Executive Summary
Summary | |
---|---|
Title | Updated xfs package prevents arbitrary code execution vulnerabilities |
Informations | |||
---|---|---|---|
Name | MDKSA-2007:210 | First vendor Publication | 2007-11-06 |
Vendor | Mandriva | Last vendor Modification | 2007-11-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. (CVE-2007-4568) The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. (CVE-2007-4990) Updated package fixes these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:210 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18113 | |||
Oval ID: | oval:org.mitre.oval:def:18113 | ||
Title: | DSA-1385-1 xfs | ||
Description: | Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1385-1 CVE-2007-4568 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xfs |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.2 Update / Mac OS X Security Update 2008-001 File : nvt/macosx_upd_10_5_2_secupd_2008-001.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-05-05 | Name : HP-UX Update for X Font Server (xfs) Software HPSBUX02303 File : nvt/gb_hp_ux_HPSBUX02303.nasl |
2009-04-09 | Name : Mandriva Update for xfs MDKSA-2007:210 (xfs) File : nvt/gb_mandriva_MDKSA_2007_210.nasl |
2009-03-06 | Name : RedHat Update for XFree86 RHSA-2008:0029-01 File : nvt/gb_RHSA-2008_0029-01_XFree86.nasl |
2009-03-06 | Name : RedHat Update for xorg-x11 RHSA-2008:0030-01 File : nvt/gb_RHSA-2008_0030-01_xorg-x11.nasl |
2009-02-27 | Name : CentOS Update for XFree86 CESA-2008:0029-01 centos2 i386 File : nvt/gb_CESA-2008_0029-01_XFree86_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for XFree86-100dpi-fonts CESA-2008:0029 centos3 i386 File : nvt/gb_CESA-2008_0029_XFree86-100dpi-fonts_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for XFree86-100dpi-fonts CESA-2008:0029 centos3 x86_64 File : nvt/gb_CESA-2008_0029_XFree86-100dpi-fonts_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for xorg-x11 CESA-2008:0030 centos4 i386 File : nvt/gb_CESA-2008_0030_xorg-x11_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for xorg-x11 CESA-2008:0030 centos4 x86_64 File : nvt/gb_CESA-2008_0030_xorg-x11_centos4_x86_64.nasl |
2009-02-27 | Name : Fedora Update for xorg-x11-xfs FEDORA-2007-4263 File : nvt/gb_fedora_2007_4263_xorg-x11-xfs_fc7.nasl |
2009-01-28 | Name : SuSE Update for XOrg SUSE-SA:2007:054 File : nvt/gb_suse_2007_054.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200710-11 (xfs) File : nvt/glsa_200710_11.nasl |
2008-09-04 | Name : FreeBSD Ports: xfs File : nvt/freebsd_xfs.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37722 | X.Org X Font Server (xfs) swap_char2b Function Arbitrary Code Execution |
37721 | X.Org X Font Server (xfs) build_range Function Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow... RuleID : 15382 - Revision : 10 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0030.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0029.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080118_XFree86_on_SL3.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080117_xorg_x11_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0030.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-001.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_2.nasl - Type : ACT_GATHER_INFO |
2008-01-22 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_37226.nasl - Type : ACT_GATHER_INFO |
2008-01-22 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_37225.nasl - Type : ACT_GATHER_INFO |
2008-01-22 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_37224.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0029.nasl - Type : ACT_GATHER_INFO |
2008-01-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0029.nasl - Type : ACT_GATHER_INFO |
2008-01-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0030.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xorg-x11-4485.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4263.nasl - Type : ACT_GATHER_INFO |
2007-11-07 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-210.nasl - Type : ACT_GATHER_INFO |
2007-10-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200710-11.nasl - Type : ACT_GATHER_INFO |
2007-10-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1385.nasl - Type : ACT_GATHER_INFO |
2007-10-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a5f667db759611dc8b7a0019b944b34e.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:59 |
|