Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2015:119 | First vendor Publication | 2015-03-29 |
Vendor | Mandriva | Last vendor Modification | 2015-03-29 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Updated x11-server packages fix security vulnerabilities: Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service (CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102). Olivier Fourdan from Red Hat has discovered a protocol handling issue in the way the X server code base handles the XkbSetGeometry request, where the server trusts the client to send valid string lengths. A malicious client with string lengths exceeding the request length can cause the server to copy adjacent memory data into the XKB structs. This data is then available to the client via the XkbGetGeometry request. This can lead to information disclosure issues, as well as possibly a denial of service if a similar request can cause the server to crash (CVE-2015-0255). |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
80 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
10 % | CWE-200 | Information Exposure |
10 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:28527 | |||
Oval ID: | oval:org.mitre.oval:def:28527 | ||
Title: | DSA-3095-1 -- xorg-server security update | ||
Description: | Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3095-1 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 | Version: | 4 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | xorg-server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28577 | |||
Oval ID: | oval:org.mitre.oval:def:28577 | ||
Title: | ELSA-2014-1982 -- xorg-x11-server security update (important) | ||
Description: | [1.1.1-48.107.0.1.el5_11] - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file [1.1.1-48.107] - CVE-2014-8091 denial of service due to unchecked malloc in client authentication (#1168680) - CVE-2014-8092 integer overflow in X11 core protocol requests when calculating memory needs for requests (#1168684) - CVE-2014-8097 out of bounds access due to not validating length or offset values in DBE extension (#1168705) - CVE-2014-8095 out of bounds access due to not validating length or offset values in XInput extension (#1168694) - CVE-2014-8096 out of bounds access due to not validating length or offset values in XC-MISC extension(#1168700) - CVE-2014-8099 out of bounds access due to not validating length or offset values in XVideo extension (#1168710) - CVE-2014-8100 out of bounds access due to not validating length or offset values in Render extension (#1168711) - CVE-2014-8102 out of bounds access due to not validating length or offset values in XFixes extension (#1168714) - CVE-2014-8101 out of bounds access due to not validating length or offset values in RandR extension (#1168713) - CVE-2014-8093 xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests (#1168688) - CVE-2014-8098 xorg-x11-server: out of bounds access due to not validating length or offset values in GLX extension (#1168707) [1.1.1-48.104] - xserver-1.1.1-randr-config-timestamps.patch: Backport timestamp comparison fix from upstream RANDR code (#1006076) [1.1.1-48.103] - CVE-2013-6424: Fix OOB in trapezoid rasterization | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1982 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 | Version: | 3 |
Platform(s): | Oracle Linux 5 | Product(s): | xorg-x11-server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28652 | |||
Oval ID: | oval:org.mitre.oval:def:28652 | ||
Title: | RHSA-2014:1982 -- xorg-x11-server security update (Important) | ||
Description: | X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1982 CESA-2014:1982 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xorg-x11-server |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-07-16 | IAVM : 2015-A-0160 - Multiple Vulnerabilities in Oracle Linux and Virtualization Severity : Category I - VMSKEY : V0061123 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-07-16 | Name : The application installed on the remote host is affected by multiple vulnerab... File : oracle_secure_global_desktop_jul_2015_cpu.nasl - Type : ACT_GATHER_INFO |
2015-06-25 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1127-1.nasl - Type : ACT_GATHER_INFO |
2015-06-11 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1025-1.nasl - Type : ACT_GATHER_INFO |
2015-06-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201504-06.nasl - Type : ACT_GATHER_INFO |
2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0939-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0398-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0047-1.nasl - Type : ACT_GATHER_INFO |
2015-05-07 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-519.nasl - Type : ACT_GATHER_INFO |
2015-05-04 | Name : The remote Debian host is missing a security update. File : debian_DLA-218.nasl - Type : ACT_GATHER_INFO |
2015-04-14 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150410_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-04-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0797.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0797.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0797.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-119.nasl - Type : ACT_GATHER_INFO |
2015-03-27 | Name : The remote Fedora host is missing a security update. File : fedora_2015-3964.nasl - Type : ACT_GATHER_INFO |
2015-03-27 | Name : The remote Fedora host is missing a security update. File : fedora_2015-3948.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-120.nasl - Type : ACT_GATHER_INFO |
2015-03-23 | Name : The remote Fedora host is missing a security update. File : fedora_2015-3953.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-150210.nasl - Type : ACT_GATHER_INFO |
2015-02-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-169.nasl - Type : ACT_GATHER_INFO |
2015-02-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-170.nasl - Type : ACT_GATHER_INFO |
2015-02-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2500-1.nasl - Type : ACT_GATHER_INFO |
2015-02-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_54a69cf7b2ef11e4b1f1bcaec565249c.nasl - Type : ACT_GATHER_INFO |
2015-02-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3160.nasl - Type : ACT_GATHER_INFO |
2015-01-16 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-470.nasl - Type : ACT_GATHER_INFO |
2015-01-15 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-141217.nasl - Type : ACT_GATHER_INFO |
2014-12-29 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-815.nasl - Type : ACT_GATHER_INFO |
2014-12-23 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-356-03.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1982.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1983.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3095.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_27b9b2f0808111e4b4cabcaec565249c.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_fdf72a0e837111e4bc20001636d274f3.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1982.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1983.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1982.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1983.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141211_xorg_x11_server_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141211_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2438-1.nasl - Type : ACT_GATHER_INFO |
2014-12-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2436-1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-03-31 13:29:37 |
|
2015-03-29 13:25:47 |
|