Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:089: XFree86 Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the XFree86 package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:089 (XFree86).
Several vulnerabilities were discovered by blexim(at)hush.com in the font
libraries of XFree86 version 4.3.0 and earlier. These bugs could potentially
lead to execution of arbitrary code or a DoS by a remote user in any way that
calls these functions, which are related to the transfer and enumeration of
fonts from font servers to clients.
As well, some bugs were fixed in XFree86 as released with Mandrake Linux 9.2,
specifically a problem where X would freeze with a black screen at logout or
shutdown with DRI enabled on certain ATI Radeon cards.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:089
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.