Miembros de
Boletines de Vulnerabilidades |
Desbordamiento de búfer en Xorg |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Aumento de privilegios |
| Dificultad | Experto |
| Requerimientos del atacante | Acceso remoto con cuenta |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricante afectado | GNU/Linux |
| Software afectado | libXfont < 1.4.1 |
Descripción |
|
|
Se ha descubierto una vulnerabilidad de tipo desbordamiento de búfer en zona de heap en libXfont de X.Org en versiones anteriores a la 1.4.1. La vulnerabilidad reside en un error al manejar ciertos ficheros de fuentes. Un atacante local podría escalar privilegios y ejecutar código en el contexto del usuario con el que se ejecuta el servidor X.org. |
|
Solución |
|
|
Actualización de software Red Hat (RHSA-2008:0064-5) RHEL Desktop Workstation (v. 5 cliente) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux Desktop (v. 5 cliente) https://rhn.redhat.com/ Red Hat (RHSA-2008:0030-7) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (RHSA-2008:0029-9) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Linux Advanced Workstation 2.1 para el procesador Itanium https://rhn.redhat.com/ Sun (201230) Solaris 10 (para Xsun(1)) / SPARC / patch 119059-37 Solaris 10 (para Xorg(1)) / SPARC / patch 125719-07 Solaris 9 (para Xsun(1)) / SPARC / patch 112785-63 Solaris 8 (para Xsun(1)) / SPARC / patch 119067-09 Solaris 10 (para Xsun(1)) / x86 / patch 119060-36 Solaris 10 (para Xorg(1)) / x86 / patch 125720-16 Solaris 9 (para Xorg(1)) / x86 / patch 118908-04 Solaris 9 (para Xsun(1)) / x86 / patch 112786-52 Solaris 8 (para Xsun(1)) / x86 / patch 119068-09 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Mandriva (MDVSA-2008:021) Corporate Server 3.0 corporate/3.0/i586/X11R6-contrib-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-100dpi-fonts-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-75dpi-fonts-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-Xnest-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-Xvfb-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-cyrillic-fonts-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-doc-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-glide-module-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-server-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/XFree86-xfs-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/libxfree86-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/libxfree86-devel-4.3-32.15.C30mdk.i586.rpm corporate/3.0/i586/libxfree86-static-devel-4.3-32.15.C30mdk.i586.rpm corporate/3.0/SRPMS/XFree86-4.3-32.15.C30mdk.src.rpm X86_64 corporate/3.0/x86_64/X11R6-contrib-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-100dpi-fonts-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-75dpi-fonts-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-Xnest-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-Xvfb-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-cyrillic-fonts-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-doc-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-server-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/XFree86-xfs-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/lib64xfree86-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/lib64xfree86-devel-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/x86_64/lib64xfree86-static-devel-4.3-32.15.C30mdk.x86_64.rpm corporate/3.0/SRPMS/XFree86-4.3-32.15.C30mdk.src.rpm Mandriva (MDVSA-2008:022) Corporate Server 4.0 corporate/4.0/i586/X11R6-contrib-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/libxorg-x11-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/libxorg-x11-devel-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/libxorg-x11-static-devel-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-100dpi-fonts-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-75dpi-fonts-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-Xdmx-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-Xnest-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-Xprt-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-Xvfb-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-cyrillic-fonts-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-doc-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-glide-module-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-server-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-xauth-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/i586/xorg-x11-xfs-6.9.0-5.17.20060mlcs4.i586.rpm corporate/4.0/SRPMS/xorg-x11-6.9.0-5.17.20060mlcs4.src.rpm X86_64 corporate/4.0/x86_64/X11R6-contrib-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/lib64xorg-x11-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/lib64xorg-x11-devel-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/lib64xorg-x11-static-devel-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-100dpi-fonts-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-75dpi-fonts-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-Xdmx-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-Xnest-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-Xprt-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-Xvfb-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-cyrillic-fonts-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-doc-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-glide-module-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-server-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-xauth-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/xorg-x11-xfs-6.9.0-5.17.20060mlcs4.x86_64.rpm corporate/4.0/SRPMS/xorg-x11-6.9.0-5.17.20060mlcs4.src.rpm Mandriva (MDVSA-2008:024) Mandriva Linux 2007 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/libxfont1-1.1.0-4.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/libxfont1-devel-1.1.0-4.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/libxfont1-static-devel-1.1.0-4.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/SRPMS/main/updates/libxfont-1.1.0-4.3mdv2007.0.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/lib64xfont1-1.1.0-4.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/lib64xfont1-devel-1.1.0-4.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/lib64xfont1-static-devel-1.1.0-4.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/SRPMS/main/updates/libxfont-1.1.0-4.3mdv2007.0.src.rpm Mandriva Linux 2007.1 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/libxfont1-1.2.7-1.2mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/libxfont1-devel-1.2.7-1.2mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/libxfont1-static-devel-1.2.7-1.2mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/SRPMS/main/updates/libxfont-1.2.7-1.2mdv2007.1.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/lib64xfont1-1.2.7-1.2mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/lib64xfont1-devel-1.2.7-1.2mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/lib64xfont1-static-devel-1.2.7-1.2mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/SRPMS/main/updates/libxfont-1.2.7-1.2mdv2007.1.src.rpm Mandriva Linux 2008.0 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/libxfont1-1.3.0-3.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/libxfont1-devel-1.3.0-3.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/libxfont1-static-devel-1.3.0-3.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/SRPMS/main/updates/libxfont-1.3.0-3.1mdv2008.0.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/lib64xfont1-1.3.0-3.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/lib64xfont1-devel-1.3.0-3.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/lib64xfont1-static-devel-1.3.0-3.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/SRPMS/main/updates/libxfont-1.3.0-3.1mdv2008.0.src.rpm OpenBSD OpenBSD 4.2 ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/006_xorg.patch http://openbsd.org/faq/faq10.html#Patches IBM AIX 5.2.0 - APAR IZ13652 (Disponible el 05/07/08) http://www.ibm.com/support/docview.wss?uid=isg1IZ13652 AIX 5.3.0 - APAR IZ13653 (Disponible el 03/12/08) http://www.ibm.com/support/docview.wss?uid=isg1IZ13653 AIX 5.3.7 - APAR IZ13654 (Disponible el 03/12/08) http://www.ibm.com/support/docview.wss?uid=isg1IZ13654 AIX 6.1.0 - APAR IZ13655 (Disponible el 04/09/08) http://www.ibm.com/support/docview.wss?uid=isg1IZ13655 Hewlett-Packard (HPSBUX02381) HP-UX B.11.31 running Xserver / patch Install PHSS_38840 o posterior HP-UX B.11.23 running Xserver / patch Install PHSS_37972 o posterior HP-UX B.11.11 running Xserver / patch Install PHSS_34392 o posterior |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2008-0006 |
| BID | 27352 |
Recursos adicionales |
|
|
Red Hat Security Advisory (RHSA-2008:0064-5) https://rhn.redhat.com/errata/RHSA-2008-0064.html Red Hat Security Advisory (RHSA-2008:0030-7) https://rhn.redhat.com/errata/RHSA-2008-0030.html Red Hat Security Advisory (RHSA-2008:0029-9) https://rhn.redhat.com/errata/RHSA-2008-0029.html Sun Alert Notification (103192) http://sunsolve.sun.com/search/document.do?assetkey=1-26-103192-1 Sun Alert Notification (201230) http://sunsolve.sun.com/search/document.do?assetkey=1-66-201230-1 SUSE Security Advisory (SUSE-SA:2008:003) http://www.novell.com/linux/security/advisories/xorg_sec_prob.html SUSE Security Advisory (SUSE-SR:2008:008) http://www.novell.com/linux/security/advisories/2008_8_sr.html Mandriva Security Advisory (MDVSA-2008:021) http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 Mandriva Security Advisory (MDVSA-2008:022) http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 Mandriva Security Advisory (MDVSA-2008:024) http://www.mandriva.com/security/advisories?name=MDVSA-2008:024 OpenBSD http://www.openbsd.org/errata42.html#006_xorg IBM Security Advisory http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539 HP SECURITY BULLETIN (HPSBUX02381) http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01543321-1 |
|
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Aviso emitido | 2008-01-24 |
| 1.1 | Aviso emitido por Mandriva (MDVSA-2008:021), aviso emitido por Mandriva (MDVSA-2008:022), aviso emitido por Mandriva (MDVSA-2008:024) | 2008-01-29 |
| 1.2 | Aviso actualizado por Sun (201230) | 2008-02-04 |
| 1.3 | Aviso actualizado por Sun (201230) | 2008-02-06 |
| 1.4 | Aviso emitido por OpenBSD | 2008-02-08 |
| 1.5 | Aviso emitido por IBM | 2008-02-29 |
| 1.6 | Aviso emitido por Suse (SUSE-SR:2008:008) | 2008-04-15 |
| 1.7 | Aviso emitido por HP (HPSBUX02381) | 2008-11-04 |