SuSE Update For Xorg-x11-server OpenSUSE-SU-2012:0227-1 (xorg-x11-server) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The X server had two security issues and one bug that is fixed by this update. CVE-2011-4028: It is possible for a local attacker to deduce if a file exists or not by exploiting the way that Xorg creates its lock files. CVE-2011-4029: It is possible for a non-root local user to set the read permission for all users on any file or directory.

Affected

xorg-x11-server on openSUSE 11.3

Severity

Classification

CVE CVE-2011-4028, CVE-2011-4029

CVSS	Base Score: 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

SLES9: Security update for KDE PIM 3 packages
SLES10: Security update for dbus
SLES10: Security update for mutt
SLES9: Security update for sudo
SLES9: Security update for PHP

SuSE Update for xorg-x11-server openSUSE-SU-2012:0227-1 (xorg-x11-server)

Take action and discover your vulnerabilities