10 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-13721
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts ...
SUSE: Security Advisory (SUSE-SU-2017:3047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : xorg-x11-server (SUSE-SU-2017:3047-1)
This update for xorg-x11-server fixes several issues. These security issues were fixed : - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed bnc1052984 - CVE-2017-13723: A local denial of service via unusual...
GLSA-201710-30 : X.Org Server: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201710-30 X.Org Server: Multiple vulnerabilities Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact : A local attacker could cause a global buffer overfl...
Debian DSA-4000-1 : xorg-server - security update
Several vulnerabilities have been discovered in the X.Org X server. An attacker who's able to connect to an X server could cause a denial of service or potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
[SECURITY] [DSA 4000-1] xorg-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4000-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 17, 2017 https://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-3453-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3453-1: X.Org X server vulnerabilities
Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly replace shared memory segments of other X clients in the same session...
CVE-2017-13721
CVE-2017-13721 affects X.Org Server (xserver/xorg-server) prior to 1.19.4. The issue arises in ProcShmCreateSegment: a shmseg resource id can belong to a non-existing client, causing X server aborts with FatalError or overwriting another client’s segment. This can enable a local attacker to crash...
Updated x11-server packages fix security vulnerabilities
In Xext/shm, the shmseg resource id can belong to a non-existing client and abort X server with FatalError "client not in use", or overwrite existing segment of another existing client CVE-2017-13721. Generating strings for XKB data used a single shared static buffer, which offered several...