Debian Security Advisory DSA 3095-1 (xorg-server - Security Update) Network Vulnerability

Summary

Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service.

Solution

For the stable distribution (wheezy), these problems have been fixed in version 1.12.4-6+deb7u5. For the upcoming stable distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 2:1.16.2.901-1. We recommend that you upgrade your xorg-server packages.

Insight

The Xorg X server is an X server for several architectures and operating systems, which is derived from the XFree86 4.x series of X servers.

Affected

xorg-server on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2014/dsa-3095.html

Updated on 2015-03-25

Severity

Classification

CVE	CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102

CVSS	Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 3095-1 (xorg-server - security update)

Take action and discover your vulnerabilities