FrSIRT - Mandriva Security Update Fixes X.Org X Server Multiple Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Mandriva Security Update Fixes X.Org X Server Multiple Vulnerabilities

Date de Publication : 2008-01-24 © FrSIRT.COM
Titre : Mandriva Security Update Fixes X.Org X Server Multiple Vulnerabilities
Identifiant : FrSIRT/AVIS-2008-0256
CVE ID : CVE-2007-5760 - CVE-2007-5958 - CVE-2007-6427 - CVE-2007-6428 - CVE-2007-6429
Risque : Modéré (2/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Mandriva, elles pourraient être exploitées par des attaquants afin d'obtenir des informations sensibles, causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
dd641b0925b43a3c6db839717424f150 2007.0/i586/x11-server-xgl-0.0.1-0.20060714.11.3mdv2007.0.i586.rpm
3747f570ab5133bc33992aa6eb88119b 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.11.3mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
8d451268a57d8994f0ce0cf04f830ccf 2007.0/x86_64/x11-server-xgl-0.0.1-0.20060714.11.3mdv2007.0.x86_64.rpm
3747f570ab5133bc33992aa6eb88119b 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.11.3mdv2007.0.src.rpm

Mandriva Linux 2007.1:
5984120f81b569ed1d5ce33a4b99811c 2007.1/i586/x11-server-xgl-0.0.1-0.20070105.4.3mdv2007.1.i586.rpm
d5ea53e985f860f4283a31871e92cb24 2007.1/SRPMS/x11-server-xgl-0.0.1-0.20070105.4.3mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
844815151b636f617544c15327d79c23 2007.1/x86_64/x11-server-xgl-0.0.1-0.20070105.4.3mdv2007.1.x86_64.rpm
d5ea53e985f860f4283a31871e92cb24 2007.1/SRPMS/x11-server-xgl-0.0.1-0.20070105.4.3mdv2007.1.src.rpm

Mandriva Linux 2008.0:
ee6ed1d6886652fc18672979d22a32d7 2008.0/i586/x11-server-xgl-0.0.1-0.20070917.2.1mdv2008.0.i586.rpm
9eb1f98a29c53dcd3226b5ac5a8e28c7 2008.0/SRPMS/x11-server-xgl-0.0.1-0.20070917.2.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
67d964ead0d0f93df039c4d06ebf1b8c 2008.0/x86_64/x11-server-xgl-0.0.1-0.20070917.2.1mdv2008.0.x86_64.rpm
9eb1f98a29c53dcd3226b5ac5a8e28c7 2008.0/SRPMS/x11-server-xgl-0.0.1-0.20070917.2.1mdv2008.0.src.rpm

Historique

2008-01-24 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability
	Apple Safari Code Execution and Information Disclosure Vulnerabilities
	Apple QuickTime Multiple File Handling Code Execution Vulnerabilities
	Apple Safari for Windows Remote Code Execution Vulnerability
	Apple Mac OS X Command Execution Vulnerabilities

	Microsoft Internet Explorer Frame Cross-Domain Scripting Vulnerability
	Microsoft Internet Explorer "location" Cross-Domain Scripting Issue
	Microsoft Windows PGM Remote Denial of Service Vulnerability (MS08-036)
	Microsoft Active Directory Remote Denial of Service (MS08-035)
	Microsoft Windows WINS Local Privilege Escalation Vulnerability (MS08-034)
	Microsoft Windows DirectX Remote Code Execution (MS08-033)
	Microsoft Windows Speech API Remote Code Execution (MS08-032)

	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
	Cisco Products SNMPv3 Authentication Packets Vulnerabilities
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco IOS Secure Shell Remote Denial of Service