oval:org.mitre.oval:def:8106

Definition Id: oval:org.mitre.oval:def:8106

Oval ID:	oval:org.mitre.oval:def:8106
Title:	DSA-1466 xfree86 -- several vulnerabilities
Description:	The X.org fix for CVE-2007-6429 introduced a regression in the MIT-SHM extension, which prevented the start of a few applications. This update provides updated packages for the xfree86 version included in Debian old stable (sarge) in addition to the fixed packages for Debian stable (etch), which were provided in DSA 1466-2. For reference the original advisory text below: Several local vulnerabilities have been discovered in the X.Org X server. The Common Vulnerabilities and Exposures project identifies the following problems: regenrecht discovered that missing input sanitising within the XFree86-Misc extension may lead to local privilege escalation. It was discovered that error messages of security policy file handling may lead to a minor information leak disclosing the existence of files otherwise inaccessible to the user. regenrecht discovered that missing input sanitising within the XInput-Misc extension may lead to local privilege escalation. regenrecht discovered that missing input sanitising within the TOG-CUP extension may lead to disclosure of memory contents. regenrecht discovered that integer overflows in the EVI and MIT-SHM extensions may lead to local privilege escalation. It was discovered that insufficient validation of PCF fonts could lead to local privilege escalation.
Family:	unix	Class:	patch
Reference(s):	DSA-1466 CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006	Version:	5
Platform(s):	Debian GNU/Linux 4.0 Debian GNU/Linux 3.1	Product(s):	xfree86
Definition Synopsis:
Release section Debian GNU/Linux 4.0 is installed. AND Packages section xserver-xorg-core is earlier than 1.1.1-21etch2 AND libxfont1-dbg is earlier than 1.2.2-2.etch1 AND xdmx is earlier than 1.1.1-21etch2 AND xserver-xorg-dev is earlier than 1.1.1-21etch2 AND xvfb is earlier than 1.1.1-21etch2 AND xnest is earlier than 1.1.1-21etch2 AND libxfont1 is earlier than 1.2.2-2.etch1 AND xserver-xephyr is earlier than 1.1.1-21etch2 AND libxfont-dev is earlier than 1.2.2-2.etch1 AND xdmx-tools is earlier than 1.1.1-21etch2 OR Release section Debian GNU/Linux 3.1 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section xfree86-common is earlier than 4.3.0.dfsg.1-14sarge7 AND pm-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND x-window-system is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs-data is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-100dpi is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-base is earlier than 4.3.0.dfsg.1-14sarge7 AND xspecs is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-scalable is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-75dpi is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs-pic is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-cyrillic is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa3-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-100dpi-transcoded is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-base-transcoded is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xfonts-75dpi-transcoded is earlier than 4.3.0.dfsg.1-14sarge7 AND x-dev is earlier than 4.3.0.dfsg.1-14sarge7 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section libxtrap-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxtst6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libdps1-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND lbxproxy is earlier than 4.3.0.dfsg.1-14sarge7 AND libxext6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxi-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxt-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa3 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxv-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxmuu-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-gl-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxv1 is earlier than 4.3.0.dfsg.1-14sarge7 AND xfs is earlier than 4.3.0.dfsg.1-14sarge7 AND libice6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libsm6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxtrap6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxaw6-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxtrap6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxaw6 is earlier than 4.3.0.dfsg.1-14sarge7 AND xbase-clients is earlier than 4.3.0.dfsg.1-14sarge7 AND xfwp is earlier than 4.3.0.dfsg.1-14sarge7 AND xmh is earlier than 4.3.0.dfsg.1-14sarge7 AND libxpm4 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxmu6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-gl is earlier than 4.3.0.dfsg.1-14sarge7 AND libice6 is earlier than 4.3.0.dfsg.1-14sarge7 AND twm is earlier than 4.3.0.dfsg.1-14sarge7 AND xutils is earlier than 4.3.0.dfsg.1-14sarge7 AND libxpm-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxi6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxaw7-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxrandr2-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxmuu1-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND proxymngr is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-glu-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libx11-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xserver-common is earlier than 4.3.0.dfsg.1-14sarge7 AND libx11-6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxrandr2 is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs-static-pic is earlier than 4.3.0.dfsg.1-14sarge7 AND libxext-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libice-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxaw7 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxft1 is earlier than 4.3.0.dfsg.1-14sarge7 AND xdm is earlier than 4.3.0.dfsg.1-14sarge7 AND xterm is earlier than 4.3.0.dfsg.1-14sarge7 AND libxext6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libx11-6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxmu6 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxaw7-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libdps-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libsm6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-glu is earlier than 4.3.0.dfsg.1-14sarge7 AND libxmuu1 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxmu-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxaw6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxt6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxt6 is earlier than 4.3.0.dfsg.1-14sarge7 AND x-window-system-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxp6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxp-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibs-static-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxpm4-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xvfb is earlier than 4.3.0.dfsg.1-14sarge7 AND libxtst-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libxp6 is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-gl-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xnest is earlier than 4.3.0.dfsg.1-14sarge7 AND libxv1-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libdps1 is earlier than 4.3.0.dfsg.1-14sarge7 AND libxft1-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxtst6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxi6-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND libxrandr-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-glu-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND libsm-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND x-window-system-core is earlier than 4.3.0.dfsg.1-14sarge7 OR Architecture dependent section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is ia64 AND Installed architecture is alpha AND Packages section xlibosmesa-dev is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-dri is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibosmesa4 is earlier than 4.3.0.dfsg.1-14sarge7 AND xserver-xfree86 is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibmesa-dri-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xserver-xfree86-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xlibosmesa4-dbg is earlier than 4.3.0.dfsg.1-14sarge7 OR Supported platform section Installed architecture is arm AND Packages section xserver-xfree86-dbg is earlier than 4.3.0.dfsg.1-14sarge7 AND xserver-xfree86 is earlier than 4.3.0.dfsg.1-14sarge7

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:8106

Definition Id: oval:org.mitre.oval:def:7692

Oval ID:	oval:org.mitre.oval:def:7692
Title:	Debian GNU/Linux 3.1 is installed
Description:	Debian GNU/Linux 3.1 (sarge) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:3.1	Version:	7
Platform(s):	Debian GNU/Linux 3.1	Product(s):
Definition Synopsis:
Debian GNU/Linux 3.1 is installed
Referenced By:
oval:org.mitre.oval:def:8106

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0588s

Facebook rss twitter linkedin mail