4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
60.7%
The remote host is affected by the vulnerability described in GLSA-201201-16 (X.Org X Server/X Keyboard Configuration Database: Screen lock bypass)
Starting with the =x11-base/xorg-server-1.11 package, the X.Org X Server again provides debugging functionality that can be used terminate an application that exclusively grabs mouse and keyboard input, like screen locking utilities.
Gu1 reported that the X Keyboard Configuration Database maps this functionality by default to the Ctrl+Alt+Numpad * key combination.
Impact :
A physically proximate attacker could exploit this vulnerability to gain access to a locked X session without providing the correct credentials.
Workaround :
Downgrade to any version of x11-base/xorg-server below x11-base/xorg-server-1.11:
# emerge --oneshot --verbose '<x11-base/xorg-server-1.11'
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201201-16.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(57722);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2012-0064");
script_bugtraq_id(51562);
script_xref(name:"GLSA", value:"201201-16");
script_name(english:"GLSA-201201-16 : X.Org X Server/X Keyboard Configuration Database: Screen lock bypass");
script_summary(english:"Checks for updated package(s) in /var/db/pkg");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Gentoo host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is affected by the vulnerability described in GLSA-201201-16
(X.Org X Server/X Keyboard Configuration Database: Screen lock bypass)
Starting with the =x11-base/xorg-server-1.11 package, the X.Org X Server
again provides debugging functionality that can be used terminate an
application that exclusively grabs mouse and keyboard input, like screen
locking utilities.
Gu1 reported that the X Keyboard Configuration Database maps this
functionality by default to the Ctrl+Alt+Numpad * key combination.
Impact :
A physically proximate attacker could exploit this vulnerability to gain
access to a locked X session without providing the correct credentials.
Workaround :
Downgrade to any version of x11-base/xorg-server below
x11-base/xorg-server-1.11:
# emerge --oneshot --verbose '<x11-base/xorg-server-1.11'"
);
script_set_attribute(
attribute:"see_also",
value:"https://security.gentoo.org/glsa/201201-16"
);
script_set_attribute(
attribute:"solution",
value:
"All xkeyboard-config users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=x11-misc/xkeyboard-config-2.4.1-r3'
NOTE: The X.Org X Server 1.11 was only stable on the AMD64, ARM, HPPA,
and x86 architectures. Users of the stable branches of all other
architectures are not affected and will be directly provided with a fixed
X Keyboard Configuration Database version."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xkeyboard-config");
script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2012/01/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/30");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
script_family(english:"Gentoo Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list", "Host/Gentoo/arch");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/Gentoo/arch");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(amd64|arm|hppa|x86)$") audit(AUDIT_ARCH_NOT, "amd64|arm|hppa|x86", ourarch);
flag = 0;
if (qpkg_check(package:"x11-misc/xkeyboard-config", arch:"amd64 arm hppa x86", unaffected:make_list("ge 2.4.1-r3"), vulnerable:make_list("lt 2.4.1-r3"))) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = qpkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "X.Org X Server/X Keyboard Configuration Database");
}
Vendor | Product | Version | CPE |
---|---|---|---|
gentoo | linux | xkeyboard-config | p-cpe:/a:gentoo:linux:xkeyboard-config |
gentoo | linux | cpe:/o:gentoo:linux |