Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.843253
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for xorg-server USN-3362-1
Zusammenfassung:The remote host is missing an update for the 'xorg-server'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'xorg-server'
package(s) announced via the referenced advisory.

Vulnerability Insight:
It was discovered that the X.Org X server
incorrectly handled endianness conversion of certain X events. An attacker able
to connect to an X server, either locally or remotely, could use this issue to
crash the server, or possibly execute arbitrary code as an administrator.
(CVE-2017-10971) It was discovered that the X.Org X server incorrectly handled
endianness conversion of certain X events. An attacker able to connect to an X
server, either locally or remotely, could use this issue to possibly obtain
sensitive information. (CVE-2017-10972) Eric Sesterhenn discovered that the
X.Org X server incorrectly compared MIT cookies. An attacker could possibly use
this issue to perform a timing attack and recover the MIT cookie.
(CVE-2017-2624)

Affected Software/OS:
xorg-server on Ubuntu 17.04,
Ubuntu 16.04 LTS,
Ubuntu 14.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-2624
BugTraq ID: 96480
http://www.securityfocus.com/bid/96480
https://security.gentoo.org/glsa/201704-03
https://security.gentoo.org/glsa/201710-30
https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html
http://www.securitytracker.com/id/1037919
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.