dee9dc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 553114 da96390ac1fa9499cc4ddb193acfae43\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 3423086 52c6b317054313a7225a6f67eadbaa41\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 866372 fdc5eb7695c93f8656465dec863692f3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 523090 dd66ba4bc25c55d6b6bd1e0e342e0d21\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 463186 e513ed89bdf452eca0336b96e4f87bda\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 964714 a76d6f5a0e26a7aa8f5eebc071d8cd4e\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 1226540 71e4b6c7f917f0ab1a15072e93138c07\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 2543984 f39a8cb0304e5c272fc1e6d7233c1087\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 2726114 0a5362cdbe7096074df8b410133a4df5\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 73936 d8ad5a47d9033d6976097e933fe037ac\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 125070 d632d1750cc064ffdd176bc3cfd8660c\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 1394356 fc75f13fb108164fef92f054628f8f1d\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 1123886 d982d56488770373eb642e87ffe8970e\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 220206 4c500b4b057eacedf83330b2374d4c45\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 4335956 5d59b6c0d544a97fc71afe7f4738f3fb\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 484512 5685f55593bedcef2bd3f9e8c9594ae0\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 602870 012911b7c1b12b2ae605c9820488c609\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_i386.deb\n Size/MD5 checksum: 1497326 8120f4572adea0a66e335b055ca3ac82\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 192174 944431590353c8542852cc0757b2d191\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 322636 a4fc7b6634e982be08f6686c4a20152f\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 241980 8e1cb66190a3b3e7915e17d8ea7c8601\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 825596 8b71566eb6d9053a15f95e4ca37246e3\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 258642 e354d5546f1631c30a31d2d20e32803f\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 1167968 ad7b59edee67634e5c6e7ebe2fef4f4c\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 444758 b539806b1600b5fc721c6590fe227d6a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 340846 38fa4baf83cc02f097ec48bf043c8baf\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 1334434 c11dec7c9a72134f2e790e447c103714\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 444636 c6e287ed161a5af7265cc2f12d3c8001\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 84432 77ac93557cc9acf5a285b029cb9eb75c\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 208254 0eb0340257b908ac86b009cb5aefc2fc\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 60980 6b64ea8295d1e9adb92c715d47ca4f87\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 2410840 9e2af3263e6889f2dab7bdf6089f85e3\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 211490 d63c6c27d3e12f9f0448b1b433db20b9\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 474492 36149d2491a72e5310e2b2ed599db5a2\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 91688 fb43d353dd6a6dfe472bdfa6440cbab2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 744088 f6c09072499f8dec8476ac975b2ee56e\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 5186106 b11ae2429e9525ff3f9d60ca67f1c99a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 2395250 77302c481fd71a0bf7b4e8407ee4a5ad\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 832354 456cb9f28d9498838ffdcd571a333be1\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 756470 b9be4d34100b64f3c4e5b555622983d7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 3199942 8547ae2a4b120bddaa4659fd3837c343\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 1655842 a7c01b8ef527d647c31f7dc82e6b33da\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 18068592 93b9734010e46c57ae707200c0ce712b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 3516854 cac98fd3ef496d179250ccb7b38c46a6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 89816 92f4a6b203adeb549e2f3904e2d27bef\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 170860 5e556484c645ba09cd8e14a070936ef8\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 2371262 61772b1be828a5b63d200263bb8b7b82\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 1895934 baa7ec5bf0880d920658a4718d13b340\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 222062 eb7ffd3452fa15152afb1dd96d507bcd\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 6901972 084d9b98ec762ff629edc18858808df6\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 567336 360eb56053bfd4fbbd02bb27a7443607\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 816426 1eb5acec0133c5710846efe3e52dce58\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_ia64.deb\n Size/MD5 checksum: 2572438 f5c4d35495713a3901b00289b92d8c4f\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 155100 06ddfd739aa935b279cb25ff6431054d\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 279006 1443e2a7a25a378aabb1d5667e31541e\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 203018 6428eca5c6385e9bc38dff3ecee803c4\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 489380 a1a8c2cc41aac1a372b2bf206947852b\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 204516 e804fe3469603b4d6a7428b21a1e5d1e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 398382 0707a40e8b7a6cb0d078cfbc555bc33e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 359040 cf0596af3cb91ef6dc94fbd8c41cb102\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 264930 274bbfe024751adc8cd25a2e7d38cc05\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 518024 c41889f466ec1cd4c0a1508c0b5db868\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 358940 b50ffebeeec892a8f4fa727e10f51a20\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 79056 674554fb2f4bcd62ae99109744f1ae20\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 172986 7ea2cb5548a859c7abaa4084d2100845\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 60984 7aecda74d29f9ff04d2a975da02f1300\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 1700734 d77ef0938d400d26fb1d0601bc116642\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 181628 00ebe0534c4e76a5f5e17c535312d82b\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 339104 cfcf3b12084af78b985128593bcc1c1d\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 84126 ec357988b40c2f806af79595a4460674\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 682110 655313aed153e9a99763920513844510\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 435250 e2206e0df136d8939bbdcc0b404f9c15\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 996176 d8e3c10a144e7e59af1668560de12ba1\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 1459342 ad9eb2e3787ffac0f4e8c6a636ac4c0b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 2986256 91aa9fc8ad52f512bc823b1746d54235\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 3195162 cb10bcff5042dd5cf1695f069c61bebc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 81654 a69843b290a69334130447185629fb23\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 138384 e3e166b3b0062a24212bc4d72c3ad437\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 1924406 eabbe7d82ba2275d9d81646ea0c0cbad\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 1499964 82c17e11f1f3b23c6b61414b853002cd\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 220644 632e7a6b4e08b9b74df6393dee1889b8\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 3593108 fac7ecf1dc0947bb64ef84873bfd3a54\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 510708 cf2eedc0db2bbe51651ecf1a66679c0a\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 665888 3d6aefc231bd7bbad6e063d81fd91dc2\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_hppa.deb\n Size/MD5 checksum: 2070928 77bf4103df59fbafe8c9c5eba3f7977e\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 128138 8b2bed7d9973d06d62931ffb2f927af1\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 232954 bb7ecd37d662f2369ad67ecd9cdb84c5\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 177278 732b2cd70366a6cf1f22c478a6a63444\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 433720 92bce08a539ddbfdb3f20544de0c8cc4\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 164120 b7809ca45f9d2f4e481f0ac746dcf22d\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 341446 c0025a44c6da20702249c9b4c45b874e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 283842 3f70b333b2487147bd62dbe2243fb675\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 208606 ff3d84f775cbb5fdcae1005447740d24\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 443958 0d94488895ddd9f541845f101d9605fb\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 283738 9ccdfbb4555d11aa22e9d23a36b6c110\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 75998 b81bbbc21ef448dcaa800683eb7cf44b\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 148372 b1602b5dcb6c4d05c82867a0ccd8b9af\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 60988 7a84c4f45b92fe5534cf591187d5fc7d\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 1376324 ad1747b6eb6583adf5f9acad093e1f3d\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 168902 9ec0e1af9084098951b27754bfa75913\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 257156 a2fdccd9354bf5b2f117aeae32857e32\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 80404 aaf63891346e32fdd1fb6eb0afa27fac\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 520106 13e47a6b65cee1ede8da39c136ac6fbe\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 336196 769b0b81bbb29e3992b7512fa353c5d5\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 865068 577fa0239fe0eda22503dd3d5b72ab43\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 1184170 d0613335220a552118753f722c5fbeb3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 2581420 349cf5b95cffd22b7c96072b06dc6e6b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 2649506 bf37ff7e20bfcf5835733a23c5b3ac86\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 73258 2aab090b07d0f6bbb07a3ba989660ef2\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 123126 5c5c0e40231a6fbebc42f99050138e79\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 1235376 3dcc1ff9ea63531ce18fee3e7bfb3d92\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 1006818 1983f5822cbfd087069a78f0f6302452\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 220118 c9665db847bfb2ed533338328781df20\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 3537870 263bab9a0155cac09bf796a323c5cbe5\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 479152 5841298dcec6a88776cf603b9775a672\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 551880 a4d9d5069b0408acb1fddeff6df9cea4\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_m68k.deb\n Size/MD5 checksum: 1326010 25ec0b9770c473885d70443ed40327c9\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 153862 d1a98d6b211292e07378e61e85224c78\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 277900 9b744d345e002f1a7ff9173e4af7158a\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 174588 ab7e17f4d18a666ad1a435e947d10e75\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 576834 bcef6cf1999ff566a22762d30a26a94f\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 183280 ad06dd63e2ee2f4da226d0d129ec223d\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 551694 8d877cbee2bb17759810501f75188f82\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 350840 85d6e23ca54d0f3bda4c7e38c6a1d305\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 233862 81369ec996b3ac12d90ee163abaa81d2\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 691774 e77d95e7c2bac9a802b200960815a149\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 350728 b4baa4732e83cd7a9b2d4977360e3130\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 78304 ab41ab501b82843a62d7710186a0a8ca\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 168716 746abf13635e9d1e9f468445b351fbad\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 60980 d2a06fb58df9d631d13d0aa4e5e742e8\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 1654190 6bfb746779697807f3a28f65d6b6401c\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 177768 45f79a8aa6c4e4cc31a091164971d5d8\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 338774 cd4aae8795edc6ab68ba6a35324bcecc\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 83854 33fcdb7a85b36c99f0889b40d8559490\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 634280 4f18c2e3f04bbf4a595f31d584f4ca67\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 358496 edc71400adfbdcfe78fb42630d4a846e\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 1078292 c670cf8841dd6ade04794d5f6ae985aa\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 1311808 73699e226be6928f5cf30b5fadde676e\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 3740790 e325a501e0491741baac25668ed3e0c3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 3127432 cb0517ea58e7dc49b7ae661fb0921728\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 79172 56428f469f07b81ad9b09ea653e3ccbe\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 141490 4dc0038b8dc00c3897783b5f5947db34\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 1776008 52d1e19e90f3fc5d07b3baecefd6b7be\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 1441296 52c7a013a7dacd5df71246c1dca3ef44\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 220024 95800c3e51814a22b2bd2803f258e2ed\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 3386744 3ab6f59445161b913fb295e9ea7e03b3\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 506934 820e463cbe885fba0a17cda7fd454be5\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 663012 d20e879cc34e70928d48a882b369dfe4\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_mips.deb\n Size/MD5 checksum: 1911366 858bbc95b63d0351bd820e1cabd762fb\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 153438 9a3bb6ce0fc08fe15bc2a9b66aa1bc4f\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 277264 dc1eab3c83bb064aded46ed6abd319a5\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 173104 cedfe0c9db3ea8091d2400f69b07ec30\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 559972 8e9ca625d0db288a4a1c4ede725efedd\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 181624 b01a114c306bd64c0af6c5bb8a8057f1\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 536580 556ccefeb6e45e62d3ca4f3eab9b2976\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 349960 b1b0feec0a637bec89484f33daa3c298\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 231620 4de3f80191b624901e9dc978b85e2b5e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 669800 282f278577734fac95069053309c7ccd\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 349830 bcfe55ddb85e05c5931442fef63dc0bf\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 78270 2a760d959a759e253c7c233509a2908e\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 168196 da4c3290d4e082ee9b4470a5e4a5817d\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 60984 274bef477623924d1563b96669d10670\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 1650658 622732b1b604ff6266229c2250771334\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 177608 6357d5562ef1cf59d6a734d1672e2781\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 338192 11c2f910bf94908ff5b25e13470793a8\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 83902 b6d2ee15e7b662807efee38b251e23a4\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 625042 f9f4f2108e75517a6e34036b9ca9ba70\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 354794 840edfb99d73e00798e896339dc6a011\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 1045096 2270c9304d945f6e3a08b2c11dccd561\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 1307002 9888a2efab2caef5680927dff519e0c2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 3616520 45b12f16a557639cbb7bf54ba5e153d2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 3116406 5b6f69e2a359d6874e9c46b0a10e23a6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 79100 1ea31f2ab3d86966d8268834ef88ce3c\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 141370 cd44337799d84a47788b82e8d3a459bb\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 1774224 d8d53417495d5851fe72a810e4848f71\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 1440224 90584ad2d4f0f7d6cac5b87c3d059d0b\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 220020 fc9e306df97368e47c8077ab1518b515\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 3384708 ff6ba99ef2daf9a1a2238974fccb6d78\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 506528 e7ec1975f40def0004a11fdcc060110e\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 662904 290c4922576431c4930369206b46e1c2\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_mipsel.deb\n Size/MD5 checksum: 1907484 ad2d4ad466b717cdcd56c4d450fdaf13\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 141976 7eaf6c70e8487b40326858efe9a6cede\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 260638 d027aec099ddc53fa7ca9e343c68163e\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 188518 2c4328c9b53c408534f5b7e664f34de7\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 446608 7426a90be3e1ab4521a0936c3fd97a9c\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 179438 e71a3371682dc101956a645115629c83\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 356790 57afc54ca1cb13c8bf2dae55bb6a31ee\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 331614 d212615fe6cef3bdf1f6a1dbd43a7c99\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 233048 a4ca4226ecaf53de53ffda14610951e5\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 469980 ae63ca1629e7fbd108e2ecf164e03834\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 331488 e4e0b7bdb0455877fe387ff8280cc90a\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 77486 e6aa9713af00c7c807d54e6407e98b5a\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 160996 a9f8e7cdb313665cef17e218f03652c3\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 60984 a099b36fdbf372132e8b07b39a6c75d1\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 1610486 5be95fe04d680aa1f4717d0227a34f6c\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 173028 fb26770ba4499739381d20bddd666f62\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 305306 2d031eb29080b082ce1eef1ecd5b76d4\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 82946 f77f6400d4bd0d192e5ae2c1d12e180d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 606854 d8e0aadb5730ec7d21c81d06c56b78e3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 2449520 83f7194c6dab6d3b877120ed97113f8c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 924390 600c6ac00706439591e8459c65628b5c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 623948 6e7183c6bce4dee1f4c5e42b89576b9b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 530996 e607f4c0028644aca93f431944ad772a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 1088058 e01430792026abc45d5db5f02de79f09\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 1302626 2fa3b758a4d1250f9c709caba2139eaf\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 2708050 2b94a31e879892260d6acd0d0148cd77\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 2987626 809d19f5c70c265ff4416091f53e0733\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 77190 df6bdf9bd2172fdd47b7207130bb9d91\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 133036 6491f358a6a6b5ae76dfd5bf0c90bbbd\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 1580696 af34c702efaa36f5539f7bd1fd367819\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 1275460 581ddd926fa9aa1bf532947e0cd2a099\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 220136 e21b47ed2cdc09a6c6fbb58bc91ba58a\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 4618654 7c876bccbdbc7930687bbe3085b0d6fd\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 493768 c327deb7b54d19021164e4c2d9eeea2a\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 604882 15634dc9627f24087eb9c6f8aa12f12d\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_powerpc.deb\n Size/MD5 checksum: 1709100 55eb652663a69e11c5b6fb21d4e66ad6\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 140328 b0a869601127c8001c9925f85a26167c\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 235606 bff59817715e63bf3b358e46bba0fc53\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 177282 e839780fa450b4730db47f376d4380ac\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 448084 da8ce440d332bd3e5bc2ddbaaa7f6711\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 184422 59c147deb6a4bfe9955c9456a6942f4f\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 369194 f023909f9f3a42a025d6e871b90464fa\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 309270 ee39656bd9439c7d74b89c83073e0791\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 235586 f1e69ce0453ad90fb7693a9e04c644f0\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 481230 77723a8c10a30f988356691953812d9b\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 309130 f0f08dbc3fe6edc7ccedd59702f672a8\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 77656 16f3ca7138f04b1a902479e45aa7c9f7\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 164470 c103b1531cfa344cab406f67657d06b2\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 60972 4d87623a63a88a4ceeff29aefd5f8d0d\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 1256152 799df54e84a05db5fb611e4b3ffc6319\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 175316 4a43f409347b77996adeedb829786723\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 293384 3fe56191b7918f0b289d4f911f517755\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 83134 09c37f6fd9d957dabbd2bacce8cecdda\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 551444 71df8d84858183ddc94625c67d44e830\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 361416 81f17c5bcbfdb427e44b4b9d1ea94f01\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 912932 8272d28230e3e524859c56792fba4468\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 1199014 f30c583bff35fba6aae18f48b17ac1ab\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 2492936 b55844b2b9139645fd1ccb869c50ad61\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 2625424 600527374e21fcda43baa2a2283bf916\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 75986 c2e184900ea53361d289abb85c5604af\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 129020 65abdc157634acc4260a7f54872226b4\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 1181160 ba102e7513291f45ac0564b6b61e125d\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 872066 9203f743c071734a52dccfab8612ceeb\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 220612 4db6e7319fa97e291a1261f260a39f9a\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 493270 b95d6da47ac9106ea36461ae4eef184f\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 581016 3103ac52022c02f144cc9bee974be006\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_s390.deb\n Size/MD5 checksum: 1293546 25864d64c5e92eb72f6d1bc7361542a2\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 140576 3006f7b923f951b5a8aa82cb7b6840dc\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 247788 171bc43c72db42e38b2167f1b3da415c\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 183426 ba431ba27c36862fe1e9b80c390c9902\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 445130 a95d0c2003880196ef0334ca94af4150\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 172892 cc965e0936ad4d41168a633f8fb1df89\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 348252 b65b03414eba1e7ac2d05fc52a7c6b5c\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 309446 3041fa9e7d5f61b4625d83def74ed7d7\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 222174 f357841b91705389703a337911d6a37a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 454548 e61202eccdbf045b96ca1c44758c01f6\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 309336 8dd5c98cbf614eac9bbd1e392b90b476\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 79490 171f2d413b823ce6451e5cc898d4db05\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 163788 8bbc03498710744e3584d02a9c29e298\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 60982 6dcfdd6c3b3b91cfd318a307a526fd1d\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 1711414 7fb6ee93ff21884a7cc367355337408b\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 174176 703e471d756676717edf0dcc1962c847\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 303012 54958f32a81f25d8a9033a4d3c8868a7\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 84680 4f8334e33fc21686a81d9fc8d9c8379a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 587224 de41e2cb3a5f55d18dc25fe9c1646c4d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 886446 9d2c0f0be775260130ca2bb4cfa766fc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 908914 c4a21caacf43c8595d6c1288138f6033\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 613270 335ddd924a8b12899d9b56e329a5964f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 554050 578afd34a476f06ff12377a85b5e27c6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 1104528 0f1cf3ba3fca000adeba4e0696b0ea21\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 1265016 9d21d0af49480ab7f787540dbbec440d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 2654518 f9361be6701fbdbd152eed058856491a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 2868870 4e9b89dd3b823c654c81d24c0ecfe861\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 76170 544ccfb586c97029108456183aaf7c13\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 131138 312691f3b10e4ffeb0d11cdbe3719788\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 1537412 9a0e38d33037d069f592c79188293ab8\n http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 1203616 73694f0c2fdc3cf291a6dbfae463fbe1\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 223360 b03187b31969b8ac608280c850517ff5\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 4051042 96a97431ee7f3332c1f3035ef63b54f1\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 492162 8770c889d4a85c4db34ea97df550ce0e\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 645558 f4519d3bf9769f58b2ca5dd9782aaa39\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody6_sparc.deb\n Size/MD5 checksum: 1649942 acfb8e99747efa39000a319422b10382\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2005-05-09T00:00:00", "published": "2005-05-09T00:00:00", "id": "DEBIAN:DSA-723-1:C8A12", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00106.html", "title": "[SECURITY] [DSA 723-1] New XFree86 packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-17T14:00:36", "description": "SunOS 5.10_x86: libXpm patch.\nDate this patch was last updated by Sun : May/12/05", "edition": 21, "published": "2018-03-12T00:00:00", "title": "Solaris 10 (x86) : 119064-01", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2018-03-12T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:119064", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_119064-01.NASL", "href": "https://www.tenable.com/plugins/nessus/107807", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107807);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0605\");\n\n script_name(english:\"Solaris 10 (x86) : 119064-01\");\n script_summary(english:\"Check for patch 119064-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 119064-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: libXpm patch.\nDate this patch was last updated by Sun : May/12/05\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/119064-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 119064-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:119064\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"119064-01\", obsoleted_by:\"\", package:\"SUNWxwplt\", version:\"6.6.2.7400,REV=0.2004.12.15\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWxwplt\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:03:19", "description": "A buffer overflow has been discovered in the Xpm library which is used\nin XFree86. A remote attacker could provide a specially crafted XPM\nimage that could lead to the execution of arbitrary code.", "edition": 25, "published": "2005-05-11T00:00:00", "title": "Debian DSA-723-1 : xfree86 - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-05-11T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:xfree86"], "id": "DEBIAN_DSA-723.NASL", "href": "https://www.tenable.com/plugins/nessus/18227", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-723. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18227);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_bugtraq_id(12714);\n script_xref(name:\"DSA\", value:\"723\");\n\n script_name(english:\"Debian DSA-723-1 : xfree86 - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow has been discovered in the Xpm library which is used\nin XFree86. A remote attacker could provide a specially crafted XPM\nimage that could lead to the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298939\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-723\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xfree86 and associated packages.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 4.1.0-16woody6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfree86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/11\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"lbxproxy\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libdps-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libdps1\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libdps1-dbg\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxaw6\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxaw6-dbg\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxaw6-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxaw7\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxaw7-dbg\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxaw7-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"proxymngr\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"twm\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"x-window-system\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"x-window-system-core\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xbase-clients\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xdm\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-100dpi\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-100dpi-transcoded\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-75dpi\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-75dpi-transcoded\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-base\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-base-transcoded\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-cyrillic\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-pex\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfonts-scalable\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfree86-common\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfs\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xfwp\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlib6g\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlib6g-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibmesa-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibmesa3\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibmesa3-dbg\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibosmesa-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibosmesa3\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibosmesa3-dbg\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibs\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibs-dbg\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibs-dev\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xlibs-pic\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xmh\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xnest\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xprt\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xserver-common\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xserver-xfree86\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xspecs\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xterm\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xutils\", reference:\"4.1.0-16woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xvfb\", reference:\"4.1.0-16woody6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:55", "description": "The remote host is affected by the vulnerability described in GLSA-200503-15\n(X.org: libXpm vulnerability)\n\n Chris Gilbert has discovered potentially exploitable buffer overflow\n cases in libXpm that weren't fixed in previous libXpm versions.\n \nImpact :\n\n A carefully-crafted XPM file could crash X.org, potentially allowing\n the execution of arbitrary code with the privileges of the user running\n the application.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2005-03-14T00:00:00", "title": "GLSA-200503-15 : X.org: libXpm vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-03-14T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:xorg-x11"], "id": "GENTOO_GLSA-200503-15.NASL", "href": "https://www.tenable.com/plugins/nessus/17317", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200503-15.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17317);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"GLSA\", value:\"200503-15\");\n\n script_name(english:\"GLSA-200503-15 : X.org: libXpm vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200503-15\n(X.org: libXpm vulnerability)\n\n Chris Gilbert has discovered potentially exploitable buffer overflow\n cases in libXpm that weren't fixed in previous libXpm versions.\n \nImpact :\n\n A carefully-crafted XPM file could crash X.org, potentially allowing\n the execution of arbitrary code with the privileges of the user running\n the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freedesktop.org/show_bug.cgi?id=1920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200503-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All X.org users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose x11-base/xorg-x11\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"x11-base/xorg-x11\", unaffected:make_list(\"rge 6.8.0-r5\", \"ge 6.8.2-r1\"), vulnerable:make_list(\"lt 6.8.2-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"X.org\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:49", "description": "An integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a\nvictim using an application linked to the vulnerable library. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0605 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2005-05-19T00:00:00", "title": "Fedora Core 2 : xorg-x11-6.7.0-14 (2005-272)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-05-19T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:2", "p-cpe:/a:fedoraproject:fedora:xorg-x11-cyrillic-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-base-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-14-100dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-100dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Xnest", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-9-100dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-75dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-15-75dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Xvfb", "p-cpe:/a:fedoraproject:fedora:xorg-x11-doc", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-9-75dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-xfs", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGLU", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-14-75dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-twm", "p-cpe:/a:fedoraproject:fedora:xorg-x11", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-15-100dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-xauth", "p-cpe:/a:fedoraproject:fedora:xorg-x11-libs-data", "p-cpe:/a:fedoraproject:fedora:xorg-x11-tools", "p-cpe:/a:fedoraproject:fedora:xorg-x11-sdk", "p-cpe:/a:fedoraproject:fedora:xorg-x11-devel", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGL", "p-cpe:/a:fedoraproject:fedora:xorg-x11-libs", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-2-100dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-syriac-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-font-utils", "p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-2-75dpi-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-truetype-fonts", "p-cpe:/a:fedoraproject:fedora:xorg-x11-xdm"], "id": "FEDORA_2005-272.NASL", "href": "https://www.tenable.com/plugins/nessus/18328", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-272.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18328);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"FEDORA\", value:\"2005-272\");\n\n script_name(english:\"Fedora Core 2 : xorg-x11-6.7.0-14 (2005-272)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a\nvictim using an application linked to the vulnerable library. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0605 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-March/000816.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c8ed366\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-14-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-14-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-15-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-15-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-2-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-2-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-9-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-ISO8859-9-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGLU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Xnest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Xvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-base-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-cyrillic-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-font-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-libs-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-syriac-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-truetype-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-twm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-xauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-xdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-100dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-75dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-Mesa-libGL-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-Mesa-libGLU-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-Xnest-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-Xvfb-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-base-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-cyrillic-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-devel-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-doc-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-font-utils-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-libs-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-libs-data-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-sdk-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-syriac-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-tools-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-truetype-fonts-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-twm-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-xauth-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-xdm-6.7.0-14\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"xorg-x11-xfs-6.7.0-14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xorg-x11 / xorg-x11-100dpi-fonts / xorg-x11-75dpi-fonts / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:45:00", "description": "Several vulnerabilities have been found in the XPM image decoding\nfunctions of the LessTif library. If an attacker tricked a user into\nloading a malicious XPM image with an application that uses LessTif,\nhe could exploit this to execute arbitrary code in the context of the\nuser opening the image.\n\nUbuntu does not contain any server applications using LessTif, so\nthere is no possibility of privilege escalation.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2006-01-15T00:00:00", "title": "Ubuntu 4.10 : lesstif1-1 vulnerabilities (USN-92-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2006-01-15T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:lesstif-dev", "p-cpe:/a:canonical:ubuntu_linux:lesstif2", "p-cpe:/a:canonical:ubuntu_linux:lesstif1", "p-cpe:/a:canonical:ubuntu_linux:lesstif2-dev", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:lesstif-bin", "p-cpe:/a:canonical:ubuntu_linux:lesstif-doc"], "id": "UBUNTU_USN-92-1.NASL", "href": "https://www.tenable.com/plugins/nessus/20718", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-92-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20718);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"USN\", value:\"92-1\");\n\n script_name(english:\"Ubuntu 4.10 : lesstif1-1 vulnerabilities (USN-92-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in the XPM image decoding\nfunctions of the LessTif library. If an attacker tricked a user into\nloading a malicious XPM image with an application that uses LessTif,\nhe could exploit this to execute arbitrary code in the context of the\nuser opening the image.\n\nUbuntu does not contain any server applications using LessTif, so\nthere is no possibility of privilege escalation.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lesstif-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lesstif-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lesstif-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lesstif1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lesstif2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lesstif2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"lesstif-bin\", pkgver:\"0.93.94-4ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"lesstif-dev\", pkgver:\"0.93.94-4ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"lesstif-doc\", pkgver:\"0.93.94-4ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"lesstif1\", pkgver:\"0.93.94-4ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"lesstif2\", pkgver:\"0.93.94-4ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"lesstif2-dev\", pkgver:\"0.93.94-4ubuntu1.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lesstif-bin / lesstif-dev / lesstif-doc / lesstif1 / lesstif2 / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:26", "description": "The XPM library which is part of the XFree86/XOrg project is used by\nseveral GUI applications to process XPM image files.\n\nThe XPM library which is part of the XFree86/XOrg project is used by\nseveral GUI applications to process XPM image files.\n\nAn integer overflow flaw was found in libXPM, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code via a negative\nbitmap_unit value if opened by a victim using an application linked to\nthe vulnerable library.\n\nUpdated packages are patched to correct all these issues.", "edition": 24, "published": "2005-05-11T00:00:00", "title": "Mandrake Linux Security Advisory : XFree86 (MDKSA-2005:081)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-05-11T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libxorg-x11-static-devel", "p-cpe:/a:mandriva:linux:XFree86-server", "p-cpe:/a:mandriva:linux:libxfree86-static-devel", "p-cpe:/a:mandriva:linux:xorg-x11-75dpi-fonts", "p-cpe:/a:mandriva:linux:libxorg-x11-devel", "p-cpe:/a:mandriva:linux:xorg-x11-Xvfb", "p-cpe:/a:mandriva:linux:xorg-x11-glide-module", "p-cpe:/a:mandriva:linux:XFree86-xfs", "p-cpe:/a:mandriva:linux:lib64xorg-x11", "p-cpe:/a:mandriva:linux:XFree86-doc", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:lib64xfree86", "p-cpe:/a:mandriva:linux:xorg-x11-100dpi-fonts", "p-cpe:/a:mandriva:linux:xorg-x11-Xprt", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:xorg-x11-Xdmx", "p-cpe:/a:mandriva:linux:libxfree86", "p-cpe:/a:mandriva:linux:xorg-x11-server", "p-cpe:/a:mandriva:linux:xorg-x11-Xnest", "p-cpe:/a:mandriva:linux:XFree86-Xvfb", "p-cpe:/a:mandriva:linux:lib64xfree86-devel", "p-cpe:/a:mandriva:linux:X11R6-contrib", "p-cpe:/a:mandriva:linux:xorg-x11-xauth", "p-cpe:/a:mandriva:linux:XFree86-100dpi-fonts", "p-cpe:/a:mandriva:linux:libxorg-x11", "p-cpe:/a:mandriva:linux:xorg-x11-xfs", "p-cpe:/a:mandriva:linux:xorg-x11-doc", "p-cpe:/a:mandriva:linux:xorg-x11", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:XFree86-Xnest", "p-cpe:/a:mandriva:linux:lib64xfree86-static-devel", "p-cpe:/a:mandriva:linux:lib64xorg-x11-static-devel", "p-cpe:/a:mandriva:linux:XFree86-75dpi-fonts", "p-cpe:/a:mandriva:linux:XFree86-cyrillic-fonts", "p-cpe:/a:mandriva:linux:xorg-x11-cyrillic-fonts", "p-cpe:/a:mandriva:linux:XFree86-glide-module", "p-cpe:/a:mandriva:linux:XFree86", "p-cpe:/a:mandriva:linux:libxfree86-devel", "p-cpe:/a:mandriva:linux:lib64xorg-x11-devel"], "id": "MANDRAKE_MDKSA-2005-081.NASL", "href": "https://www.tenable.com/plugins/nessus/18235", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:081. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18235);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"MDKSA\", value:\"2005:081\");\n\n script_name(english:\"Mandrake Linux Security Advisory : XFree86 (MDKSA-2005:081)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The XPM library which is part of the XFree86/XOrg project is used by\nseveral GUI applications to process XPM image files.\n\nThe XPM library which is part of the XFree86/XOrg project is used by\nseveral GUI applications to process XPM image files.\n\nAn integer overflow flaw was found in libXPM, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code via a negative\nbitmap_unit value if opened by a victim using an application linked to\nthe vulnerable library.\n\nUpdated packages are patched to correct all these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:X11R6-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-Xnest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-Xvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-cyrillic-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-glide-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:XFree86-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xfree86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xfree86-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xfree86-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xorg-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xorg-x11-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxfree86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxfree86-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxfree86-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxorg-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxorg-x11-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-100dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-75dpi-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-Xdmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-Xnest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-Xprt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-Xvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-cyrillic-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-glide-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-xauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xorg-x11-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"X11R6-contrib-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-100dpi-fonts-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-75dpi-fonts-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-Xnest-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-Xvfb-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-cyrillic-fonts-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-doc-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"XFree86-glide-module-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-server-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"XFree86-xfs-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64xfree86-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64xfree86-devel-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64xfree86-static-devel-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libxfree86-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libxfree86-devel-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libxfree86-static-devel-4.3-32.4.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"X11R6-contrib-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64xorg-x11-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64xorg-x11-devel-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64xorg-x11-static-devel-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libxorg-x11-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libxorg-x11-devel-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libxorg-x11-static-devel-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-100dpi-fonts-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-75dpi-fonts-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-Xnest-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-Xvfb-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-cyrillic-fonts-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-doc-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"xorg-x11-glide-module-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-server-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"xorg-x11-xfs-6.7.0-4.3.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"X11R6-contrib-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64xorg-x11-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64xorg-x11-devel-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64xorg-x11-static-devel-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libxorg-x11-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libxorg-x11-devel-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libxorg-x11-static-devel-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-100dpi-fonts-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-75dpi-fonts-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-Xdmx-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-Xnest-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-Xprt-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-Xvfb-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-cyrillic-fonts-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-doc-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"xorg-x11-glide-module-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-server-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-xauth-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"xorg-x11-xfs-6.8.2-7.1.102mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:25", "description": "Updated xorg-x11 packages that fix a security issue as well as various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nX.Org X11 is the X Window System which provides the core functionality\nof the Linux GUI desktop.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\ncarefully crafted XPM file in such a way that it could cause an\napplication linked with libXpm to execute arbitrary code when the file\nwas opened by a victim. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-0605 to this\nissue.\n\nSince the initial release of Red Hat Enterprise Linux 4, a number of\nissues have been addressed in the X.Org X11 X Window System. This\nerratum also updates X11R6.8 to the latest stable point release\n(6.8.2), which includes various stability and reliability fixes\nincluding (but not limited to) the following :\n\n - The 'radeon' driver has been modified to disable\n 'RENDER' acceleration by default, due to a bug in the\n implementation which has not yet been isolated. This can\n be manually re-enabled by using the following option in\n the device section of the X server config file :\n\nOption 'RenderAccel'\n\n - The 'vmware' video driver is now available on 64-bit\n AMD64 and compatible systems.\n\n - The Intel 'i810' video driver is now available on 64-bit\n EM64T systems.\n\n - Stability fixes in the X Server's PCI handling layer for\n 64-bit systems, which resolve some issues reported by\n 'vesa' and 'nv' driver users.\n\n - Support for Hewlett Packard's Itanium ZX2 chipset.\n\n - Nvidia 'nv' video driver update provides support for\n some of the newer Nvidia chipsets, as well as many\n stability and reliability fixes.\n\n - Intel i810 video driver stability update, which fixes\n the widely reported i810/i815 screen refresh issues many\n have experienced.\n\n - Packaging fixes for multilib systems, which permit both\n 32-bit and 64-bit X11 development environments to be\n simultaneously installed without file conflicts.\n\nIn addition to the above highlights, the X.Org X11 6.8.2 release has a\nlarge number of additional stability fixes which resolve various other\nissues reported since the initial release of Red Hat Enterprise Linux\n4.\n\nAll users of X11 should upgrade to these updated packages, which\nresolve these issues.", "edition": 28, "published": "2005-06-10T00:00:00", "title": "RHEL 4 : xorg-x11 (RHSA-2005:198)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-06-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:xorg-x11-twm", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-15-100dpi", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-Mesa-libGLU", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-doc", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-100dpi", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-xauth", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-2-100dpi", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-cyrillic", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs-devel", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-xdm", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-15-75dpi", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-tools", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-9-100dpi", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-devel", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xnest", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-truetype", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-base", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-75dpi", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-sdk", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-libs", "p-cpe:/a:redhat:enterprise_linux:xorg-x11", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-2-75dpi", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-font-utils", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-xfs", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-Mesa-libGL", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-14-75dpi", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-syriac", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xdmx", "p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xvfb", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-9-75dpi", "p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-14-100dpi"], "id": "REDHAT-RHSA-2005-198.NASL", "href": "https://www.tenable.com/plugins/nessus/18443", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:198. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18443);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"RHSA\", value:\"2005:198\");\n\n script_name(english:\"RHEL 4 : xorg-x11 (RHSA-2005:198)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated xorg-x11 packages that fix a security issue as well as various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nX.Org X11 is the X Window System which provides the core functionality\nof the Linux GUI desktop.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\ncarefully crafted XPM file in such a way that it could cause an\napplication linked with libXpm to execute arbitrary code when the file\nwas opened by a victim. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-0605 to this\nissue.\n\nSince the initial release of Red Hat Enterprise Linux 4, a number of\nissues have been addressed in the X.Org X11 X Window System. This\nerratum also updates X11R6.8 to the latest stable point release\n(6.8.2), which includes various stability and reliability fixes\nincluding (but not limited to) the following :\n\n - The 'radeon' driver has been modified to disable\n 'RENDER' acceleration by default, due to a bug in the\n implementation which has not yet been isolated. This can\n be manually re-enabled by using the following option in\n the device section of the X server config file :\n\nOption 'RenderAccel'\n\n - The 'vmware' video driver is now available on 64-bit\n AMD64 and compatible systems.\n\n - The Intel 'i810' video driver is now available on 64-bit\n EM64T systems.\n\n - Stability fixes in the X Server's PCI handling layer for\n 64-bit systems, which resolve some issues reported by\n 'vesa' and 'nv' driver users.\n\n - Support for Hewlett Packard's Itanium ZX2 chipset.\n\n - Nvidia 'nv' video driver update provides support for\n some of the newer Nvidia chipsets, as well as many\n stability and reliability fixes.\n\n - Intel i810 video driver stability update, which fixes\n the widely reported i810/i815 screen refresh issues many\n have experienced.\n\n - Packaging fixes for multilib systems, which permit both\n 32-bit and 64-bit X11 development environments to be\n simultaneously installed without file conflicts.\n\nIn addition to the above highlights, the X.Org X11 6.8.2 release has a\nlarge number of additional stability fixes which resolve various other\nissues reported since the initial release of Red Hat Enterprise Linux\n4.\n\nAll users of X11 should upgrade to these updated packages, which\nresolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:198\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-14-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-14-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-15-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-15-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-2-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-2-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-9-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-ISO8859-9-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-cyrillic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-syriac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fonts-xorg-truetype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Mesa-libGLU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xdmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xnest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-font-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-twm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-xauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-xdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xorg-x11-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:198\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-100dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-75dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-14-100dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-14-75dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-15-100dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-15-75dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-2-100dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-2-75dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-9-100dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-ISO8859-9-75dpi-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-base-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-cyrillic-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-syriac-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"fonts-xorg-truetype-6.8.1.1-1.EL.1\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-Mesa-libGL-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-Mesa-libGLU-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-Xdmx-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-Xnest-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-Xvfb-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-deprecated-libs-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-deprecated-libs-devel-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-devel-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"xorg-x11-doc-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"xorg-x11-doc-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-font-utils-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-libs-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"xorg-x11-sdk-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"xorg-x11-sdk-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-tools-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-twm-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-xauth-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-xdm-6.8.2-1.EL.13.6\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"xorg-x11-xfs-6.8.2-1.EL.13.6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"fonts-xorg-100dpi / fonts-xorg-75dpi / fonts-xorg-ISO8859-14-100dpi / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:24:47", "description": "Updated xorg-x11 packages that fix a security issue as well as various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nX.Org X11 is the X Window System which provides the core functionality\nof the Linux GUI desktop.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\ncarefully crafted XPM file in such a way that it could cause an\napplication linked with libXpm to execute arbitrary code when the file\nwas opened by a victim. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-0605 to this\nissue.\n\nSince the initial release of Red Hat Enterprise Linux 4, a number of\nissues have been addressed in the X.Org X11 X Window System. This\nerratum also updates X11R6.8 to the latest stable point release\n(6.8.2), which includes various stability and reliability fixes\nincluding (but not limited to) the following :\n\n - The 'radeon' driver has been modified to disable\n 'RENDER' acceleration by default, due to a bug in the\n implementation which has not yet been isolated. This can\n be manually re-enabled by using the following option in\n the device section of the X server config file :\n\nOption 'RenderAccel'\n\n - The 'vmware' video driver is now available on 64-bit\n AMD64 and compatible systems.\n\n - The Intel 'i810' video driver is now available on 64-bit\n EM64T systems.\n\n - Stability fixes in the X Server's PCI handling layer for\n 64-bit systems, which resolve some issues reported by\n 'vesa' and 'nv' driver users.\n\n - Support for Hewlett Packard's Itanium ZX2 chipset.\n\n - Nvidia 'nv' video driver update provides support for\n some of the newer Nvidia chipsets, as well as many\n stability and reliability fixes.\n\n - Intel i810 video driver stability update, which fixes\n the widely reported i810/i815 screen refresh issues many\n have experienced.\n\n - Packaging fixes for multilib systems, which permit both\n 32-bit and 64-bit X11 development environments to be\n simultaneously installed without file conflicts.\n\nIn addition to the above highlights, the X.Org X11 6.8.2 release has a\nlarge number of additional stability fixes which resolve various other\nissues reported since the initial release of Red Hat Enterprise Linux\n4.\n\nAll users of X11 should upgrade to these updated packages, which\nresolve these issues.", "edition": 27, "published": "2006-07-05T00:00:00", "title": "CentOS 4 : xorg-x11 (CESA-2005:198)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2006-07-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:xorg-x11-Xdmx", "p-cpe:/a:centos:centos:xorg-x11-font-utils", "p-cpe:/a:centos:centos:xorg-x11-devel", "p-cpe:/a:centos:centos:xorg-x11-xfs", "p-cpe:/a:centos:centos:fonts-xorg-truetype", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-15-75dpi", "p-cpe:/a:centos:centos:xorg-x11-deprecated-libs", "p-cpe:/a:centos:centos:xorg-x11-sdk", "p-cpe:/a:centos:centos:xorg-x11-Mesa-libGL", "p-cpe:/a:centos:centos:xorg-x11-xauth", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-9-75dpi", "p-cpe:/a:centos:centos:xorg-x11-xdm", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-14-100dpi", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-15-100dpi", "p-cpe:/a:centos:centos:xorg-x11-Xnest", "p-cpe:/a:centos:centos:xorg-x11-twm", "p-cpe:/a:centos:centos:xorg-x11-deprecated-libs-devel", "p-cpe:/a:centos:centos:fonts-xorg-75dpi", "p-cpe:/a:centos:centos:fonts-xorg-cyrillic", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-14-75dpi", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-9-100dpi", "p-cpe:/a:centos:centos:xorg-x11-doc", "p-cpe:/a:centos:centos:fonts-xorg-base", "p-cpe:/a:centos:centos:xorg-x11-Mesa-libGLU", "p-cpe:/a:centos:centos:fonts-xorg-syriac", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-2-75dpi", "p-cpe:/a:centos:centos:xorg-x11", "p-cpe:/a:centos:centos:xorg-x11-libs", "p-cpe:/a:centos:centos:fonts-xorg-100dpi", "p-cpe:/a:centos:centos:fonts-xorg-ISO8859-2-100dpi", "p-cpe:/a:centos:centos:xorg-x11-Xvfb", "p-cpe:/a:centos:centos:xorg-x11-tools"], "id": "CENTOS_RHSA-2005-198.NASL", "href": "https://www.tenable.com/plugins/nessus/21921", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:198 and \n# CentOS Errata and Security Advisory 2005:198 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21921);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"RHSA\", value:\"2005:198\");\n\n script_name(english:\"CentOS 4 : xorg-x11 (CESA-2005:198)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated xorg-x11 packages that fix a security issue as well as various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nX.Org X11 is the X Window System which provides the core functionality\nof the Linux GUI desktop.\n\nAn integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\ncarefully crafted XPM file in such a way that it could cause an\napplication linked with libXpm to execute arbitrary code when the file\nwas opened by a victim. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-0605 to this\nissue.\n\nSince the initial release of Red Hat Enterprise Linux 4, a number of\nissues have been addressed in the X.Org X11 X Window System. This\nerratum also updates X11R6.8 to the latest stable point release\n(6.8.2), which includes various stability and reliability fixes\nincluding (but not limited to) the following :\n\n - The 'radeon' driver has been modified to disable\n 'RENDER' acceleration by default, due to a bug in the\n implementation which has not yet been isolated. This can\n be manually re-enabled by using the following option in\n the device section of the X server config file :\n\nOption 'RenderAccel'\n\n - The 'vmware' video driver is now available on 64-bit\n AMD64 and compatible systems.\n\n - The Intel 'i810' video driver is now available on 64-bit\n EM64T systems.\n\n - Stability fixes in the X Server's PCI handling layer for\n 64-bit systems, which resolve some issues reported by\n 'vesa' and 'nv' driver users.\n\n - Support for Hewlett Packard's Itanium ZX2 chipset.\n\n - Nvidia 'nv' video driver update provides support for\n some of the newer Nvidia chipsets, as well as many\n stability and reliability fixes.\n\n - Intel i810 video driver stability update, which fixes\n the widely reported i810/i815 screen refresh issues many\n have experienced.\n\n - Packaging fixes for multilib systems, which permit both\n 32-bit and 64-bit X11 development environments to be\n simultaneously installed without file conflicts.\n\nIn addition to the above highlights, the X.Org X11 6.8.2 release has a\nlarge number of additional stability fixes which resolve various other\nissues reported since the initial release of Red Hat Enterprise Linux\n4.\n\nAll users of X11 should upgrade to these updated packages, which\nresolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011797.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f9a6a81\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011806.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54263d47\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011807.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8c624b80\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xorg-x11 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-14-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-14-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-15-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-15-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-2-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-2-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-9-100dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-ISO8859-9-75dpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-cyrillic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-syriac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fonts-xorg-truetype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-Mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-Mesa-libGLU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-Xdmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-Xnest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-Xvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-deprecated-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-deprecated-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-font-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-twm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-xauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-xdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xorg-x11-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-14-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-14-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-14-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-14-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-15-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-15-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-15-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-15-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-2-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-2-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-2-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-2-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-9-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-9-100dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-ISO8859-9-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-ISO8859-9-75dpi-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-base-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-base-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-cyrillic-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-cyrillic-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-syriac-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-syriac-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"fonts-xorg-truetype-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"fonts-xorg-truetype-6.8.1.1-1.EL.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-Mesa-libGL-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-Mesa-libGLU-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-Xdmx-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-Xnest-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-Xvfb-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-deprecated-libs-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-deprecated-libs-devel-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-devel-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-doc-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-font-utils-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-libs-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-sdk-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-tools-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-twm-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-xauth-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-xdm-6.8.2-1.EL.13.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"xorg-x11-xfs-6.8.2-1.EL.13.6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"fonts-xorg-100dpi / fonts-xorg-75dpi / fonts-xorg-ISO8859-14-100dpi / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:55", "description": "The remote host is affected by the vulnerability described in GLSA-200503-08\n(OpenMotif, LessTif: New libXpm buffer overflows)\n\n Chris Gilbert discovered potentially exploitable buffer overflow\n cases in libXpm that weren't fixed in previous libXpm security\n advisories.\n \nImpact :\n\n A carefully-crafted XPM file could crash applications making use\n of the OpenMotif or LessTif toolkits, potentially allowing the\n execution of arbitrary code with the privileges of the user running the\n application.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2005-03-06T00:00:00", "title": "GLSA-200503-08 : OpenMotif, LessTif: New libXpm buffer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-03-06T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:openmotif", "p-cpe:/a:gentoo:linux:lesstif"], "id": "GENTOO_GLSA-200503-08.NASL", "href": "https://www.tenable.com/plugins/nessus/17274", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200503-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17274);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"GLSA\", value:\"200503-08\");\n\n script_name(english:\"GLSA-200503-08 : OpenMotif, LessTif: New libXpm buffer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200503-08\n(OpenMotif, LessTif: New libXpm buffer overflows)\n\n Chris Gilbert discovered potentially exploitable buffer overflow\n cases in libXpm that weren't fixed in previous libXpm security\n advisories.\n \nImpact :\n\n A carefully-crafted XPM file could crash applications making use\n of the OpenMotif or LessTif toolkits, potentially allowing the\n execution of arbitrary code with the privileges of the user running the\n application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200503-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenMotif users should upgrade to an unaffected version:\n # emerge --sync\n # emerge --ask --oneshot --verbose x11-libs/openmotif\n All LessTif users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-libs/lesstif-0.94.0-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lesstif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openmotif\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/06\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"x11-libs/lesstif\", unaffected:make_list(\"ge 0.94.0-r2\"), vulnerable:make_list(\"lt 0.94.0-r2\"))) flag++;\nif (qpkg_check(package:\"x11-libs/openmotif\", unaffected:make_list(\"ge 2.2.3-r3\", \"rge 2.1.30-r9\"), vulnerable:make_list(\"lt 2.2.3-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenMotif / LessTif\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:05:49", "description": "An integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a\nvictim using an application linked to the vulnerable library. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0605 to this issue.\n\nFurthermore, this updates the Fedora Core 3 X.org packages to the\n6.8.2 maintenance release, which includes a large number of bug \nfixes :\n\nhttp://xorg.freedesktop.org/wiki/X11R682Release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2005-09-12T00:00:00", "title": "Fedora Core 3 : xorg-x11-6.8.2-1.FC3.13 (2005-273)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0605"], "modified": "2005-09-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:3", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Xnest", "p-cpe:/a:fedoraproject:fedora:xorg-x11-deprecated-libs", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Xvfb", "p-cpe:/a:fedoraproject:fedora:xorg-x11-doc", "p-cpe:/a:fedoraproject:fedora:xorg-x11-xfs", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGLU", "p-cpe:/a:fedoraproject:fedora:xorg-x11-twm", "p-cpe:/a:fedoraproject:fedora:xorg-x11", "p-cpe:/a:fedoraproject:fedora:xorg-x11-xauth", "p-cpe:/a:fedoraproject:fedora:xorg-x11-tools", "p-cpe:/a:fedoraproject:fedora:xorg-x11-sdk", "p-cpe:/a:fedoraproject:fedora:xorg-x11-devel", "p-cpe:/a:fedoraproject:fedora:xorg-x11-deprecated-libs-devel", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGL", "p-cpe:/a:fedoraproject:fedora:xorg-x11-Xdmx", "p-cpe:/a:fedoraproject:fedora:xorg-x11-libs", "p-cpe:/a:fedoraproject:fedora:xorg-x11-font-utils", "p-cpe:/a:fedoraproject:fedora:xorg-x11-xdm"], "id": "FEDORA_2005-273.NASL", "href": "https://www.tenable.com/plugins/nessus/19641", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-273.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19641);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0605\");\n script_xref(name:\"FEDORA\", value:\"2005-273\");\n\n script_name(english:\"Fedora Core 3 : xorg-x11-6.8.2-1.FC3.13 (2005-273)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An integer overflow flaw was found in libXpm, which is used by some\napplications for loading of XPM images. An attacker could create a\nmalicious XPM file that would execute arbitrary code if opened by a\nvictim using an application linked to the vulnerable library. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-0605 to this issue.\n\nFurthermore, this updates the Fedora Core 3 X.org packages to the\n6.8.2 maintenance release, which includes a large number of bug \nfixes :\n\nhttp://xorg.freedesktop.org/wiki/X11R682Release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://xorg.freedesktop.org/wiki/X11R682Release\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-March/000815.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7fe0c3b9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Mesa-libGLU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Xdmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Xnest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-Xvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-deprecated-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-deprecated-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-font-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-twm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-xauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-xdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xorg-x11-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-Mesa-libGL-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-Xdmx-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-Xnest-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-Xvfb-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-deprecated-libs-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-devel-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-doc-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-font-utils-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-libs-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-sdk-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-tools-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-twm-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-xauth-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-xdm-6.8.2-1.FC3.13\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"xorg-x11-xfs-6.8.2-1.FC3.13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xorg-x11 / xorg-x11-Mesa-libGL / xorg-x11-Mesa-libGLU / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}