CentOS Local Security Checks : CentOS Update for xorg-x11-server-common CESA-2013:1426 centos6

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.881802

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for xorg-x11-server-common CESA-2013:1426 centos6

Zusammenfassung: The remote host is missing an update for the 'xorg-x11-server-common'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'xorg-x11-server-common'
package(s) announced via the referenced advisory.

Vulnerability Insight:
X.Org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

A use-after-free flaw was found in the way the X.Org server handled
ImageText requests. A malicious, authorized client could use this flaw to
crash the X.Org server or, potentially, execute arbitrary code with root
privileges. (CVE-2013-4396)

Red Hat would like to thank the X.Org security team for reporting this
issue. Upstream acknowledges Pedro Ribeiro as the original reporter.

All xorg-x11-server users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue.

Affected Software/OS:
xorg-x11-server-common on CentOS 6

Solution:
Please install the updated packages.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-4396
BugTraq ID: 62892
http://www.securityfocus.com/bid/62892
Debian Security Information: DSA-2784 (Google Search)
http://www.debian.org/security/2013/dsa-2784
http://openwall.com/lists/oss-security/2013/10/08/6
http://lists.x.org/archives/xorg-announce/2013-October/002332.html
RedHat Security Advisories: RHSA-2013:1426
http://rhn.redhat.com/errata/RHSA-2013-1426.html
SuSE Security Announcement: openSUSE-SU-2013:1610 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html
SuSE Security Announcement: openSUSE-SU-2013:1614 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html
http://www.ubuntu.com/usn/USN-1990-1

Copyright Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.881802
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for xorg-x11-server-common CESA-2013:1426 centos6
Zusammenfassung:	The remote host is missing an update for the 'xorg-x11-server-common'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xorg-x11-server-common' package(s) announced via the referenced advisory. Vulnerability Insight: X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2013-4396) Red Hat would like to thank the X.Org security team for reporting this issue. Upstream acknowledges Pedro Ribeiro as the original reporter. All xorg-x11-server users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Affected Software/OS: xorg-x11-server-common on CentOS 6 Solution: Please install the updated packages. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4396 BugTraq ID: 62892 http://www.securityfocus.com/bid/62892 Debian Security Information: DSA-2784 (Google Search) http://www.debian.org/security/2013/dsa-2784 http://openwall.com/lists/oss-security/2013/10/08/6 http://lists.x.org/archives/xorg-announce/2013-October/002332.html RedHat Security Advisories: RHSA-2013:1426 http://rhn.redhat.com/errata/RHSA-2013-1426.html SuSE Security Announcement: openSUSE-SU-2013:1610 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html SuSE Security Announcement: openSUSE-SU-2013:1614 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html http://www.ubuntu.com/usn/USN-1990-1
Copyright	Copyright (C) 2013 Greenbone AG