Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-443
HistoryFeb 19, 2004 - 12:00 a.m.

xfree86 - several vulnerabilities

2004-02-1900:00:00
Google
osv.dev
9

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

A number of vulnerabilities have been discovered in XFree86. The corrections
are listed below with the identification from the Common
Vulnerabilities and Exposures (CVE) project:

Buffer overflow in ReadFontAlias from dirfile.c of
XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to
execute arbitrary code via a font alias file (font.alias) with a long
token, a different vulnerability than CAN-2004-0084.

Buffer overflow in the ReadFontAlias function in XFree86
4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows
local or remote authenticated users to execute arbitrary code via a
malformed entry in the font alias (font.alias) file, a different
vulnerability than CAN-2004-0083.

Miscellaneous additional flaws in XFree86’s handling of
font files.

xdm does not verify whether the pam_setcred function call
succeeds, which may allow attackers to gain root privileges by
triggering error conditions within PAM modules, as demonstrated in
certain configurations of the MIT pam_krb5 module.

Denial-of-service attacks against the X
server by clients using the GLX extension and Direct Rendering
Infrastructure are possible due to unchecked client data (out-of-bounds
array indexes [CAN-2004-0093] and integer signedness errors
[CAN-2004-0094]).

Exploitation of CAN-2004-0083, CAN-2004-0084, CAN-2004-0106,
CAN-2004-0093 and CAN-2004-0094 would require a connection to the X
server. By default, display managers in Debian start the X server
with a configuration which only accepts local connections, but if the
configuration is changed to allow remote connections, or X servers are
started by other means, then these bugs could be exploited remotely.
Since the X server usually runs with root privileges, these bugs could
potentially be exploited to gain root privileges.

No attack vector for CAN-2003-0690 is known at this time.

For the stable distribution (woody) these problems have been fixed in
version 4.1.0-16woody3.

For the unstable distribution (sid) these problems have been fixed in
version 4.3.0-2.

We recommend that you update your xfree86 package.

Related

openvas 16
nessus 17
debian 2
securityvulns 5
redhat 5
ubuntucve 6
cve 6
slackware 1
freebsd 2
suse 7
cert 4
gentoo 2
osv 1
openvas
openvas
Debian Security Advisory DSA 443-1 (xfree86)
2008-01-17 00:00:00
Debian Security Advisory DSA 443-1 (xfree86)
2008-01-17 00:00:00
FreeBSD Ports: XFree86-Server
2008-09-04 00:00:00
nessus
nessus
Debian DSA-443-1 : xfree86 - several vulnerabilities
2004-09-29 00:00:00
RHEL 3 : XFree86 (RHSA-2004:061)
2004-07-06 00:00:00
SuSE-SA:2004:006: xf86/XFree86
2004-07-25 00:00:00
debian
debian
[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities
2004-02-20 06:58:37
[SECURITY] [DSA-388-1] New kdebase packages fix multiple vulnerabilites in KDM
2003-09-20 02:35:51
securityvulns
securityvulns
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow
2004-02-11 00:00:00
redhat
redhat
(RHSA-2004:061) XFree86 security update
2004-02-16 00:00:00
(RHSA-2004:060) XFree86 security update
2004-02-13 00:00:00
(RHSA-2004:152) XFree86 security update
2004-04-21 00:00:00
ubuntucve
ubuntucve
CVE-2004-0083
2004-03-03 00:00:00
CVE-2004-0106
2004-03-03 00:00:00
CVE-2004-0084
2004-03-03 00:00:00
cve
cve
CVE-2004-0083
2004-03-03 05:00:00
CVE-2004-0106
2004-03-03 05:00:00
CVE-2004-0084
2004-03-03 05:00:00
slackware
slackware
XFree86 security update
2004-02-12 12:19:25
freebsd
freebsd
Buffer overflows in XFree86 servers
2004-02-10 00:00:00
linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-09-27 00:00:00
suse
suse
local privilege escalation in xf86/XFree86
2004-02-23 16:37:48
cache poisoning/denial-of-service in bind8
2003-11-28 14:58:12
remote code execution in hylafax
2003-11-10 14:45:25
cert
cert
XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file
2004-12-07 00:00:00
XFree86 vulnerable to buffer overflow via error in 'ReadFontAlias()' function
2004-12-07 00:00:00
ISC BIND 8 vulnerable to cache poisoning via negative responses
2003-12-01 00:00:00
gentoo
gentoo
XFree86 Font Information File Buffer Overflow
2004-02-11 00:00:00
kdebase: KDM vulnerabilities
2003-11-15 00:00:00
osv
osv
kdebase - several vulnerabilities
2003-09-19 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-443
openvas16nessus17debian2securityvulns5redhat5ubuntucve6cve6slackware1freebsd2suse7cert4gentoo2osv1