Download
| Alert*
oval:org.secpod.oval:def:704361
xorg-server: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server X.Org X server could be made to overwrite files as the administrator. oval:org.secpod.oval:def:51152 xorg-server: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server X.Org X server could be made to overwrite files as the administrator. oval:org.secpod.oval:def:53450 Narendra Shinde discovered that incorrect command-line parameter validation in the Xorg X server may result in arbitary file overwrite, which can result in privilege escalation. oval:org.secpod.oval:def:205121 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * xorg-x11-server: Incorrect permission check in Xorg X server allows for privilege escalation For more details a ... oval:org.secpod.oval:def:603556 Narendra Shinde discovered that incorrect command-line parameter validation in the Xorg X server may result in arbitary file overwrite, which can result in privilege escalation. oval:org.secpod.oval:def:502386 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * xorg-x11-server: Incorrect permission check in Xorg X server allows for privilege escalation For more details a ... oval:org.secpod.oval:def:1801222 In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. Fixed in Ve ... oval:org.secpod.oval:def:205042 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix: * xorg-x11-server: Incorrect permission check in Xorg X server allows for privilege escalation For more details a ... oval:org.secpod.oval:def:115427 X.Org X11 X server oval:org.secpod.oval:def:115294 X.Org X11 X server oval:org.secpod.oval:def:89002325 This update for xorg-x11-server provides the following fix: Security issue fixed: - CVE-2018-14665: Local attackers could overwrite system files in any directory using the -logfile option and gain privileges Non security issues fixed: - Do not write past the allocated buffer oval:org.secpod.oval:def:89049675 This update for xorg-x11-server fixes the following issues: - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges oval:org.secpod.oval:def:1502378 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2103389 A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root pr ... oval:org.secpod.oval:def:1100525 The remote host is missing a patch containing a security fix, which affects the following packages: X11.base.rte. For more information please visit vendor advisory link. |