Vous êtes ici: index » cert » avis

Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés

Date : Thu, 10 May 2007 09:29:43 +0200
Type : VULN
Sujet : CERT-Renater : 2007/VULN240 (Gentoo: LibXfont, TightVNC Multiple vulnerabilities)
====================================================================                                     CERT-Renater

                          Note d'Information No. 2007/VULN240
_____________________________________________________________________

DATE                      : 10/05/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running LibXfont, TightVNC.

======================================================================

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200705-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                             http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

   Severity: High
      Title: LibXfont, TightVNC: Multiple vulnerabilities
       Date: May 08, 2007
       Bugs: #172575, #174200
         ID: 200705-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been reported in libXfont and TightVNC,
allowing for the execution of arbitrary code with root privileges.

Background
==========

LibXfont is the X.Org font library. TightVNC is a VNC client/server for
X displays.

Affected packages
=================

     -------------------------------------------------------------------
      Package            /  Vulnerable  /                    Unaffected
     -------------------------------------------------------------------
   1  net-misc/tightvnc     < 1.2.9-r4                      >= 1.2.9-r4
   2  x11-libs/libXfont     < 1.2.7-r1                      >= 1.2.7-r1
     -------------------------------------------------------------------
      2 affected packages on all of their supported architectures.
     -------------------------------------------------------------------

Description
===========

The libXfont code is prone to several integer overflows, in functions
ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable().
TightVNC contains a local copy of this code and is also affected.

Impact
======

A local attacker could use a specially crafted BDF Font to gain root
privileges on the vulnerable host.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libXfont users should upgrade to the latest version:

     # emerge --sync
     # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.7-r1"

All TightVNC users should upgrade to the latest version:

     # emerge --sync
     # emerge --ask --oneshot --verbose ">=net-misc/tightvnc-1.2.9-r4"

References
==========

   [ 1 ] CVE-2007-1003
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003
   [ 2 ] CVE-2007-1351
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
   [ 3 ] CVE-2007-1352
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

   http://security.gentoo.org/glsa/glsa-200705-10.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security at gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

======================================================================

            =========================================================
            Les serveurs de référence du CERT-Renater
            http://www.urec.fr/securite
            http://www.cru.fr/securite
            http://www.renater.fr
            =========================================================
            + CERT-RENATER          | tel : 01-53-94-20-44          +
            + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
            + 75013 Paris           | email: certsvp@renater.fr     +
            =========================================================