Executive Summary

Informations
Name CVE-2011-4029 First vendor Publication 2012-07-03
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 1.9 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:20337
 
Oval ID: oval:org.mitre.oval:def:20337
Title: USN-1232-2 -- xorg-server regression
Description: USN-1232-1 caused a regression with GLX support.
Family: unix Class: patch
Reference(s): USN-1232-2
CVE-2010-4818
CVE-2010-4819
CVE-2011-4028
CVE-2011-4029
 Version: 5
Platform(s): Ubuntu 10.04
 Product(s): xorg-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20825
 
Oval ID: oval:org.mitre.oval:def:20825
Title: USN-1232-1 -- xorg-server vulnerabilities
Description: The X server could be made to crash, run programs as an administrator, or read arbitrary files.
Family: unix Class: patch
Reference(s): USN-1232-1
CVE-2010-4818
CVE-2010-4819
CVE-2011-4028
CVE-2011-4029
 Version: 5
Platform(s): Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.10
Ubuntu 10.04
 Product(s): xorg-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21169
 
Oval ID: oval:org.mitre.oval:def:21169
Title: RHSA-2012:0939: xorg-x11-server security and bug fix update (Low)
Description: The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
Family: unix Class: patch
Reference(s): RHSA-2012:0939-04
CESA-2012:0939
CVE-2011-4028
CVE-2011-4029
 Version: 29
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): xorg-x11-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21211
 
Oval ID: oval:org.mitre.oval:def:21211
Title: USN-1232-3 -- xorg-server vulnerability
Description: The X server could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-1232-3
CVE-2010-4818
CVE-2010-4819
CVE-2011-4028
CVE-2011-4029
 Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 10.04
 Product(s): xorg-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23899
 
Oval ID: oval:org.mitre.oval:def:23899
Title: ELSA-2012:0939: xorg-x11-server security and bug fix update (Low)
Description: The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
Family: unix Class: patch
Reference(s): ELSA-2012:0939-04
CVE-2011-4028
CVE-2011-4029
 Version: 13
Platform(s): Oracle Linux 6
 Product(s): xorg-x11-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26909
 
Oval ID: oval:org.mitre.oval:def:26909
Title: DEPRECATED: ELSA-2012-0939 -- xorg-x11-server security and bug fix update (low)
Description: [1.10.6-1] - xserver 1.10.6 - Use git-style patch names - compsize.h, glxcmds.h: Copy from upstream git since they fell out of the upstream tarball [1.10.4-15] - Undo regression introduced in Patch8007 (#732467) [1.10.4-14] - xserver-1.10.4-sync-revert.patch: Revert an edge-case change in IDLETIME that appears to be more wrong than right. (#748704) [1.10.4-13] - xserver-1.10.4-randr-corner-case.patch: Fix a corner case in initial mode selection. (#657580) - xserver-1.10.4-vbe-no-cache-ddc-support.patch: Only interpret complete non-support for DDC extension as 'DDC unavailable'. (#657580) [1.10.4-11] - xserver-1.10.4-dix-when-rescaling-from-master-rescale-from-desktop-.patch: fix rescaling from master to slave if the pointer (#732467) [1.10.4-10] - Add patches to change the screen crossing behaviour for multiple ScreenRecs (#732467) - remove the xorg.conf.man page from our .gitignore - we need to patch it now and its part of the upstream distribution [1.10.4-9] - xserver-1.10.4-no-24bpp-xaa-composite.patch: Disable Composite at 24bpp in XAA (#651934) [1.10.4-8] - xserver-1.10.4-fb-picture-crash.patch: Fix crash on invalid pictures (#722680) [1.10.4-7] - fix xephyr rendering when using two screens (#757792)
Family: unix Class: patch
Reference(s): ELSA-2012-0939
CVE-2011-4028
CVE-2011-4029
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): xorg-x11-server
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

ExploitDB Exploits

id Description
2011-10-28 Xorg 1.4 to 1.11.2 File Permission Change PoC

OpenVAS Exploits

Date Description
2012-08-02 Name : SuSE Update for xorg-x11-server openSUSE-SU-2012:0227-1 (xorg-x11-server)
File : nvt/gb_suse_2012_0227_1.nasl
2012-07-30 Name : CentOS Update for xorg-x11-server-common CESA-2012:0939 centos6
File : nvt/gb_CESA-2012_0939_xorg-x11-server-common_centos6.nasl
2012-06-22 Name : RedHat Update for xorg-x11-server RHSA-2012:0939-04
File : nvt/gb_RHSA-2012_0939-04_xorg-x11-server.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-19 (xorg-server)
File : nvt/glsa_201110_19.nasl
2011-10-21 Name : Ubuntu Update for xorg-server USN-1232-1
File : nvt/gb_ubuntu_USN_1232_1.nasl
2011-10-21 Name : Ubuntu Update for xorg-server USN-1232-2
File : nvt/gb_ubuntu_USN_1232_2.nasl
2011-10-21 Name : Ubuntu Update for xorg-server USN-1232-3
File : nvt/gb_ubuntu_USN_1232_3.nasl
0000-00-00 Name : FreeBSD Ports: xorg-server
File : nvt/freebsd_xorg-server2.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
76669 X.Org xserver os/utils.c LockServer() Function Race Condition Symlink Arbitra...

Nessus® Vulnerability Scanner

Date Description
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_xorg_20120417.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_xorg-x11-Xvnc-111201.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-104.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0939.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xorg-x11-server-dmx-120410.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xorg-x11-server-rdp-120410.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120620_xorg_x11_server_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0939.nasl - Type : ACT_GATHER_INFO
2012-06-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0939.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_xorg-x11-Xvnc-111124.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-19.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1232-3.nasl - Type : ACT_GATHER_INFO
2011-10-20 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1232-2.nasl - Type : ACT_GATHER_INFO
2011-10-19 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_8441957cf9b411e0a78abcaec565249c.nasl - Type : ACT_GATHER_INFO
2011-10-19 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1232-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0a...
http://lists.freedesktop.org/archives/xorg/2011-October/053680.html
http://rhn.redhat.com/errata/RHSA-2012-0939.html
http://secunia.com/advisories/46460
http://secunia.com/advisories/49579
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
Date Informations
2024-11-28 23:01:14
  • Multiple Updates
2024-11-28 12:27:35
  • Multiple Updates
2021-05-05 01:09:26
  • Multiple Updates
2021-05-04 12:17:45
  • Multiple Updates
2021-04-22 01:21:03
  • Multiple Updates
2020-09-23 01:07:03
  • Multiple Updates
2020-09-03 01:07:17
  • Multiple Updates
2020-05-23 01:47:25
  • Multiple Updates
2020-05-23 00:32:05
  • Multiple Updates
2016-04-26 21:11:39
  • Multiple Updates
2015-01-21 13:25:00
  • Multiple Updates
2014-06-14 13:31:53
  • Multiple Updates
2014-02-17 11:05:52
  • Multiple Updates
2013-05-10 23:09:58
  • Multiple Updates