U radu programskog paketa X.org X11 uočene su dvije ranjivosti koje lokalni napadači mogu iskoristiti za dobivanje većih privilegija u sustavu i proizvoljno izvršavanje programskog koda.
Secunia Advisory SA47270
IBM AIX X Server Two Vulnerabilities
Release Date 2011-12-15
Criticality level Less criticalLess critical
Impact Privilege escalation
Where Local system
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Vendor Patch
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Remediation status Secunia CSI, Secunia PSI
Automated scanning Secunia CSI, Secunia PSI
Operating System
AIX 6.x
AIX 7.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2007-6427 CVSS available in Customer Area
CVE-2007-6429 CVSS available in Customer Area
Description
IBM has acknowledged two vulnerabilities in AIX, which can be exploited by malicious, local users to gain escalated privileges.
For more information:
SA28532
The vulnerabilities are reported in versions 6.1 and 7.1.
Solution
Apply Interim Fixes or APARs when available.
Original Advisory
IBM (IV07021, IV07022, IV08676, IV08786):
http://aix.software.ibm.com/aix/efixes/security/xorg_advisory.asc
Posljednje sigurnosne preporuke