Immunix alert: XFree86

Posted by dave on Feb 13, 2004 4:10 AM EDT
Mailing list
Mail this story
Print this story

Greg MacManus, of iDEFENSE Labs, reports finding several potentially exploitable buffer overflows in XFree86's font code.



--===============0266994492== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0OAP2g/MAC+5xKAE" Content-Disposition: inline

--0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable

----------------------------------------------------------------------- Immunix Secured OS Security Advisory

Packages updated: XFree86 Affected products: Immunix OS 7.3 Bugs fixed: CAN-2004-0083, CAN-2004-0084, CAN-2004-0106 Date: Thu Feb 12 2004 Advisory ID: IMNX-2004-73-002-01 Author: Seth Arnold -----------------------------------------------------------------------

Description: Greg MacManus, of iDEFENSE Labs, reports finding several potentially exploitable buffer overflows in XFree86's font code. David Dawes provided a patch to fix these, and other, errors. Thanks also to Patrick Volkerding for working with the patch, to allow it to more easily apply to our version of XFree86.

As the overflowed buffers are auto variables and the functions manipulating the buffers are string operations, StackGuard will prevent successful exploitation of this vulnerability to gain new privileges; however, StackGuard will kill any process that attempts to execute exploit code. We recommend all our users upgrade to fixed packages, which will prevent this denial of service attack.

References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0106 http://www.idefense.com/application/poi/display?id=3D72 http://www.idefense.com/application/poi/display?id=3D73

Immunix 7.3 users may use our up2date service to install fixed=20 packages: you may run either "up2date" within X, and follow the directions, or run "up2date -u" to ensure your system is current.

Package names and locations: Precompiled binary packages for Immunix 7.3 are available at: http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-100dpi-fon= ts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-4.2.1-13.7= 3.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-75dpi-font= s-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-ISO8859-15= -100dpi-fonts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-ISO8859-15= -75dpi-fonts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-ISO8859-2-= 100dpi-fonts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-ISO8859-2-= 75dpi-fonts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-ISO8859-9-= 100dpi-fonts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-ISO8859-9-= 75dpi-fonts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-Xnest-4.2.= 1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-Xvfb-4.2.1= -13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-base-fonts= -4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-cyrillic-f= onts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-devel-4.2.= 1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-doc-4.2.1-= 13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-font-utils= -4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-libs-4.2.1= -13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-tools-4.2.= 1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-truetype-f= onts-4.2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-twm-4.2.1-= 13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-xdm-4.2.1-= 13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-xf86cfg-4.= 2.1-13.73.23_imnx_2.i386.rpm http://download.immunix.org/ImmunixOS/7.3/Updates/RPMS/XFree86-xfs-4.2.1-= 13.73.23_imnx_2.i386.rpm

Source packages for Immunix 7.3 are available at: http://download.immunix.org/ImmunixOS/7.3/Updates/SRPMS/XFree86-4.2.1-13.= 73.23_imnx_2.src.rpm

Immunix OS 7.3 md5sums: 4ce0720899ed71eaa9ccf762ed91d63f RPMS/XFree86-100dpi-fonts-4.2.1-13.73.2= 3_imnx_2.i386.rpm fc9454ef6093155b394ffd277ed6e690 RPMS/XFree86-4.2.1-13.73.23_imnx_2.i386= .rpm 8dc075d66836d32d8f2f59441eb352cc RPMS/XFree86-75dpi-fonts-4.2.1-13.73.23= _imnx_2.i386.rpm 255132bacc53054618579bad4174de8b RPMS/XFree86-ISO8859-15-100dpi-fonts-4.= 2.1-13.73.23_imnx_2.i386.rpm ac4aee7f3ac570eeb34df940d0390a7c RPMS/XFree86-ISO8859-15-75dpi-fonts-4.2= .1-13.73.23_imnx_2.i386.rpm 2a00dd0b8478af96a2494b8f861fe8be RPMS/XFree86-ISO8859-2-100dpi-fonts-4.2= .1-13.73.23_imnx_2.i386.rpm fdf21bdffa7a6eb806ae91eaa90ff140 RPMS/XFree86-ISO8859-2-75dpi-fonts-4.2.= 1-13.73.23_imnx_2.i386.rpm 7e9b97c42fa0dbb5c2ada01c9b918aa7 RPMS/XFree86-ISO8859-9-100dpi-fonts-4.2= .1-13.73.23_imnx_2.i386.rpm b99d9129e75999a8f27e048de02fa596 RPMS/XFree86-ISO8859-9-75dpi-fonts-4.2.= 1-13.73.23_imnx_2.i386.rpm 5e39a2f95d8aa763a9147c439f311a39 RPMS/XFree86-Xnest-4.2.1-13.73.23_imnx_= 2.i386.rpm 1f31ac8f8dace2d74a29d11f7



  Nav
» Read more about: Story Type: Security; Groups: Immunix

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.