Slackware Advisory SSA:2004-043-02 XFree86 Security Update Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2004-043-02.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-043-02

Insight

New XFree86 base packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix overflows which could possibly be exploited to gain unauthorized root access. All sites running XFree86 should upgrade to the new package. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0106

Severity

Classification

CVE CVE-2004-0083, CVE-2004-0084, CVE-2004-0106

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2003-253-01 security issues in pine
Slackware Advisory SSA:2004-119-01 kernel security updates
Slackware Advisory SSA:2003-273-01 OpenSSL security update
Slackware Advisory SSA:2005-251-01 kcheckpass in kdebase
Slackware Advisory SSA:2003-149-01 CUPS DoS vulnerability fixed

Slackware Advisory SSA:2004-043-02 XFree86 security update

Take action and discover your vulnerabilities