EUVD-2017-11785

Malware in sbrugna...

Mageia: Security Advisory (MGASA-2018-0200)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1741-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-2624

It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...

CVE-2017-2624

It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...

CVE-2017-2624

It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...

MGASA-2018-0200 Updated nxagent packages fix security vulnerability

CVE-2017-2624: Timing attack against MIT Cookie...

Updated nxagent packages fix security vulnerability

CVE-2017-2624: Timing attack against MIT Cookie...

MGASA-2017-0269 Updated x11-server packages fix security vulnerabilities

Eric Sesterhenn discovered that the X.Org X server incorrectly compared MIT cookies. An attacker could possibly use this issue to perform a timing attack and recover the MIT cookie CVE-2017-2624. It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X...

Ubuntu: Security Advisory (USN-3362-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3362-1: X.Org X server vulnerabilities

It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly execute arbitrary code as an administrator. CVE-2017-10971 It was...

SUSE SLED12 / SLES12 Security Update : xorg-x11-server (SUSE-SU-2017:1675-1)

This update for xorg-x11-server provides the following fixes : - Remove unused function with use-after-free issue. bsc1025035 - Use arc4random to generate cookies. bsc1025084 - Prevent timing attack against MIT cookie. bsc1025029, CVE-2017-2624 - XDrawArc performance improvement. bsc1019649 -...

openSUSE Security Update : xorg-x11-server (openSUSE-2017-710)

This update for xorg-x11-server fixes the following security issues : - CVE-2017-2624: Prevent timing attack against MIT cookie. boo1025029 - Use arc4random to generate cookies with more randomness. boo1025084 - Remove unused function with use-after-free issue. boo1025035 %NASLMINLEVEL 70300 C...

X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities

Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...

CVE-2017-2624

It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...

X.org Privilege Escalation / Use-After-Free / Weak Entropy

X41 D-Sec GmbH Security Advisory: X41-2017-001 Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...

CVE-2017-2624

It was found that xorg-x11-server before 1.19.0 including uses memcmp to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp implementations return after an invalid byte is seen, this causes a ti...