|
|
XFree86 XDM RequestPort Random Open TCP Socket Vulnerability
Solution: Red Hat has released advisory RHSA-2004:478-13 and fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information. OpenBSD has released a source code patch to address this issue in OpenBSD 3.5. Gentoo Linux has released advisory GLSA 200407-05 addressing this issue. Please see the referenced advisory for further information. Users of affected packages are urged to execute the following commands as superuser: If you are running the X.org version of X: emerge sync emerge -pv ">=x11-base/xorg-x11-6.7.0-r1" emerge ">=x11-base/xorg-x11-6.7.0-r1" If you are running the XFree86 version of X: emerge sync emerge -pv ">=x11-base/xfree-4.3.0-r6" emerge ">=x11-base/xfree-4.3.0-r6" Mandrake Linux has released an advisory (MDKSA-2004:073) to address this issue. Please see the referenced advisory for further information. Avaya has released an advisory indicating vulnerable packages. Avaya has suggested that upgrades will be available to address this issue. Please see the advisory at the following location for more information: http://support.avaya.com/japple/css/japple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=203389&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate() Fedora Legacy has released advisory FLSA-2005:2314 dealing with this and other issues for the Fedora Core 1 and RedHat Linux packages. Please see the referenced advisory for more information. |
|
Privacy Statement |