FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xorg -- multiple vulnerabilities

Affected packages
xorg-server < 1.4_4,1
libXfont < 1.3.1_2,1

Details

VuXML ID fe2b6597-c9a4-11dc-8da8-0008a18a9961
Discovery 2008-01-18
Entry 2008-01-23

Matthieu Herrb of X.Org reports:

Several vulnerabilities have been identified in server code of the X window system caused by lack of proper input validation on user controlled data in various parts of the software, causing various kinds of overflows.

Exploiting these overflows will crash the X server or, under certain circumstances allow the execution of arbitray machine code.

When the X server is running with root privileges (which is the case for the Xorg server and for most kdrive based servers), these vulnerabilities can thus also be used to raise privileges.

All these vulnerabilities, to be exploited succesfully, require either an already established connection to a running X server (and normally running X servers are only accepting authenticated connections), or a shell access with a valid user on the machine where the vulnerable server is installed.

References

CVE Name CVE-2007-5760
CVE Name CVE-2007-5958
CVE Name CVE-2007-6427
CVE Name CVE-2007-6428
CVE Name CVE-2007-6429
CVE Name CVE-2008-0006
URL http://lists.freedesktop.org/archives/xorg/2008-January/031918.html
URL http://lists.freedesktop.org/archives/xorg/2008-January/032099.html
URL http://secunia.com/advisories/28532/