(OpenBSD Issues Fix) X ShmPutImage() Integer Overflow Lets Local Users and Remote Authenticated Users View Arbitrary Memory Contents
|
|
SecurityTracker Alert ID: 1020525 |
|
SecurityTracker URL: http://securitytracker.com/id/1020525
|
|
CVE Reference:
CVE-2008-1379
(Links to External Site)
|
Date: Jul 18 2008
|
Impact:
Disclosure of system information, Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): X11R7.3
|
Description:
A vulnerability was reported in the X Window System. A local user or remote authenticated user can view arbitrary memory contents on the target system.
A local user or a remote authenticated user can send specially crafted data to trigger an integer overflow in the processing of ShmPutImage() requests and allow the user to view arbitrary X server memory locations.
The vendor was notified on March 26, 2008.
regenrecht reported this vulnerability via iDefense.
|
Impact:
A local user or remote authenticated user can view arbitrary X server memory contents on the target system.
|
Solution:
OpenBSD has issued the following patches:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/012_xorg2.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/003_xorg.patch
The OpenBSD advisories are available at:
http://www.openbsd.org/errata42.html
http://www.openbsd.org/errata43.html
|
Vendor URL: x.org/ (Links to External Site)
|
Cause:
Access control error, Boundary error
|
Underlying OS:
UNIX (OpenBSD)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 17 Jul 2008 23:42:27 -0400
Subject: OpenBSD
|
http://www.openbsd.org/errata42.html
SECURITY FIX: July 15, 2008 All architectures
Multiple vulnerabilities have been discovered in X.Org.
RENDER Extension heap buffer overflow, RENDER Extension crash, RENDER Extension memory corruption, MIT-SHM arbitrary memory read, RECORD and Security extensions memory corruption. CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-1379, CVE-2008-1377
|
|
