Detections
Analytics
openSUSE 10 Security Update : xorg-x11-Xnest (xorg-x11-Xnest-4859)
high Nessus Plugin ID 30017
Synopsis
The remote openSUSE host is missing a security update.Description
This update fixes various Xserver security issues. File existence disclosure vulnerability (CVE-2007-5958).XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427].
TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428].
EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429].
MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429].
XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760].
PCF font parser vulnerability.
Solution
Update the affected xorg-x11-Xnest packages.Plugin Details
Severity: High
ID: 30017
File Name: suse_xorg-x11-Xnest-4859.nasl
Version: 1.11
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 1/18/2008
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:xorg-x11-xnest, p-cpe:/a:novell:opensuse:xorg-x11-xvfb, p-cpe:/a:novell:opensuse:xorg-x11-devel, p-cpe:/a:novell:opensuse:xorg-x11-devel-32bit, p-cpe:/a:novell:opensuse:xorg-x11-libs, p-cpe:/a:novell:opensuse:xorg-x11-libs-32bit, p-cpe:/a:novell:opensuse:xorg-x11-server, p-cpe:/a:novell:opensuse:xorg-x11-server-extra, p-cpe:/a:novell:opensuse:xorg-x11-server-sdk, cpe:/o:novell:opensuse:10.1, cpe:/o:novell:opensuse:10.2, cpe:/o:novell:opensuse:10.3
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/3/2008
Exploitable With
Core Impact
Reference Information
CVE: CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429