Mandrake Linux Security Advisory : xfs (MDKSA-2007:210)

high Nessus Plugin ID 27817

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. (CVE-2007-4568)

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. (CVE-2007-4990)

Updated package fixes these issues.

Solution

Update the affected xfs package.

Plugin Details

Severity: High

ID: 27817

File Name: mandrake_MDKSA-2007-210.nasl

Version: 1.19

Type: local

Published: 11/7/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:xfs, cpe:/o:mandriva:linux:2007, cpe:/o:mandriva:linux:2007.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/6/2007

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2007-4568, CVE-2007-4990

CWE: 119, 189

MDKSA: 2007:210