Executive Summary

Summary
Title xorg-server security update
Informations
Name DSA-2661 First vendor Publication 2013-04-17
Vendor Debian Last vendor Modification 2013-04-17
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score 2.1 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the Xorg X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug.

When an X server is running but not on front (for example because of a VT switch), a newly plugged input device would still be recognized and handled by the X server, which would actually transmit input events to its clients on the background.

This could allow an attacker to recover some input events not intended for the X clients, including sensitive information.

For the stable distribution (squeeze), this problem has been fixed in version 2:1.7.7-16.

For the testing distribution (wheezy), this problem has been fixed in version 2:1.12.4-6.

For the unstable distribution (sid), this problem has been fixed in version 2:1.12.4-6.

We recommend that you upgrade your xorg-server packages.

Original Source

Url : http://www.debian.org/security/2013/dsa-2661

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17813
 
Oval ID: oval:org.mitre.oval:def:17813
Title: DSA-2661-1 xorg-server - information disclosure
Description: David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the X.Org X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug.
Family: unix Class: patch
Reference(s): DSA-2661-1
CVE-2013-1940
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): xorg-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18285
 
Oval ID: oval:org.mitre.oval:def:18285
Title: USN-1803-1 -- xorg-server, xorg-server-lts-quantal vulnerability
Description: The X server could be made to reveal keystrokes of other users.
Family: unix Class: patch
Reference(s): USN-1803-1
CVE-2013-1940
Version: 5
Platform(s): Ubuntu 12.10
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 10.04
Product(s): xorg-server
xorg-server-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25467
 
Oval ID: oval:org.mitre.oval:def:25467
Title: SUSE-SU-2014:0744-1 -- Security update for xorg-x11-server
Description: This is a SLES 11 SP1 LTSS rollup update for the X.Org Server package. The following security issues have been fixed: * CVE-2013-6424: Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allowed context-dependent attackers to cause a denial of service (crash) via a negative bottom value. * CVE-2013-4396: Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allowed remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. * CVE-2013-1940: X.Org X server did not properly restrict access to input events when adding a new hot-plug device, which might have allowed physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0744-1
CVE-2013-6424
CVE-2013-4396
CVE-2013-1940
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): xorg-x11-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25886
 
Oval ID: oval:org.mitre.oval:def:25886
Title: SUSE-SU-2013:0859-1 -- Security update for Xorg
Description: This update of xorg-x11-server fixes one security issue and two bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0859-1
CVE-2013-1940
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Xorg
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26026
 
Oval ID: oval:org.mitre.oval:def:26026
Title: SUSE-SU-2013:0857-1 -- Security update for xorg-x11-server
Description: In some cases, input events are sent to X servers not currently the VT owner, allowing a user to capture passwords. This update fixes this issue. CVE-2013-1940 has been assigned to this issue. Security Issue reference: * CVE-2013-1940 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940 >
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0857-1
CVE-2013-1940
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 10
Product(s): xorg-x11-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26508
 
Oval ID: oval:org.mitre.oval:def:26508
Title: ELSA-2013-1620 -- xorg-x11-server security and bug fix update (low)
Description: [1.13.0-23] - Fix root window damage reports when Xinerama is active (#919165)
Family: unix Class: patch
Reference(s): ELSA-2013-1620
CVE-2013-1940
Version: 3
Platform(s): Oracle Linux 6
Product(s): xorg-x11-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27049
 
Oval ID: oval:org.mitre.oval:def:27049
Title: RHSA-2013:1620 -- xorg-x11-server security and bug fix update (Low)
Description: X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A flaw was found in the way the X.org X11 server registered new hot plugged devices. If a local user switched to a different session and plugged in a new device, input from that device could become available in the previous session, possibly leading to information disclosure. (CVE-2013-1940) This issue was found by David Airlie and Peter Hutterer of Red Hat. This update also fixes the following bugs: * A previous upstream patch modified the Xephyr X server to be resizeable, however, it did not enable the resize functionality by default. As a consequence, X sandboxes were not resizeable on Red Hat Enterprise Linux 6.4 and later. This update enables the resize functionality by default so that X sandboxes can now be resized as expected. (BZ#915202) * In Red Hat Enterprise Linux 6, the X Security extension (XC-SECURITY) has been disabled and replaced by X Access Control Extension (XACE). However, XACE does not yet include functionality that was previously available in XC-SECURITY. With this update, XC-SECURITY is enabled in the xorg-x11-server spec file on Red Hat Enterprise Linux 6. (BZ#957298) * Upstream code changes to extension initialization accidentally disabled the GLX extension in Xvfb (the X virtual frame buffer), rendering headless 3D applications not functional. An upstream patch to this problem has been backported so the GLX extension is enabled again, and applications relying on this extension work as expected. (BZ#969538) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family: unix Class: patch
Reference(s): RHSA-2013:1620
CESA-2013:1620
CVE-2013-1940
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): xorg-x11-server
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4
Os 4

Nessus® Vulnerability Scanner

Date Description
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-0857-1.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1620.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-411.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201405-07.nasl - Type : ACT_GATHER_INFO
2013-12-14 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-260.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1620.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1620.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-5967.nasl - Type : ACT_GATHER_INFO
2013-06-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_xorg-x11-Xvnc-130524.nasl - Type : ACT_GATHER_INFO
2013-06-05 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xorg-x11-server-8561.nasl - Type : ACT_GATHER_INFO
2013-04-30 Name : The remote Fedora host is missing a security update.
File : fedora_2013-5883.nasl - Type : ACT_GATHER_INFO
2013-04-22 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-109-01.nasl - Type : ACT_GATHER_INFO
2013-04-22 Name : The remote Fedora host is missing a security update.
File : fedora_2013-5928.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2661.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1803-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-02-17 11:31:47
  • Multiple Updates
2013-05-16 17:04:30
  • Multiple Updates
2013-05-14 13:21:17
  • Multiple Updates
2013-04-18 00:18:23
  • First insertion