Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 Greenbone Networks GmbHOPENVAS:840328
HistoryMar 23, 2009 - 12:00 a.m.

Ubuntu Update for xorg-server regression USN-571-2

2009-03-2300:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
10

0.54 Medium

EPSS

Percentile

97.3%

JSON

Ubuntu Update for Linux kernel vulnerabilities USN-571-2

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_571_2.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for xorg-server regression USN-571-2
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "USN-571-1 fixed vulnerabilities in X.org.  The upstream fixes were
  incomplete, and under certain situations, applications using the MIT-SHM
  extension (e.g. Java, wxWidgets) would crash with BadAlloc X errors.
  This update fixes the problem.

  We apologize for the inconvenience.
  
  Original advisory details:
  
  Multiple overflows were discovered in the XFree86-Misc, XInput-Misc,
  TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate
  function arguments.  An authenticated attacker could send specially
  crafted requests and gain root privileges. (CVE-2007-5760, CVE-2007-6427,
  CVE-2007-6428, CVE-2007-6429)
  
  It was discovered that the X.org server did not use user privileges when
  attempting to open security policy files.  Local attackers could exploit
  this to probe for files in directories they would not normally be able
  to access.  (CVE-2007-5958)
  
  It was discovered that the PCF font handling code did not correctly
  validate the size of fonts.  An authenticated attacker could load a
  specially crafted font and gain additional privileges.  (CVE-2008-0006)";

tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-571-2";
tag_affected = "xorg-server regression on Ubuntu 6.06 LTS ,
  Ubuntu 6.10 ,
  Ubuntu 7.04 ,
  Ubuntu 7.10";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-571-2/");
  script_id(840328);
  script_version("$Revision: 7969 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
  script_tag(name:"creation_date", value:"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_xref(name: "USN", value: "571-2");
  script_cve_id("CVE-2007-5760", "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429", "CVE-2007-5958", "CVE-2008-0006");
  script_name( "Ubuntu Update for xorg-server regression USN-571-2");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-deb.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "UBUNTU7.04")
{

  if ((res = isdpkgvuln(pkg:"xnest", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-core", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-dev", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xvfb", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx-tools", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xephyr", ver:"1.2.0-3ubuntu8.3", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU6.06 LTS")
{

  if ((res = isdpkgvuln(pkg:"xnest", ver:"1.0.2-0ubuntu10.10", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-core", ver:"1.0.2-0ubuntu10.10", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-dev", ver:"1.0.2-0ubuntu10.10", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xvfb", ver:"1.0.2-0ubuntu10.10", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx-tools", ver:"1.0.2-0ubuntu10.10", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx", ver:"1.0.2-0ubuntu10.10", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU6.10")
{

  if ((res = isdpkgvuln(pkg:"xnest", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-core", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-dev", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xvfb", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx-tools", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xephyr", ver:"1.1.1-0ubuntu12.5", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU7.10")
{

  if ((res = isdpkgvuln(pkg:"xnest", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xephyr", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-core-dbg", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-core", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xserver-xorg-dev", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xvfb", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx-tools", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xdmx", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xprint", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"xprint-common", ver:"1.3.0.0.dfsg-12ubuntu8.3", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

nessus 48
fedora 4
suse 1
debian 3
securityvulns 6
ubuntu 2
openvas 43
freebsd 1
osv 1
gentoo 1
oraclelinux 4
redhat 4
centos 5
altlinux 2
cve 6
ubuntucve 6
prion 6
debiancve 6
veracode 6
exploitpack 1
seebug 3
packetstorm 1
checkpoint_advisories 1
cert 1
jvn 1
exploitdb 1
nessus
nessus
Debian DSA-1466-1 : xorg-server - several vulnerabilities
2008-01-27 00:00:00
Solaris 10 (sparc) : 125719-58 (deprecated)
2007-10-12 00:00:00
FreeBSD : xorg -- multiple vulnerabilities (fe2b6597-c9a4-11dc-8da8-0008a18a9961)
2008-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: xorg-x11-server-1.3.0.0-15.fc7
2008-01-22 15:49:43
[SECURITY] Fedora 8 Update: xorg-x11-server-1.3.0.0-39.fc8
2008-01-22 15:32:21
[SECURITY] Fedora 7 Update: libXfont-1.2.9-3.fc7
2008-01-22 15:59:35
suse
suse
remote code execution in Xorg and XFree
2008-01-17 15:28:59
debian
debian
[SECURITY] [DSA 1466-3] New xfree86 packages fix regression
2008-01-21 18:53:21
[SECURITY] [DSA 1466-2] New xorg-server packages fix regression
2008-01-19 13:10:16
[SECURITY] [DSA 1466-1] New xorg-server packages fix several vulnerabilities
2008-01-17 18:55:05
securityvulns
securityvulns
XFree86 / X.Org / NX multiple security vulnerabilities
2008-04-08 00:00:00
[USN-571-1] X.org vulnerabilities
2008-01-20 00:00:00
iDefense Security Advisory 01.17.08: Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability
2008-01-20 00:00:00
ubuntu
ubuntu
X.org regression
2008-01-19 00:00:00
X.org vulnerabilities
2008-01-18 00:00:00
openvas
openvas
Fedora Update for xorg-x11-server FEDORA-2008-0831
2009-02-17 00:00:00
Ubuntu Update for libxfont, xorg-server vulnerabilities USN-571-1
2009-03-23 00:00:00
Debian Security Advisory DSA 1466-2 (xorg-server, libxfont, xfree86)
2008-01-31 00:00:00
freebsd
freebsd
xorg -- multiple vulnerabilities
2008-01-18 00:00:00
osv
osv
libxfont xfree86 xorg-server - several vulnerabilities
2008-01-21 00:00:00
gentoo
gentoo
X.Org X server and Xfont library: Multiple vulnerabilities
2008-01-20 00:00:00
oraclelinux
oraclelinux
Important: xorg-x11-server security update
2008-01-17 00:00:00
Important: XFree86 security update
2008-01-18 00:00:00
Important: xorg-x11 security update
2008-01-17 00:00:00
redhat
redhat
(RHSA-2008:0031) Important: xorg-x11-server security update
2008-01-17 00:00:00
(RHSA-2008:0030) Important: xorg-x11 security update
2008-01-17 00:00:00
(RHSA-2008:0029) Important: XFree86 security update
2008-01-18 00:00:00
centos
centos
xorg security update
2008-01-18 23:23:09
xorg security update
2008-01-18 01:10:07
XFree86 security update
2008-01-18 15:04:04
altlinux
altlinux
Security fix for the ALT Linux 10 package xorg-server version 2:1.4.0.90-alt5
2008-01-17 00:00:00
Security fix for the ALT Linux 10 package xorg-server version 2:1.4.0.90-alt6
2008-01-18 00:00:00
cve
cve
CVE-2007-5760
2008-01-18 23:00:00
CVE-2007-5958
2008-01-18 23:00:00
CVE-2007-6428
2008-01-18 23:00:00
ubuntucve
ubuntucve
CVE-2007-5760
2008-01-18 00:00:00
CVE-2007-5958
2008-01-18 00:00:00
CVE-2007-6428
2008-01-18 00:00:00
prion
prion
Design/Logic Flaw
2008-01-18 23:00:00
Integer overflow
2008-01-18 23:00:00
Design/Logic Flaw
2008-01-18 23:00:00
debiancve
debiancve
CVE-2007-5760
2008-01-18 23:00:00
CVE-2007-6428
2008-01-18 23:00:00
CVE-2007-5958
2008-01-18 23:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:24:16
Information Disclosure
2020-04-10 00:24:16
Arbitrary Code Execution
2020-04-10 00:24:16
exploitpack
exploitpack
X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)
2008-02-19 00:00:00
seebug
seebug
X.Org xorg-server <= 1.1.1-48.13 Probe for Files Exploit PoC
2008-02-21 00:00:00
X.Org xorg-server <= 1.1.1-48.13 - Probe for Files Exploit PoC
2014-07-01 00:00:00
X.Org X Server MIT-SHM及EVIζ‰©ε±•ζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2008-01-22 00:00:00
packetstorm
packetstorm
xorg-disclose.txt
2008-02-20 00:00:00
checkpoint_advisories
checkpoint_advisories
X.Org X Server PCF Font Parser Buffer Overflow (CVE-2008-0006)
2010-02-25 00:00:00
cert
cert
X.Org PCF font parser buffer overflow
2008-03-19 00:00:00
jvn
jvn
JVN#88935101: X.Org Foundation X server buffer overflow vulnerability
2008-06-10 00:00:00
exploitdb
exploitdb
X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)
2008-02-19 00:00:00

0.54 Medium

EPSS

Percentile

97.3%

JSON
Related for OPENVAS:840328
nessus48fedora4suse1debian3securityvulns6ubuntu2openvas43freebsd1osv1gentoo1oraclelinux4redhat4centos5altlinux2cve6ubuntucve6prion6debiancve6veracode6exploitpack1seebug3packetstorm1checkpoint_advisories1cert1jvn1exploitdb1