Vulnerabilities > CVE-2007-6429 - Race Condition vulnerability in X.Org Evi, Mit-Shm and Xserver
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leveraging Race Conditions This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
- Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_XORG-X11-LIBS-4860.NASL description This update fixes various Xserver security issues. File existence disclosure vulnerability. (CVE-2007-5958) XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760]. PCF font parser vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 30041 published 2008-01-21 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30041 title SuSE 10 Security Update : X11 libs and server (ZYPP Patch Number 4860) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(30041); script_version ("1.19"); script_cvs_date("Date: 2019/10/25 13:36:33"); script_cve_id("CVE-2007-5760", "CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429"); script_name(english:"SuSE 10 Security Update : X11 libs and server (ZYPP Patch Number 4860)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update fixes various Xserver security issues. File existence disclosure vulnerability. (CVE-2007-5958) XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760]. PCF font parser vulnerability." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-5760.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-5958.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-6427.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-6428.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-6429.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 4860."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(189, 200, 362, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/01/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/01/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:1, reference:"xorg-x11-libs-6.9.0-50.54.5")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"xorg-x11-server-6.9.0-50.54.5")) flag++; if (rpm_check(release:"SLED10", sp:1, cpu:"x86_64", reference:"xorg-x11-libs-32bit-6.9.0-50.54.5")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"xorg-x11-libs-6.9.0-50.54.5")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"xorg-x11-server-6.9.0-50.54.5")) flag++; if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"xorg-x11-libs-32bit-6.9.0-50.54.5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37972.NASL description s700_800 11.23 Xserver cumulative patch : Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 34737 published 2008-11-11 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34737 title HP-UX PHSS_37972 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_37972. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(34737); script_version("1.17"); script_cvs_date("Date: 2019/07/10 16:04:14"); script_cve_id("CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6429", "CVE-2008-0006", "CVE-2008-1377", "CVE-2008-1379"); script_bugtraq_id(27350, 27351, 27352, 27353, 27356, 29666, 29669); script_xref(name:"HP", value:"emr_na-c01543321"); script_xref(name:"HP", value:"HPSBUX02381"); script_xref(name:"HP", value:"SSRT080083"); script_name(english:"HP-UX PHSS_37972 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 Xserver cumulative patch : Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a1fab10d" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_37972 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(119, 189, 200, 362, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/01/18"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHSS_37972 applies to a different OS release."); } patches = make_list("PHSS_37972", "PHSS_39257", "PHSS_40810", "PHSS_41260"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"Xserver.AGRM", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.DDX-ADVANCED", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.DDX-ENTRY", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.DDX-LOAD", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.DDX-SAM", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.DDX-SLS", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.DDX-UTILS", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.OEM-SERVER", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.OEM-SERVER-PA", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.X11-SERV", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.X11-SERV-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-DBE", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-DBE-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-DPMS", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-DPMS-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-HPCR", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-HPCR-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-MBX", version:"B.11.23")) flag++; if (hpux_check_patch(app:"Xserver.XEXT-RECORD", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-025.NASL description An input validation flaw was found in the X.org server last seen 2020-06-01 modified 2020-06-02 plugin id 37710 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37710 title Mandriva Linux Security Advisory : x11-server-xgl (MDVSA-2008:025) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2008:025. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(37710); script_version ("1.20"); script_cvs_date("Date: 2019/08/02 13:32:50"); script_cve_id("CVE-2007-5760", "CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429"); script_bugtraq_id(27350, 27351, 27353, 27354, 27355, 27356); script_xref(name:"MDVSA", value:"2008:025"); script_name(english:"Mandriva Linux Security Advisory : x11-server-xgl (MDVSA-2008:025)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Mandriva Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "An input validation flaw was found in the X.org server's XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-5760). A flaw was found in the X.org server's XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user (CVE-2007-5958). A memory corruption flaw was found in the X.org server's XInput extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-6427). An information disclosure flaw was found in the X.org server's TOG-CUP extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially view arbitrary memory content within the X.org server's address space (CVE-2007-6428). Two integer overflow flaws were found in the X.org server's EVI and MIT-SHM modules that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server (CVE-2007-6429). The updated packages have been patched to correct these issues." ); script_set_attribute( attribute:"solution", value:"Update the affected x11-server-xgl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(189, 200, 362, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xgl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/01/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xgl-0.0.1-0.20060714.11.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xgl-0.0.1-0.20070105.4.3mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xgl-0.0.1-0.20070917.2.1mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Scientific Linux Local Security Checks NASL id SL_20080117_XORG_X11_SERVER_ON_SL5_X.NASL description Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 60348 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60348 title Scientific Linux Security Update : xorg-x11-server on SL5.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60348); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:17"); script_cve_id("CVE-2007-5760", "CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429"); script_name(english:"Scientific Linux Security Update : xorg-x11-server on SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Two integer overflow flaws were found in the X.Org server's EVI and MIT-SHM modules. A malicious authorized client could exploit these issues to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6429) A memory corruption flaw was found in the X.Org server's XInput extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6427) An input validation flaw was found in the X.Org server's XFree86-Misc extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-5760) An information disclosure flaw was found in the X.Org server's TOG-CUP extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially view arbitrary memory content within the X server's address space. (CVE-2007-6428) A flaw was found in the X.Org server's XC-SECURITY extension, that could have allowed a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user. (CVE-2007-5958)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0801&L=scientific-linux-errata&T=0&P=1227 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ce21d06a" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(189, 200, 362, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/01/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4")) flag++; if (rpm_check(release:"SL5", reference:"xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4")) flag++; if (rpm_check(release:"SL5", reference:"xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4")) flag++; if (rpm_check(release:"SL5", reference:"xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4")) flag++; if (rpm_check(release:"SL5", reference:"xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4")) flag++; if (rpm_check(release:"SL5", reference:"xorg-x11-server-sdk-1.1.1-48.26.el5_1.4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-023.NASL description An input validation flaw was found in the X.org server last seen 2020-06-01 modified 2020-06-02 plugin id 37567 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/37567 title Mandriva Linux Security Advisory : x11-server (MDVSA-2008:023) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2008:023. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(37567); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:50"); script_cve_id("CVE-2007-5760", "CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429", "CVE-2008-0006"); script_xref(name:"MDVSA", value:"2008:023"); script_name(english:"Mandriva Linux Security Advisory : x11-server (MDVSA-2008:023)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An input validation flaw was found in the X.org server's XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-5760). A flaw was found in the X.org server's XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user (CVE-2007-5958). A memory corruption flaw was found in the X.org server's XInput extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-6427). An information disclosure flaw was found in the X.org server's TOG-CUP extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially view arbitrary memory content within the X.org server's address space (CVE-2007-6428). Two integer overflow flaws were found in the X.org server's EVI and MIT-SHM modules that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server (CVE-2007-6429). The updated packages have been patched to correct these issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(119, 189, 200, 362, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xati"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xchips"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xdmx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xephyr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xepson"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xfake"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xfbdev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xi810"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xmach64"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xmga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xneomagic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xnest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xnvidia"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xorg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xpm2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xprt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xr128"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xsdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xsmi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xvesa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xvfb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xvia"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:x11-server-xvnc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/01/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2007.0", reference:"x11-server-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-common-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-devel-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xati-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xchips-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xdmx-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xephyr-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xepson-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xfake-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xfbdev-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xi810-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xmach64-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xmga-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xneomagic-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xnest-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xnvidia-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xorg-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xpm2-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xprt-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xr128-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xsdl-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xsmi-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xvesa-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"x11-server-xvfb-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"x11-server-xvia-1.1.1-12.3mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-common-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-devel-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xati-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xchips-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xdmx-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xephyr-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xepson-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xfake-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xfbdev-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xi810-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xmach64-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xmga-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xneomagic-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xnest-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xnvidia-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xorg-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xpm2-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xprt-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xr128-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xsdl-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xsmi-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xvesa-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xvfb-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"x11-server-xvia-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"x11-server-xvnc-1.2.0-9.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-common-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-devel-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xati-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xchips-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xdmx-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xephyr-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xepson-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xfake-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xfbdev-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xi810-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xmach64-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xmga-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xneomagic-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xnest-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xnvidia-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xorg-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xpm2-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xr128-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xsdl-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xsmi-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xvesa-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xvfb-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"x11-server-xvia-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"x11-server-xvnc-1.3.0.0-24.1mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_118908.NASL description X11 6.7.0_x86: Xorg patch. Date this patch was last updated by Sun : Sep/23/08 last seen 2020-06-01 modified 2020-06-02 plugin id 23609 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23609 title Solaris 9 (x86) : 118908-06 NASL family SuSE Local Security Checks NASL id SUSE_NX-4952.NASL description This update fixes various Xserver security issues that are also present in NX : XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. last seen 2020-06-01 modified 2020-06-02 plugin id 30121 published 2008-01-29 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30121 title openSUSE 10 Security Update : NX (NX-4952) NASL family Solaris Local Security Checks NASL id SOLARIS10_125719-54.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Oct/13/14 last seen 2020-06-01 modified 2020-06-02 plugin id 107436 published 2018-03-12 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107436 title Solaris 10 (sparc) : 125719-54 NASL family Fedora Local Security Checks NASL id FEDORA_2008-0760.NASL description CVE-2007-5760: XFree86-Misc Extension Invalid Array Index Vulnerability CVE-2007-5958: Xorg / XFree86 file existence disclosure vulnerability CVE-2007-6427: XInput Extension Memory Corruption Vulnerability CVE-2007-6428: TOG-CUP Extension Memory Corruption Vulnerability CVE-2007-6429: EVI and MIT-SHM Extension Integer Overflow Vulnerability CVE-2008-0006: PCF Font Vulnerability - this patch isn last seen 2020-06-01 modified 2020-06-02 plugin id 30073 published 2008-01-27 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30073 title Fedora 8 : xorg-x11-server-1.3.0.0-39.fc8 (2008-0760) NASL family Solaris Local Security Checks NASL id SOLARIS10_125719-56.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Nov/12/15 last seen 2020-06-01 modified 2020-06-02 plugin id 107438 published 2018-03-12 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107438 title Solaris 10 (sparc) : 125719-56 NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0029.NASL description From Red Hat Security Advisory 2008:0029 : Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Two integer overflow flaws were found in the XFree86 server last seen 2020-06-01 modified 2020-06-02 plugin id 67634 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67634 title Oracle Linux 3 : XFree86 (ELSA-2008-0029) NASL family SuSE Local Security Checks NASL id SUSE_XGL-5100.NASL description This update fixes several integer overflows in Xgl. (CVE-2007-6429 / CVE-2007-1003 / CVE-2007-5958 / CVE-2007-6427 / CVE-2007-6428 / CVE-2007-6429 / CVE-2008-0006) last seen 2020-06-01 modified 2020-06-02 plugin id 31780 published 2008-04-04 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31780 title SuSE 10 Security Update : Xgl (ZYPP Patch Number 5100) NASL family Solaris Local Security Checks NASL id SOLARIS10_125719-60.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Nov/04/19 last seen 2020-06-01 modified 2020-06-02 plugin id 130509 published 2019-11-05 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130509 title Solaris 10 (sparc) : 125719-60 NASL family Fedora Local Security Checks NASL id FEDORA_2008-0831.NASL description CVE-2007-5760: XFree86-Misc Extension Invalid Array Index Vulnerability CVE-2007-5958: Xorg / XFree86 file existence disclosure vulnerability CVE-2007-6427: XInput Extension Memory Corruption Vulnerability CVE-2007-6428: TOG-CUP Extension Memory Corruption Vulnerability CVE-2007-6429: EVI and MIT-SHM Extension Integer Overflow Vulnerability CVE-2008-0006: PCF Font Vulnerability - this patch isn last seen 2020-06-01 modified 2020-06-02 plugin id 30076 published 2008-01-27 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30076 title Fedora 7 : xorg-x11-server-1.3.0.0-15.fc7 (2008-0831) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0029.NASL description Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Two integer overflow flaws were found in the XFree86 server last seen 2020-06-01 modified 2020-06-02 plugin id 30022 published 2008-01-21 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30022 title CentOS 3 : XFree86 (CESA-2008:0029) NASL family Solaris Local Security Checks NASL id SOLARIS10_125719-55.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Jul/13/15 last seen 2020-06-01 modified 2020-06-02 plugin id 107437 published 2018-03-12 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107437 title Solaris 10 (sparc) : 125719-55 NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0031.NASL description Updated xorg-x11-server packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. X.Org is an open source implementation of the X Window System. It provides basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 43668 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43668 title CentOS 5 : xorg-x11-server (CESA-2008:0031) NASL family Solaris Local Security Checks NASL id SOLARIS10_125719-42.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Nov/28/11 last seen 2020-06-01 modified 2020-06-02 plugin id 107435 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107435 title Solaris 10 (sparc) : 125719-42 NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2008-002.NASL description The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-002 applied. This update contains several security fixes for a number of programs. last seen 2020-06-01 modified 2020-06-02 plugin id 31605 published 2008-03-19 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31605 title Mac OS X Multiple Vulnerabilities (Security Update 2008-002) NASL family SuSE Local Security Checks NASL id SUSE9_12043.NASL description This update fixes various Xserver security issues. - File existence disclosure vulnerability. (CVE-2007-5958) - XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. - TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. - EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. - MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. - XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760]. - PCF font parser vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 41183 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41183 title SuSE9 Security Update : XFree86-Xnest (YOU Patch Number 12043) NASL family Scientific Linux Local Security Checks NASL id SL_20080118_XFREE86_ON_SL3.NASL description Two integer overflow flaws were found in the XFree86 server last seen 2020-06-01 modified 2020-06-02 plugin id 60349 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60349 title Scientific Linux Security Update : XFree86 on SL3.x i386/x86_64 NASL family Solaris Local Security Checks NASL id SOLARIS10_125719-57.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Mar/09/17 last seen 2020-06-01 modified 2020-06-02 plugin id 107439 published 2018-03-12 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107439 title Solaris 10 (sparc) : 125719-57 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-571-2.NASL description USN-571-1 fixed vulnerabilities in X.org. The upstream fixes were incomplete, and under certain situations, applications using the MIT-SHM extension (e.g. Java, wxWidgets) would crash with BadAlloc X errors. This update fixes the problem. We apologize for the inconvenience. Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. (CVE-2007-5760, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429) It was discovered that the X.org server did not use user privileges when attempting to open security policy files. Local attackers could exploit this to probe for files in directories they would not normally be able to access. (CVE-2007-5958) It was discovered that the PCF font handling code did not correctly validate the size of fonts. An authenticated attacker could load a specially crafted font and gain additional privileges. (CVE-2008-0006). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 30042 published 2008-01-21 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30042 title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : xorg-server regression (USN-571-2) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0031.NASL description From Red Hat Security Advisory 2008:0031 : Updated xorg-x11-server packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. X.Org is an open source implementation of the X Window System. It provides basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 67636 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67636 title Oracle Linux 5 : xorg-x11-server (ELSA-2008-0031) NASL family SuSE Local Security Checks NASL id SUSE_XORG-X11-XNEST-4875.NASL description This update fixes various Xserver security issues. File existence disclosure vulnerability. (CVE-2007-5958) XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760]. PCF font parser vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 30040 published 2008-01-21 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30040 title SuSE 10 Security Update : xorg-x11-Xnest (ZYPP Patch Number 4875) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_38840.NASL description s700_800 11.31 Xserver cumulative patch : Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 34738 published 2008-11-11 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34738 title HP-UX PHSS_38840 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2) NASL family Scientific Linux Local Security Checks NASL id SL_20080117_XORG_X11_ON_SL4_X.NASL description Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 60347 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60347 title Scientific Linux Security Update : xorg-x11 on SL4.x i386/x86_64 NASL family Solaris Local Security Checks NASL id SOLARIS10_125719.NASL description X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 125719 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 26989 published 2007-10-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=26989 title Solaris 10 (sparc) : 125719-58 (deprecated) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0031.NASL description Updated xorg-x11-server packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. X.Org is an open source implementation of the X Window System. It provides basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 30003 published 2008-01-18 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30003 title RHEL 5 : xorg-x11-server (RHSA-2008:0031) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0030.NASL description Updated xorg-x11 packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. The xorg-x11 packages contain X.Org, an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 30002 published 2008-01-18 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30002 title RHEL 4 : xorg-x11 (RHSA-2008:0030) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0030.NASL description From Red Hat Security Advisory 2008:0030 : Updated xorg-x11 packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. The xorg-x11 packages contain X.Org, an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 67635 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67635 title Oracle Linux 4 : xorg-x11 (ELSA-2008-0030) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_34392.NASL description s700_800 11.11 Xserver cumulative patch : Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 34736 published 2008-11-11 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34736 title HP-UX PHSS_34392 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0030.NASL description Updated xorg-x11 packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. The xorg-x11 packages contain X.Org, an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server last seen 2020-06-01 modified 2020-06-02 plugin id 43667 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43667 title CentOS 4 : xorg-x11 (CESA-2008:0030) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0029.NASL description Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Two integer overflow flaws were found in the XFree86 server last seen 2020-06-01 modified 2020-06-02 plugin id 30001 published 2008-01-18 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30001 title RHEL 2.1 / 3 : XFree86 (RHSA-2008:0029) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_FE2B6597C9A411DC8DA80008A18A9961.NASL description Matthieu Herrb of X.Org reports : Several vulnerabilities have been identified in server code of the X window system caused by lack of proper input validation on user controlled data in various parts of the software, causing various kinds of overflows. Exploiting these overflows will crash the X server or, under certain circumstances allow the execution of arbitrary machine code. When the X server is running with root privileges (which is the case for the Xorg server and for most kdrive based servers), these vulnerabilities can thus also be used to raise privileges. All these vulnerabilities, to be exploited succesfully, require either an already established connection to a running X server (and normally running X servers are only accepting authenticated connections), or a shell access with a valid user on the machine where the vulnerable server is installed. last seen 2020-06-01 modified 2020-06-02 plugin id 30088 published 2008-01-27 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30088 title FreeBSD : xorg -- multiple vulnerabilities (fe2b6597-c9a4-11dc-8da8-0008a18a9961) NASL family SuSE Local Security Checks NASL id SUSE_XORG-X11-XNEST-4859.NASL description This update fixes various Xserver security issues. File existence disclosure vulnerability (CVE-2007-5958). XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760]. PCF font parser vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 30017 published 2008-01-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30017 title openSUSE 10 Security Update : xorg-x11-Xnest (xorg-x11-Xnest-4859) NASL family SuSE Local Security Checks NASL id SUSE_XGL-5099.NASL description This update fixes several integer overflows in Xgl (CVE-2007-6429, CVE-2007-1003, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006) last seen 2020-06-01 modified 2020-06-02 plugin id 31779 published 2008-04-04 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31779 title openSUSE 10 Security Update : xgl (xgl-5099) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1466.NASL description The X.org fix for CVE-2007-6429 introduced a regression in the MIT-SHM extension, which prevented the start of a few applications. This update provides updated packages for the xfree86 version included in Debian old stable (sarge) in addition to the fixed packages for Debian stable (etch), which were provided in DSA 1466-2. For reference the original advisory text below : Several local vulnerabilities have been discovered in the X.Org X server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5760 last seen 2020-06-01 modified 2020-06-02 plugin id 30059 published 2008-01-27 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30059 title Debian DSA-1466-1 : xorg-server - several vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE9_12040.NASL description This update fixes various Xserver security issues. - File existence disclosure vulnerability. (CVE-2007-5958) - XInput Extension Memory Corruption Vulnerability [IDEF2888 CVE-2007-6427]. - TOG-CUP Extension Memory Corruption Vulnerability [IDEF2901 CVE-2007-6428]. - EVI Extension Integer Overflow Vulnerability [IDEF2902 CVE-2007-6429]. - MIT-SHM Extension Integer Overflow Vulnerability [IDEF2904 CVE-2007-6429]. - XFree86-MISC Extension Invalid Array Index Vulnerability [IDEF2903 CVE-2007-5760]. - PCF font parser vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 41182 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41182 title SuSE9 Security Update : XFree86-libs (YOU Patch Number 12040) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200801-09.NASL description The remote host is affected by the vulnerability described in GLSA-200801-09 (X.Org X server and Xfont library: Multiple vulnerabilities) regenrecht reported multiple vulnerabilities in various X server extension via iDefense: The XFree86-Misc extension does not properly sanitize a parameter within a PassMessage request, allowing the modification of a function pointer (CVE-2007-5760). Multiple functions in the XInput extension do not properly sanitize client requests for swapping bytes, leading to corruption of heap memory (CVE-2007-6427). Integer overflow vulnerabilities in the EVI extension and in the MIT-SHM extension can lead to buffer overflows (CVE-2007-6429). The TOG-CUP extension does not sanitize an index value in the ProcGetReservedColormapEntries() function, leading to arbitrary memory access (CVE-2007-6428). A buffer overflow was discovered in the Xfont library when processing PCF font files (CVE-2008-0006). The X server does not enforce restrictions when a user specifies a security policy file and attempts to open it (CVE-2007-5958). Impact : Remote attackers could exploit the vulnerability in the Xfont library by enticing a user to load a specially crafted PCF font file resulting in the execution of arbitrary code with the privileges of the user running the X server, typically root. Local attackers could exploit this and the vulnerabilities in the X.org extensions to gain elevated privileges. If the X server allows connections from the network, these vulnerabilities could be exploited remotely. A local attacker could determine the existence of arbitrary files by exploiting the last vulnerability or possibly cause a Denial of Service. Workaround : Workarounds for some of the vulnerabilities can be found in the X.Org security advisory as listed under References. last seen 2020-06-01 modified 2020-06-02 plugin id 30033 published 2008-01-21 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30033 title GLSA-200801-09 : X.Org X server and Xfont library: Multiple vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-571-1.NASL description Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. (CVE-2007-5760, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429) It was discovered that the X.org server did not use user privileges when attempting to open security policy files. Local attackers could exploit this to probe for files in directories they would not normally be able to access. (CVE-2007-5958) It was discovered that the PCF font handling code did not correctly validate the size of fonts. An authenticated attacker could load a specially crafted font and gain additional privileges. (CVE-2008-0006). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 30019 published 2008-01-18 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/30019 title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libxfont, xorg-server vulnerabilities (USN-571-1)
Oval
| accepted | 2013-04-29T04:11:02.244-04:00 | ||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||
| description | Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. | ||||||||||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:11045 | ||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||||||||||
| title | Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. | ||||||||||||||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 27350,27353 CVE(CAN) ID: CVE-2007-6429 Xorg X Server是Solaris x86平台上可用的X窗口系统显示服务器之一。 Xorg X Server的MIT-SHM扩展中负责在共享内存中创建位图的方式存在整数溢出漏洞。在分配位图的时候,服务器使用了来自请求的值验证所请求的大小没有大于所分配的共享内存。这个计算可能溢出,导致覆盖内存中的任意地址。 Xorg X Server的EVI扩展中负责处理GetVisualInfo请求的代码存在另一个整数溢出。在处理这个请求时,服务器在计算所要分配的动态缓冲区字节数的运算中使用了客户端所提供的32位值。这个运算可能溢出,导致之后溢出缓冲区。 如果将X服务器配置为监听基于TCP的客户端连接的话,且客户端可以创建会话,这些漏洞就可以被远程利用。 X.org xorg-server < 1.4.1 临时解决方法: * 如果服务器中没有内嵌MIT-SHM扩展的话,可在X配置文件(通常为/etc/X11/xorg.conf)中注入以下内容防止加载该模块: Section "Module" SubSection "extmod" Option "omit Extended-Visual-Information" Option "omit MIT-SHM" EndSubSection EndSection 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1466-1)以及相应补丁: DSA-1466-1:New xorg-server packages fix several vulnerabilities 链接:<a href=http://www.debian.org/security/2008/dsa-1466 target=_blank>http://www.debian.org/security/2008/dsa-1466</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge6.diff.gz target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge6.diff.gz</a> Size/MD5 checksum: 3704067 b679c2b8259208bebfc85d9e7e4ebd27 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz</a> Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge6.dsc target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge6.dsc</a> Size/MD5 checksum: 2642 1e8a3fcaa1f77022201ab8118b880c81 Architecture independent packages: <a href=http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 159048 75947ee71283a1983ce250f59ce46575 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 1204156 f1639fb7e69dc13dbc2505c0f5489241 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 901298 d9751c8d4a8800e75f59403efbaa6739 <a href=http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 159754 3a22ba17bf64e1a6ad04c642414989eb <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 541542 fe79c0e2d27eff769252081e9b16f749 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 907238 433e7efb0c7a9d616d71ad13d7d02c70 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 5490948 1d83706ae8d515c006afd4ded114b48f <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 158912 1526a5608ac9219097dfbb514bc44438 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 158874 86ce48140db418ed12d1311014bdb682 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 815908 f8df1e951ba0e03c4547882b383d97ab <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 3841206 fa8f67aa1008ecd124a1a11ca8702d06 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 7073312 9a1a228f3107289bbaf00498f7310e95 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 158966 e6fe8e8512a239ecce202fe31f88e9c7 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 4363428 ed79be1a2bad65f0f604ff07c6c5e537 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 5835606 0efce8dbea269b497d42f454db330a8c <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 158960 ca6fb9354fa4ffca3c7acf392808100d <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 427058 17c1f69f648f0c4b68fabd66e785dc58 <a href=http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 216792 310acc2c06c7e64f5cf516f5611bec2f <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 8196490 77301933b09282b1176653e0e6f14376 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge6_all.deb</a> Size/MD5 checksum: 158898 1934a60228b2d7910efd175fe557c539 alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 206498 d92d7757e849a1edd88971ac6a5c6e2b <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 4559206 b3d3e891d564a33e213ecb06e9be4ac8 <a href=http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 285248 fc0bf5755b259660f48d28e8cccf4465 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 2376668 a31752712aa83fd1fb7d3b90eb17a119 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 185196 59a194554930152141f5e784689ab7fa <a href=http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 327454 08da64ce223de0c0ac7787181d125740 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 576394 99a9aa9976c5b7da3416bcbec36f8526 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 412240 811a59aa19837f52dc068c38a11ced13 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 33948402 e9809cfbe777b52f58d4d2ab86449476 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 393374 2a51da5c202d9c6eb05030295b5284eb <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 680416 95d459e4586d3f5494ee33d2fb84c031 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 523090 b8cdc3f42cbab12683f3f7895851db4f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 188168 7b86786e3a2510388015094845ff0b05 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 165016 35049edb7a074ebffacd3962a208ca8a <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1150896 c56c778ea50df0f23de1b8ec36490876 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 6597196 116ae1313de006692dacee5ba2609ec4 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 210422 7a38033d5e9f0b903b2b60853e715e4f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 172890 01f118f956895cc5ce8c253b3cdacf5d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 203396 bfcb8e9e65a0316bbb4c780d8a6e39a2 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 196730 57a32bfb07db9854b97d7803dbfe1757 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1007404 f33d7a57882aed918e2dae064c1c01a9 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 204816 919a41c2f140b766ac375ca651bea0fe <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 241106 b0098f8f0d939bb7ad2abdddcf17c8f1 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 523180 d0e6f976f0698d928e38814944e85f2a <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1587370 a03b461b506abd1ac1454910d5230910 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 178248 055bd7a7ac6c6d345af7dc5ad989fbbe <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 9805316 8fabd125c2081e6e6ac2b3de3582d2b0 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 313698 f1acd0973fcfa561e1c78cdd1e2706b5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1100898 6f1b6023854b54ec18fc05b8e76f6eaf <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 254092 28ba1bd8feaeb63cc505c50ba860601d <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 490290 398f38e0f3a95975a1a8b60f2284a9a0 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 816910 21af6e7475b5dce622f524062002d47f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 176762 fa8071afb8745490bafe43ea20f872a5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 383002 64809a5a5d9ba734b682a9c23036bd3a <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 601112 bbc11c070d1b0d2dcfb93767e201a127 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 173204 e4cca9e35bcfd8fc24e5cc8d1783652e <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 183362 082e0e51324d616fd06dec6b19d74b5f <a href=http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 159004 467b5a3943839705554c452ea62d1438 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1183078 ab84689be133a69a9ac959568ee7ca26 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 2272294 e95739eb8900f349283aadb91e1a5cc2 <a href=http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 289886 2867c342e15d5161db37ff6b48cd4f81 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 174706 9615f6958e8867e7dd7485d02588f080 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 194004 4da587afc0bab9b70b3a58e163dc2810 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1339752 90c983facf0f4e9a045d1a2c1a8f0f4d <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 4641194 ad0f4f8eb324f91f14cf0a8c0ff1a4c5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 245274 ca88f897a1b4aa27c364c1026ab605f2 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 522658 e5b2c7eceff644a2bbf49ca24ce5bd47 <a href=http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 185286 f6fd48184b740eb59d42c2e4f2eeb287 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 351486 ef22c8adf6e6245db8dc62650a27564f <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1114868 89cdcbf88dfbf82a7a389ac43e19a4c5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 159052 2999d3c77f8ea24d9f29b5089a5466ec <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 441420 c4d1175f40974cd9148e7ca0161774aa <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 45042236 e2686df24f4c41fac42905d1dbf50bf5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 537746 82fa04c5208b1c9e26669f2fc867dbaa <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 934384 462112cc4d20c98cbf470343e8505683 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 210276 4c082c7b733bc042535689090f62227d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 184736 35b128c2a5f48801f6792a9292fa0750 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 811868 bb042a4b270d82046c137728bedeede3 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 158798 54c473dce4a2f7fc99b1558f659b40f5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 361500 b57c91a0a09a64f213a1b6bbda67e102 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 192050 44cfa0362870a0623132ff26db23ddbd <a href=http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 247242 4a7fd08c17991d5593b5f2ccaa2aca83 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 186562 e6ca1fa3b39d252add88665517ac10f1 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 332012 e727ff6f70dde85c2f99eed7e312e87d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 230856 31c29f3cb3d7718ca6636210ad246de7 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1034468 2568a94c2b8739d335bb0bb7aec5cf12 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 816354 9d5fcaa6ee8df5be413ef0765d0d2f5c <a href=http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 2089744 4d01c64582570a93d7a09efc7ac60225 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 241778 4bb5c627640798a67b9bd2c5841c87a0 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 1576564 df01687536d447a60dbe1be4bc690b6c <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 210186 c82b9190cd6cad15215875852c08a577 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 220004 4edbee904f43930cebbcfdceb3285cb1 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 713494 b373dfe17901594e8d2f1d7be461dccf <a href=http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 550336 533886f26c0029aa71334e12e6506b97 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 173706 8fcd5ebf96768300a3049580a9224a0d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 184746 75bbdda61ce5f4181b6a564c7c7a97ba <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 265432 9ea5c548e4ebcb9ba63ddfcc9a9a5d6b <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 822480 b489259e74b0cb1fd2b1fd6727572d7b <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 481324 50ec19c82c84194a39b70b177d9ba939 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 195958 03c35e4fd014fe0ecc819ece8b4ce7cc <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 317960 c57b6f2e26fef7994865f8e36059cd3f <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 184514 130a81a120901e892335124724c565f8 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 212418 70e2bddb80959c8872ee5c1b7409fb63 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge6_alpha.deb</a> Size/MD5 checksum: 295810 d6cf9150285a34eaaf94e0136eba6172 amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1552428 0fb7630d42b191e70afcc33f47086098 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1317234 c7dffd194e75ca8eae12794817cced14 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 521860 1bd85156eda10070acd975d7a11e903f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 9651662 e98e601a72497dfc682d34c25b80e445 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 789472 6f44ee44014eeba6552193eda9b35571 <a href=http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 159160 f2b66622ab34c63679c55f423340e05a <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 158908 3e655923cc6b2eb4361acccf03cac46b <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 237966 0f2169f123ba8c0aade3a0483a3f6d32 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 476808 084d35424d0f518f62171b941d654d92 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 251732 478d01ab2b7970b4f5ce37e7e3c46150 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 180810 31abc7513851ec0751116aeb1373fe60 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 299610 401b97ad5f1546b018ef18fa02af45ed <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 333886 9ce78f33eee053dcb114e9d8a15043f6 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 904092 2a3d035888c22231605bb5a33ff0e7eb <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 368654 83241f3dd1bd20207f38d12ae77b3ced <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 798420 9ebe5ca5bb71b556787dc23ed977374e <a href=http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 183984 faa94003146a4f5965b3b939187fbf4d <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 400606 51e3d04d4adcb0b80c15032fd0c67928 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 337460 fb945fdf9e3d48ad81cccd8c8db83f01 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 175756 a362cb8f1781c83770c542d39778faba <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 233382 ecdaf0ff8c7fedea5652561f49e13c6d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 289296 4442dfc5efcc7a75fc581a03a63c9e9a <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 460808 5d864ebfa24c521e80a1c2407fad8a19 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 210172 b91d025bcf29835565f7aa8b3ff2da56 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 569784 76f7b4e854d6fa24993cd7887c96e083 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 163768 8b9cd100e173ff7afd61d7d4e8562fda <a href=http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 159108 53359ed314d3e407bdeb580ed6fa2db4 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 193264 217a624c04a05bd2d85a2a54381b07ff <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 440944 f0a0d3218cb327e205d22e4dc44ee391 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 201622 9391b38d6d6b4547e8344cf75ccae52d <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 686926 e6efcc0430f86c541a15eaadc45fc07f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 247806 efd15567fdf283e7d5343c44092c24c4 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 172304 24dc2c03464273a849a540d0ffb3c213 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 209256 cb381fb5980a10bb8cc2d2def5c7f788 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 735560 43388b0977456de0e6f5e119c4e306e0 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 181906 709992100e26fd103612b209a3b67b98 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 890030 eff3dd56cb64e681bdc3af08d1462a1b <a href=http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1621214 cf424bf70fb40a5eb17b04e1074c0ed5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 178716 0213c89e647d0ae1f659379c55cb7b1b <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 197640 3bd863cad32d1c171a573ad620cfbfb5 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 172416 3337ab0f77338d51bd4b49306a8cefe6 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 749750 51dbc507f797aedbaabcba84b10c7301 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 182846 ed89a40b7e7ca731fada4c6d5f6a2479 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 295496 65e957d8cd4328003e303bc53f6c1723 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 182730 c7e28cf8877975764a30b504d07a5ce4 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 236690 48a4f0ec4fc5b8431bbbc551a593641e <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 173862 276c7cfb1b56df3394d9ba173fd6a342 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1123014 43f69f5346a79bd566af80c17177a4db <a href=http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 318550 26ff7f4961c0f191760b9d91d3285434 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 512934 a1f61e9edd3bbb5dfe7bff737d545f9f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1044788 0d577b3cc056170a247dd02d842c2333 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 205710 9fbba79e2fce1de9fd3263b244ff6edd <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 516936 5ec1985ad01f21b462b2bf62678f5738 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 962690 02d50db907f30c1ed79d0c4d8bbb351a <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 172428 8fbc3b6285c23d70a39443d0ac4d88ca <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 441046 054183571bbbac776b2b6781a7c28faf <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 172248 73acc85f5fafd78e8390eb59ea10ada6 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 6039494 11f999b93e4d80b1d1f4d694e0431376 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 180828 87154dbe6c2609df3e951fb8d15ea2eb <a href=http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1764774 26594cdfb19295779bb7ef65b64ace4e <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1421930 0023e572d9733174f505bf33eeae66e0 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 187522 3126aaf77a1d312b25422123ebcf0409 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 367562 d963f20cb8f44df09fd4b9a7e98480dc <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 644510 8527f9f2de307f68cc02aa238c73cd81 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 5696606 ba9049be3efe93cc8d33cf76d68a7a01 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 413470 c92cf918a147d8571c0ac14aa68060ae <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 4203228 6aa08bfcc0e14395c2ff57a82740ef7d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 198256 ca702f6f4ec486ecddf17555415c7036 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 208128 17255c9c0dac66471d632fbbca9b7530 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 226336 0c1d611d47e740d2af659b145c52423e <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 191478 57258d7eb532243bf64e2c9eae70ac37 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 346380 d91546ee6120b3486b740fb2a7f6f435 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 191994 58d5c6947265c5a073d72614886b2341 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 351208 79f4e0b3f9670f6365bd79ecfa3a914c <a href=http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 277700 56311aafc6cd611d56b5a02a6eba4d36 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 212614 907a5d69574e41d587d51ae953c56ad4 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 38019058 f5df291821ab8db93eac74a2c3ba87e8 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 183766 57b090168b1a6a0465edb967d80e3649 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 4490304 bc395201bec262a7ae6a044e04074172 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 663172 11314620651b4f5a485ab952d97e3f42 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 1168626 dc701f299edf0d029faa544e910328c8 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 2084248 1cc06df7b8d8458489c886dd8542c0fc <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 204774 c4d153536719bfe085546659537c0555 <a href=http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge6_amd64.deb</a> Size/MD5 checksum: 262630 e8baedc476475d49c1db2ed67f24c08d arm architecture (ARM) <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 158792 0f02f39da70eca10e4d2954ab14c24ee <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 209236 a1730821586ddb0639f7d26c0e1bc05b <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 204542 2ae4e1397e84475d7e85c8bc892e3d0f <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 412010 44c11070cf4002a8417c83c2062e0eb6 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 180116 daafa80ee3d8fac6d428ad8d3710ecd9 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 201134 d10fb998ae0fe21086fffb8d4dd5963d <a href=http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 255248 18497ca838a47085523fe8d8556fc84f <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 205208 e4229ff22a350ee90a2371778c9086fe <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 471552 bac552f1ea2a7fa8bdbb982961a3ad4b <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 500270 21d8e847357393360212e187d1573e6c <a href=http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 285834 8f1fb4415cfbb060231cd34d42208c26 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 226512 c57c670aeabcd599dbbbfca8be763295 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 181130 eef185f3c2ab02fb859f3fd40250b434 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 276262 5c97d2b704d6ea24b8576a11cfdf2543 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 284292 d89a0621ab99afb8cd3eaaf70950718e <a href=http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 1558118 0a32570ddf76b4e49630b2349de9f245 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 732082 24e8960d96d549fafec477e7a0d8e937 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 1098874 3ea0f00e30d27bab405365bdd78d2469 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 189152 02bf3c4e1f547843e023bf5c2d3e1bf6 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 648612 8d4daaa7dee4fa4cbc2937007b4a693e <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 337778 5064b1e94bcb34f2653bd11634af5ef8 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 180916 922d5f43532808348eeb9fdeaa308604 <a href=http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 189320 688b6eda498b7773cacd2069b25b900c <a href=http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 779790 baf8bca4b8ce909743f40bf6b7b36e04 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 5534356 a6e9da397a0cf9aa7aafade26c8d6a20 <a href=http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge6_arm.deb</a> Size/MD5 checksum: 281352 92c35756991e7f34729c7c493a84657d <a href=http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3 |
| id | SSV:2841 |
| last seen | 2017-11-19 |
| modified | 2008-01-22 |
| published | 2008-01-22 |
| reporter | Root |
| title | X.Org X Server MIT-SHM及EVI扩展整数溢出漏洞 |
References
- http://bugs.gentoo.org/show_bug.cgi?id=204362
- http://docs.info.apple.com/article.html?artnum=307562
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
- http://lists.freedesktop.org/archives/xorg/2008-January/031918.html
- http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
- http://secunia.com/advisories/28273
- http://secunia.com/advisories/28532
- http://secunia.com/advisories/28535
- http://secunia.com/advisories/28536
- http://secunia.com/advisories/28539
- http://secunia.com/advisories/28540
- http://secunia.com/advisories/28542
- http://secunia.com/advisories/28543
- http://secunia.com/advisories/28550
- http://secunia.com/advisories/28584
- http://secunia.com/advisories/28592
- http://secunia.com/advisories/28616
- http://secunia.com/advisories/28693
- http://secunia.com/advisories/28718
- http://secunia.com/advisories/28838
- http://secunia.com/advisories/28843
- http://secunia.com/advisories/28885
- http://secunia.com/advisories/28941
- http://secunia.com/advisories/29139
- http://secunia.com/advisories/29420
- http://secunia.com/advisories/29622
- http://secunia.com/advisories/29707
- http://secunia.com/advisories/30161
- http://secunia.com/advisories/32545
- http://security.gentoo.org/glsa/glsa-200801-09.xml
- http://security.gentoo.org/glsa/glsa-200804-05.xml
- http://securitytracker.com/id?1019232
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1
- http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm
- http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm
- http://www.debian.org/security/2008/dsa-1466
- http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:021
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:022
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:023
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:025
- http://www.openbsd.org/errata41.html#012_xorg
- http://www.openbsd.org/errata42.html#006_xorg
- http://www.redhat.com/support/errata/RHSA-2008-0029.html
- http://www.redhat.com/support/errata/RHSA-2008-0030.html
- http://www.redhat.com/support/errata/RHSA-2008-0031.html
- http://www.securityfocus.com/archive/1/487335/100/0/threaded
- http://www.securityfocus.com/bid/27336
- http://www.securityfocus.com/bid/27350
- http://www.securityfocus.com/bid/27353
- http://www.vupen.com/english/advisories/2008/0179
- http://www.vupen.com/english/advisories/2008/0184
- http://www.vupen.com/english/advisories/2008/0497/references
- http://www.vupen.com/english/advisories/2008/0703
- http://www.vupen.com/english/advisories/2008/0924/references
- http://www.vupen.com/english/advisories/2008/3000
- http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39763
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39764
- https://issues.rpath.com/browse/RPL-2010
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045
- https://usn.ubuntu.com/571-1/
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html