FrSIRT - Fedora Security Update Fixes xorg-x11-xfs Multiple Local Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes xorg-x11-xfs Multiple Local Vulnerabilities

Date de Publication : 2007-12-11 © FrSIRT.COM
Titre : Fedora Security Update Fixes xorg-x11-xfs Multiple Local Vulnerabilities
Identifiant : FrSIRT/AVIS-2007-4162
CVE ID : CVE-2007-4568 - CVE-2007-4990
Risque : Modéré (2/4) -

Exploitable à distance : Non
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Fedora, elles pourraient être exploitées par des attaquants locaux afin de causer un déni de service ou exécuter un code arbitraire [...]

Solution

Installer les mises à jour :

77038b706fcc1007fe3e44042ce30014131b7e43 xorg-x11-xfs-1.0.5-1.fc7.ppc64.rpm
e6d66cf9582ccc12d1e7752d55d450ca5c41082d xorg-x11-xfs-debuginfo-1.0.5-1.fc7.ppc64.rpm
7f8234214a8694ab22dc61ec919b1df973f83a20 xorg-x11-xfs-utils-1.0.5-1.fc7.ppc64.rpm
03ec7099f027501172ab4301241ce9c837c59862 xorg-x11-xfs-debuginfo-1.0.5-1.fc7.i386.rpm
8d6eb5f64e54ede760c742c5514c61a10ea03f67 xorg-x11-xfs-1.0.5-1.fc7.i386.rpm
d4f690e61ee763c06e963fb784796620931e0a40 xorg-x11-xfs-utils-1.0.5-1.fc7.i386.rpm
5ce5681a5e32f69fb1e77c9f3d985f30c791fa85 xorg-x11-xfs-1.0.5-1.fc7.x86_64.rpm
f8df90b467fc967d4b9d43baa8720b9abbcc2173 xorg-x11-xfs-utils-1.0.5-1.fc7.x86_64.rpm
803b53e44c20a8423c64ab538b5157ef2e394876 xorg-x11-xfs-debuginfo-1.0.5-1.fc7.x86_64.rpm
bf33f4bf7048bd1e74f11f3a2cc925791da3d8bf xorg-x11-xfs-utils-1.0.5-1.fc7.ppc.rpm
ee75fc38225d4df5a836f0f9381b6a87497f8757 xorg-x11-xfs-1.0.5-1.fc7.ppc.rpm
50dc6219b1be7a82c8459cf99a7938d8bc00c642 xorg-x11-xfs-debuginfo-1.0.5-1.fc7.ppc.rpm
c0e79d4150616e00c98d7e2fa3af642f69374a49 xorg-x11-xfs-1.0.5-1.fc7.src.rpm

Historique

2007-12-11 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities
	Sun Solaris "snmpXdmid" Packet Handling Denial of Service Vulnerability
	Sun Solaris FreeType2 Library Multiple Memory Corruption Vulnerabilities
	Sun Java System Calendar Server Denial of Service Vulnerability
	Sun Solaris SMA SNMPv3 Authentication Bypass Vulnerability

	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability
	Apple Safari Code Execution and Information Disclosure Vulnerabilities
	Apple QuickTime Multiple File Handling Code Execution Vulnerabilities
	Apple Safari for Windows Remote Code Execution Vulnerability
	Apple Mac OS X Command Execution Vulnerabilities

	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities