Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.1.4.2014.0893.1 |
Kategorie: | SuSE Local Security Checks |
Titel: | SUSE: Security Advisory (SUSE-SU-2014:0893-1) |
Zusammenfassung: | The remote host is missing an update for the 'xorg-x11-libX11' package(s) announced via the SUSE-SU-2014:0893-1 advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'xorg-x11-libX11' package(s) announced via the SUSE-SU-2014:0893-1 advisory. Vulnerability Insight: This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libX11, fixing security issues. These issues require connection to a malicious X server to trigger the bugs in client libraries. Security issues fixed: * CVE-2013-1981: Multiple integer overflows in X.org libX11 allowed X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. * CVE-2013-1997: Multiple buffer overflows in X.org libX11 allowed X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions. * CVE-2013-2004: The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 did not restrict the recursion depth when processing directives to include files, which allowed X servers to cause a denial of service (stack consumption) via a crafted file. Security Issue references: * CVE-2013-1981 * CVE-2013-1997 * CVE-2013-2004 Affected Software/OS: 'xorg-x11-libX11' package(s) on SUSE Linux Enterprise Server 11 SP1. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-1981 BugTraq ID: 60120 http://www.securityfocus.com/bid/60120 Debian Security Information: DSA-2693 (Google Search) http://www.debian.org/security/2013/dsa-2693 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1854-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1997 Common Vulnerability Exposure (CVE) ID: CVE-2013-2004 |
Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |