Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.GENTOO_GLSA-200407-05.NASL
HistoryAug 30, 2004 - 12:00 a.m.

GLSA-200407-05 : XFree86, X.org: XDM ignores requestPort setting

2004-08-3000:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
13

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.2%

JSON

The remote host is affected by the vulnerability described in GLSA-200407-05 (XFree86, X.org: XDM ignores requestPort setting)

XDM will open TCP sockets for its chooser, even if the     DisplayManager.requestPort setting is set to 0. Remote clients can use this     port to connect to XDM and request a login window, thus allowing access to     the system.

Impact :

Authorized users may be able to login remotely to a machine running XDM,     even if this option is disabled in XDM's configuration. Please note that an     attacker must have a preexisting account on the machine in order to exploit     this vulnerability.

Workaround :

There is no known workaround at this time. All users should upgrade to the     latest available version of X.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200407-05.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14538);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-0419");
  script_xref(name:"GLSA", value:"200407-05");

  script_name(english:"GLSA-200407-05 : XFree86, X.org: XDM ignores requestPort setting");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200407-05
(XFree86, X.org: XDM ignores requestPort setting)

    XDM will open TCP sockets for its chooser, even if the
    DisplayManager.requestPort setting is set to 0. Remote clients can use this
    port to connect to XDM and request a login window, thus allowing access to
    the system.
  
Impact :

    Authorized users may be able to login remotely to a machine running XDM,
    even if this option is disabled in XDM's configuration. Please note that an
    attacker must have a preexisting account on the machine in order to exploit
    this vulnerability.
  
Workaround :

    There is no known workaround at this time. All users should upgrade to the
    latest available version of X."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.xfree86.org/show_bug.cgi?id=1376"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200407-05"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"If you are using XFree86, you should run the following:
    # emerge sync
    # emerge -pv '>=x11-base/xfree-4.3.0-r6'
    # emerge '>=x11-base/xfree-4.3.0-r6'
    If you are using X.org's X11 server, you should run the following:
    # emerge sync
    # emerge -pv '>=x11-base/xorg-x11-6.7.0-r1'
    # emerge '>=x11-base/xorg-x11-6.7.0-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xfree");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xorg-x11");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/07/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
  script_set_attribute(attribute:"vuln_publication_date", value:"2004/05/30");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"x11-base/xfree", unaffected:make_list("ge 4.3.0-r6"), vulnerable:make_list("le 4.3.0-r5"))) flag++;
if (qpkg_check(package:"x11-base/xorg-x11", unaffected:make_list("ge 6.7.0-r1"), vulnerable:make_list("le 6.7.0"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "XFree86 / X.org");
}
VendorProductVersionCPE
gentoolinuxxfreep-cpe:/a:gentoo:linux:xfree
gentoolinuxxorg-x11p-cpe:/a:gentoo:linux:xorg-x11
gentoolinuxcpe:/o:gentoo:linux

Related

gentoo 1
securityvulns 1
openvas 4
nessus 4
ubuntucve 1
freebsd 1
debiancve 1
cve 1
nvd 1
cvelist 1
redhat 1
gentoo
gentoo
XFree86, X.org: XDM ignores requestPort setting
2004-07-05 00:00:00
securityvulns
securityvulns
[ GLSA 200407-05 ] XFree86, X.org: XDM ignores requestPort setting
2004-07-06 00:00:00
openvas
openvas
FreeBSD Ports: xorg-clients
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200407-05 (xdm)
2008-09-24 00:00:00
FreeBSD Ports: xorg-clients
2008-09-04 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : XFree86 (MDKSA-2004:073)
2004-07-31 00:00:00
FreeBSD : XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0 (210)
2004-07-06 00:00:00
FreeBSD : XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0 (ff00f2ce-c54c-11d8-b708-00061bc2ad93)
2009-04-23 00:00:00
ubuntucve
ubuntucve
CVE-2004-0419
2004-08-18 00:00:00
freebsd
freebsd
XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0
2004-05-19 00:00:00
debiancve
debiancve
CVE-2004-0419
2004-08-18 04:00:00
cve
cve
CVE-2004-0419
2004-08-18 04:00:00
nvd
nvd
CVE-2004-0419
2004-08-18 04:00:00
cvelist
cvelist
CVE-2004-0419
2004-06-03 04:00:00
redhat
redhat
(RHSA-2004:478) XFree86 security update
2004-10-04 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.2%

JSON
Related for GENTOO_GLSA-200407-05.NASL
gentoo1securityvulns1openvas4nessus4ubuntucve1freebsd1debiancve1cve1nvd1cvelist1redhat1