Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 1342-1 (xfs)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

6.2

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update to xfs announced via advisory DSA 1342-1.

Insight

Insight

It was discovered that a race condition in the init.d script of the X Font Server allows the modification of file permissions of arbitrary files if the local administrator can be tricked into restarting the X font server. For the oldstable distribution (sarge) xfs is present as part of the monolithic xfree86 package. A fix will be provided along with a future security update. For the stable distribution (etch) this problem has been fixed in version 1.0.1-6. For the unstable distribution (sid) this problem has been fixed in version 1.0.4-2. We recommend that you upgrade your xfs package.

Solution

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201342-1

Common Vulnerabilities and Exposures (CVE)