Executive Summary

Summary
Title Multiple X11 terminals: Local privilege escalation
Informations
Name GLSA-200805-03 First vendor Publication 2008-05-07
Vendor Gentoo Last vendor Modification 2008-05-07
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

A vulnerability was found in aterm, Eterm, Mrxvt, multi-aterm, RXVT, rxvt-unicode, and wterm, allowing for local privilege escalation.

Background

Aterm, Eterm, Mrxvt, multi-aterm, RXVT, rxvt-unicode, and wterm are X11
terminal emulators.

Description

Bernhard R. Link discovered that Eterm opens a terminal on :0 if the
"-display" option is not specified and the DISPLAY environment variable is not set. Further research by the Gentoo Security Team has shown that aterm, Mrxvt, multi-aterm, RXVT, rxvt-unicode, and wterm are also affected.

Impact

A local attacker could exploit this vulnerability to hijack X11
terminals of other users.

Workaround

There is no known workaround at this time.

Resolution

All aterm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/aterm-1.0.1-r1"

All Eterm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/eterm-0.9.4-r1"

All Mrxvt users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/mrxvt-0.5.3-r2"

All multi-aterm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/multi-aterm-0.2.1-r1"

All RXVT users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/rxvt-2.7.10-r4"

All rxvt-unicode users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/rxvt-unicode-9.02-r1"

All wterm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/wterm-6.2.9-r3"

References

[ 1 ] CVE-2008-1142 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
[ 2 ] CVE-2008-1692 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200805-03.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-200805-03.xml

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 18
Application 2
Application 1
Application 5
Application 9
Application 77
Application 2

OpenVAS Exploits

Date Description
2009-04-09 Name : Mandriva Update for rxvt MDVSA-2008:161 (rxvt)
File : nvt/gb_mandriva_MDVSA_2008_161.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200805-03 (aterm eterm rxvt mrxvt multi-aterm w...
File : nvt/glsa_200805_03.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
43903 Eterm X11 :0 Default Display Local Privilege Escalation
43902 rxvt X11 :0 Default Display Local Privilege Escalation

Nessus® Vulnerability Scanner

Date Description
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_rxvt-unicode-080814.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-161.nasl - Type : ACT_GATHER_INFO
2008-08-24 Name : The remote openSUSE host is missing a security update.
File : suse_rxvt-unicode-5541.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-03.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:35:49
  • Multiple Updates