16 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-2624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is...
Mageia: Security Advisory (MGASA-2018-0200)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1741-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1675-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-2624
CVE-2017-2624 affects the X.Org X server (xorg-x11-server) before 1.19.0. The vulnerability arises from using memcmp() to compare the received MIT cookie against a series of valid cookies; since many memcmp() implementations stop at the first differing byte, an observable timing差 can leak informa...
CVE-2017-2624
It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...
Fedora Update for x2goserver FEDORA-2017-8d369659cb
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1186-1] xorg-server security update
Package : xorg-server Version : 2:1.12.4-6+deb7u8 CVE ID : CVE-2017-2624 CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12180 CVE-2017-12182 CVE-2017-12183 CVE-2017-12184 CVE-2017-12185 CVE-2017-12187 CVE-2017-13723 Several vulnerabilities have been discovered in the X.Org X server. An...
GLSA-201710-30 : X.Org Server: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201710-30 X.Org Server: Multiple vulnerabilities Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact : A local attacker could cause a global buffer overfl...
Ubuntu 14.04 LTS / 16.04 LTS : X.Org X server vulnerabilities (USN-3362-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3362-1 advisory. It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X...
SUSE SLES11 Security Update : xorg-x11-server (SUSE-SU-2017:1741-1)
This update for xorg-x11-server fixes the following issues: Security issues : - CVE-2017-2624: Prevent timing attack against MIT cookie. bsc1025029, CVE-2017-2624 Non security issues : - Use arc4random to generate cookies. bsc1025084 - XDrawArc performance improvement bsc1019649 - Fix byte swappi...
openSUSE Security Update : xorg-x11-server (openSUSE-2017-710)
This update for xorg-x11-server fixes the following security issues : - CVE-2017-2624: Prevent timing attack against MIT cookie. boo1025029 - Use arc4random to generate cookies with more randomness. boo1025084 - Remove unused function with use-after-free issue. boo1025035 %NASLMINLEVEL 70300 C...
GLSA-201704-03 : X.Org: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201704-03 X.Org: Multiple vulnerabilities Multiple vulnerabilities have been discovered in X.Org server and libraries. Please review the CVE identifiers referenced below for details. Impact : A local or remote users can utilize th...
X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities
Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
X.org Privilege Escalation / Use-After-Free / Weak Entropy
X41 D-Sec GmbH Security Advisory: X41-2017-001 Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
CVE-2017-2624
It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...