Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2008-0030.NASL
HistoryJan 18, 2008 - 12:00 a.m.

RHEL 4 : xorg-x11 (RHSA-2008:0030)

2008-01-1800:00:00
This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
JSON

Updated xorg-x11 packages that fix several security issues are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red Hat Security Response Team.

[Updated 18th January 2008] The original packages distributed with this errata had a bug which could cause some X applications to fail on 32-bit platforms. We have updated the packages to correct this bug.

The xorg-x11 packages contain X.Org, an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Two integer overflow flaws were found in the X.Org server’s EVI and MIT-SHM modules. A malicious authorized client could exploit these issues to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server.
(CVE-2007-6429)

A heap based buffer overflow flaw was found in the way the X.Org server handled malformed font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2008-0006)

A memory corruption flaw was found in the X.Org server’s XInput extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6427)

An input validation flaw was found in the X.Org server’s XFree86-Misc extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-5760)

An information disclosure flaw was found in the X.Org server’s TOG-CUP extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially view arbitrary memory content within the X server’s address space. (CVE-2007-6428)

An integer and heap overflow flaw were found in the X.Org font server, xfs. A user with the ability to connect to the font server could have been able to cause a denial of service (crash), or potentially execute arbitrary code with the permissions of the font server.
(CVE-2007-4568, CVE-2007-4990)

A flaw was found in the X.Org server’s XC-SECURITY extension, that could have allowed a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user. (CVE-2007-5958)

Users of xorg-x11 should upgrade to these updated packages, which contain backported patches to resolve these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2008:0030. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(30002);
  script_version("1.29");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-4568", "CVE-2007-4990", "CVE-2007-5760", "CVE-2007-5958", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429", "CVE-2008-0006");
  script_bugtraq_id(25898, 27350, 27351, 27352, 27353, 27354, 27355, 27356);
  script_xref(name:"RHSA", value:"2008:0030");

  script_name(english:"RHEL 4 : xorg-x11 (RHSA-2008:0030)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated xorg-x11 packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

[Updated 18th January 2008] The original packages distributed with
this errata had a bug which could cause some X applications to fail on
32-bit platforms. We have updated the packages to correct this bug.

The xorg-x11 packages contain X.Org, an open source implementation of
the X Window System. It provides the basic low-level functionality
that full-fledged graphical user interfaces are designed upon.

Two integer overflow flaws were found in the X.Org server's EVI and
MIT-SHM modules. A malicious authorized client could exploit these
issues to cause a denial of service (crash), or potentially execute
arbitrary code with root privileges on the X.Org server.
(CVE-2007-6429)

A heap based buffer overflow flaw was found in the way the X.Org
server handled malformed font files. A malicious local user could
exploit these issues to potentially execute arbitrary code with the
privileges of the X.Org server. (CVE-2008-0006)

A memory corruption flaw was found in the X.Org server's XInput
extension. A malicious authorized client could exploit this issue to
cause a denial of service (crash), or potentially execute arbitrary
code with root privileges on the X.Org server. (CVE-2007-6427)

An input validation flaw was found in the X.Org server's XFree86-Misc
extension. A malicious authorized client could exploit this issue to
cause a denial of service (crash), or potentially execute arbitrary
code with root privileges on the X.Org server. (CVE-2007-5760)

An information disclosure flaw was found in the X.Org server's TOG-CUP
extension. A malicious authorized client could exploit this issue to
cause a denial of service (crash), or potentially view arbitrary
memory content within the X server's address space. (CVE-2007-6428)

An integer and heap overflow flaw were found in the X.Org font server,
xfs. A user with the ability to connect to the font server could have
been able to cause a denial of service (crash), or potentially execute
arbitrary code with the permissions of the font server.
(CVE-2007-4568, CVE-2007-4990)

A flaw was found in the X.Org server's XC-SECURITY extension, that
could have allowed a local user to verify the existence of an
arbitrary file, even in directories that are not normally accessible
to that user. (CVE-2007-5958)

Users of xorg-x11 should upgrade to these updated packages, which
contain backported patches to resolve these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-4568"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-4990"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-5760"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-5958"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-6427"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-6428"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-6429"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-0006"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2008:0030"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');
  script_cwe_id(119, 189, 200, 362, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Mesa-libGL");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Mesa-libGLU");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xdmx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xnest");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-Xvfb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-font-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-sdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-twm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-xauth");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-xdm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-xfs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2007/10/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/01/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/01/18");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2008:0030";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL4", reference:"xorg-x11-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-Xdmx-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-Xnest-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-Xvfb-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-devel-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"xorg-x11-doc-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"xorg-x11-doc-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-font-utils-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-libs-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"xorg-x11-sdk-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"xorg-x11-sdk-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-tools-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-twm-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-xauth-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-xdm-6.8.2-1.EL.33.0.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"xorg-x11-xfs-6.8.2-1.EL.33.0.2")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xorg-x11 / xorg-x11-Mesa-libGL / xorg-x11-Mesa-libGLU / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxxorg-x11p-cpe:/a:redhat:enterprise_linux:xorg-x11
redhatenterprise_linuxxorg-x11-mesa-libglp-cpe:/a:redhat:enterprise_linux:xorg-x11-mesa-libgl
redhatenterprise_linuxxorg-x11-mesa-libglup-cpe:/a:redhat:enterprise_linux:xorg-x11-mesa-libglu
redhatenterprise_linuxxorg-x11-xdmxp-cpe:/a:redhat:enterprise_linux:xorg-x11-xdmx
redhatenterprise_linuxxorg-x11-xnestp-cpe:/a:redhat:enterprise_linux:xorg-x11-xnest
redhatenterprise_linuxxorg-x11-xvfbp-cpe:/a:redhat:enterprise_linux:xorg-x11-xvfb
redhatenterprise_linuxxorg-x11-deprecated-libsp-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs
redhatenterprise_linuxxorg-x11-deprecated-libs-develp-cpe:/a:redhat:enterprise_linux:xorg-x11-deprecated-libs-devel
redhatenterprise_linuxxorg-x11-develp-cpe:/a:redhat:enterprise_linux:xorg-x11-devel
redhatenterprise_linuxxorg-x11-docp-cpe:/a:redhat:enterprise_linux:xorg-x11-doc
Rows per page:
1-10 of 201

References

Related

nessus 53
oraclelinux 4
openvas 65
centos 5
redhat 3
fedora 4
suse 2
debian 4
securityvulns 8
ubuntu 2
osv 2
gentoo 2
freebsd 2
altlinux 2
cve 8
debiancve 6
prion 7
ubuntucve 7
canvas 1
veracode 5
checkpoint_advisories 2
packetstorm 1
seebug 3
exploitpack 1
nessus
nessus
Scientific Linux Security Update : xorg-x11 on SL4.x i386/x86_64
2012-08-01 00:00:00
CentOS 4 : xorg-x11 (CESA-2008:0030)
2010-01-06 00:00:00
Oracle Linux 4 : xorg-x11 (ELSA-2008-0030)
2013-07-12 00:00:00
oraclelinux
oraclelinux
Important: xorg-x11 security update
2008-01-17 00:00:00
Important: XFree86 security update
2008-01-18 00:00:00
Important: xorg-x11-server security update
2008-01-17 00:00:00
openvas
openvas
CentOS Update for xorg-x11 CESA-2008:0030 centos4 i386
2009-02-27 00:00:00
RedHat Update for xorg-x11 RHSA-2008:0030-01
2009-03-06 00:00:00
RedHat Update for xorg-x11 RHSA-2008:0030-01
2009-03-06 00:00:00
centos
centos
xorg security update
2008-01-18 01:10:07
XFree86 security update
2008-01-18 15:04:04
XFree86 security update
2008-01-20 22:56:55
redhat
redhat
(RHSA-2008:0030) Important: xorg-x11 security update
2008-01-17 00:00:00
(RHSA-2008:0029) Important: XFree86 security update
2008-01-18 00:00:00
(RHSA-2008:0031) Important: xorg-x11-server security update
2008-01-17 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: xorg-x11-server-1.3.0.0-15.fc7
2008-01-22 15:49:43
[SECURITY] Fedora 8 Update: xorg-x11-server-1.3.0.0-39.fc8
2008-01-22 15:32:21
[SECURITY] Fedora 7 Update: xorg-x11-xfs-1.0.5-1.fc7
2007-12-11 00:51:18
suse
suse
remote code execution in Xorg and XFree
2008-01-17 15:28:59
local privilege escalation in XOrg
2007-10-12 16:41:18
debian
debian
[SECURITY] [DSA 1466-3] New xfree86 packages fix regression
2008-01-21 18:53:21
[SECURITY] [DSA 1466-2] New xorg-server packages fix regression
2008-01-19 13:10:16
[SECURITY] [DSA 1466-1] New xorg-server packages fix several vulnerabilities
2008-01-17 18:55:05
securityvulns
securityvulns
XFree86 / X.Org / NX multiple security vulnerabilities
2008-04-08 00:00:00
[USN-571-1] X.org vulnerabilities
2008-01-20 00:00:00
X11 X Font Server integer overflow
2007-10-04 00:00:00
ubuntu
ubuntu
X.org regression
2008-01-19 00:00:00
X.org vulnerabilities
2008-01-18 00:00:00
osv
osv
libxfont xfree86 xorg-server - several vulnerabilities
2008-01-21 00:00:00
xfs
2007-10-09 00:00:00
gentoo
gentoo
X.Org X server and Xfont library: Multiple vulnerabilities
2008-01-20 00:00:00
X Font Server: Multiple Vulnerabilities
2007-10-12 00:00:00
freebsd
freebsd
xorg -- multiple vulnerabilities
2008-01-18 00:00:00
xfs -- multiple vulnerabilities
2007-10-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package xorg-server version 2:1.4.0.90-alt5
2008-01-17 00:00:00
Security fix for the ALT Linux 10 package xorg-server version 2:1.4.0.90-alt6
2008-01-18 00:00:00
cve
cve
CVE-2007-6427
2008-01-18 23:00:00
CVE-2007-4990
2007-10-05 21:17:00
CVE-2007-5760
2008-01-18 23:00:00
debiancve
debiancve
CVE-2007-6427
2008-01-18 23:00:00
CVE-2007-5760
2008-01-18 23:00:00
CVE-2007-6428
2008-01-18 23:00:00
prion
prion
Design/Logic Flaw
2008-01-18 23:00:00
Heap overflow
2007-10-05 21:17:00
Design/Logic Flaw
2008-01-18 23:00:00
ubuntucve
ubuntucve
CVE-2007-6427
2008-01-18 00:00:00
CVE-2007-4990
2007-10-05 00:00:00
CVE-2007-5760
2008-01-18 00:00:00
canvas
canvas
Immunity Canvas: XFS_SWAPCHAR2B
2007-10-05 21:17:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:24:16
Arbitrary Code Execution
2020-04-10 00:24:16
Information Disclosure
2020-04-10 00:24:16
checkpoint_advisories
checkpoint_advisories
X.Org X Font Server Handlers Integer Overflow (CVE-2007-4568)
2009-12-30 00:00:00
X.Org X Server PCF Font Parser Buffer Overflow (CVE-2008-0006)
2010-02-25 00:00:00
packetstorm
packetstorm
xorg-disclose.txt
2008-02-20 00:00:00
seebug
seebug
X.Org xorg-server <= 1.1.1-48.13 - Probe for Files Exploit PoC
2014-07-01 00:00:00
X.Org xorg-server &lt;= 1.1.1-48.13 Probe for Files Exploit PoC
2008-02-21 00:00:00
X.Org X Server MIT-SHM及EVI扩展整数溢出漏洞
2008-01-22 00:00:00
exploitpack
exploitpack
X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)
2008-02-19 00:00:00
JSON
Related for REDHAT-RHSA-2008-0030.NASL
nessus53oraclelinux4openvas65centos5redhat3fedora4suse2debian4securityvulns8ubuntu2osv2gentoo2freebsd2altlinux2cve8debiancve6prion7ubuntucve7canvas1veracode5checkpoint_advisories2packetstorm1seebug3exploitpack1