14 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-13723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In X.Org Server aka xserver and xorg-server before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the...
SUSE: Security Advisory (SUSE-SU-2017:3025-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:3047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP1 : xorg-x11-server (EulerOS-SA-2017-1295)
According to the version of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In X.Org Server aka xserver and xorg-server before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer,...
SUSE SLED12 / SLES12 Security Update : xorg-x11-server (SUSE-SU-2017:3047-1)
This update for xorg-x11-server fixes several issues. These security issues were fixed : - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed bnc1052984 - CVE-2017-13723: A local denial of service via unusual...
[SECURITY] [DLA 1186-1] xorg-server security update
Package : xorg-server Version : 2:1.12.4-6+deb7u8 CVE ID : CVE-2017-2624 CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12180 CVE-2017-12182 CVE-2017-12183 CVE-2017-12184 CVE-2017-12185 CVE-2017-12187 CVE-2017-13723 Several vulnerabilities have been discovered in the X.Org X server. An...
SUSE SLES11 Security Update : xorg-x11-server (SUSE-SU-2017:3025-1)
This update for xorg-x11-server provides several fixes. These security issues were fixed : - CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and XkbStringText bsc1051150. - Improve the entropy when generating random data used in X.org server authorization cookies generatio...
GLSA-201710-30 : X.Org Server: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201710-30 X.Org Server: Multiple vulnerabilities Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact : A local attacker could cause a global buffer overfl...
Debian DSA-4000-1 : xorg-server - security update
Several vulnerabilities have been discovered in the X.Org X server. An attacker who's able to connect to an X server could cause a denial of service or potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
[SECURITY] [DSA 4000-1] xorg-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4000-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 17, 2017 https://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-3453-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3453-1: X.Org X server vulnerabilities
Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly replace shared memory segments of other X clients in the same session...
CVE-2017-13723
CVE-2017-13723 affects X.Org Server (xorg-server) prior to 1.19.4. A local attacker authenticated to the X server can overflow a global buffer via injecting large or malformed XKB atoms and accessing them through xkbcomp, leading to crashes and potential privilege elevation when run as root. Docu...
Updated x11-server packages fix security vulnerabilities
In Xext/shm, the shmseg resource id can belong to a non-existing client and abort X server with FatalError "client not in use", or overwrite existing segment of another existing client CVE-2017-13721. Generating strings for XKB data used a single shared static buffer, which offered several...