Amazon Linux AMI : xorg-x11-server (ALAS-2015-470)

Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially...

Important: xorg-x11-server

Issue Overview: Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

Scientific Linux Security Update : xorg-x11-server on SL5.x i386/x86_64 (20141211)

Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially...

Scientific Linux Security Update : xorg-x11-server on SL6.x, SL7.x i386/x86_64 (20141211)

Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially...

xorg-x11-server: denial of service due to unchecked malloc in client authentication

It was found that the X.Org server did not properly handle SUN-DES-1 Secure RPC authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request...

Important: Red Hat Security Advisory: xorg-x11-server security update

Updated xorg-x11-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

SSH 1.2.x Secure-RPC Weak Encrypted Authentication Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2222/info SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security. A problem exists which...

SSH Secure-RPC Weak Encrypted Authentication

You are running SSH Communications Security SSH 1.2.27 - 1.2.30. SPDX-FileCopyrightText: 2003 Xue Yong Zhi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SSH ssh-keygen with Secure-RPC SUN-DES-1 Phrase Recovery

The remote host is running a version of SSH Communications Security SSH comprised between versions 1.2.27 and 1.2.30. With Secure-RPC, this version can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private ke...

CVE-2001-0259

ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file...

CVE-2001-0259

ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file...

CVE-2001-0259

The connected sources confirm a vulnerability in SSH Communications Security SSH versions 1.2.27–1.2.30 when Secure-RPC is enabled. A local attacker can cause the system to recover the SUN-DES-1 magic phrase generated for another user, which can then decrypt that user’s private key file. This wea...

SSH 1.2.x - Secure-RPC Weak Encrypted Authentication

SSH 1.2.x - Secure-RPC Weak Encrypted Authentication // source: https://www.securityfocus.com/bid/2222/info SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security. A...