LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: XFree86 libXpm overflow vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Mandrake Chris Evans found several stack and integer overflows in the libXpm code of X.Org/XFree86.

_______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           XFree86
 Advisory ID:            MDKSA-2004:099
 Date:                   September 15th, 2004

 Affected versions:      10.0, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Chris Evans found several stack and integer overflows in the libXpm code
 of X.Org/XFree86:

 Stack overflows (CAN-2004-0687):

 Careless use of strcat() in both the XPMv1 and XPMv2/3 xpmParseColors code
 leads to a stack based overflow (parse.c).

 Stack overflow reading pixel values in ParseAndPutPixels (create.c) as
 well as ParsePixels (parse.c).

 Integer Overflows (CAN-2004-0688):

 Integer overflow allocating colorTable in xpmParseColors (parse.c) -
 probably a crashable but not exploitable offence.

 The updated packages have patches from Chris Evans and Matthieu Herrb
 to address these vulnerabilities.
 _______________________________________________________________________

 References:

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
 ______________________________________________________________________

 Updated Packages:

 Mandrakelinux 10.0:
 9d1e991a5dbfc681a5c87fd79b561296  10.0/RPMS/libxfree86-4.3-32.2.100mdk.i586.rpm
 5b767743ea9fea956ba9dc083bc10c25  10.0/RPMS/libxfree86-devel-4.3-32.2.100mdk.i586.rpm
 c658bbabc5e4e0ec5922c3953a87b3ad  10.0/RPMS/libxfree86-static-devel-4.3-32.2.100mdk.i586.rpm
 cd19a71edc31e8db8f3e18f79f05089c  10.0/RPMS/XFree86-100dpi-fonts-4.3-32.2.100mdk.i586.rpm
 48e02a5d891f5eced5ce66e59cf1eb92  10.0/RPMS/XFree86-4.3-32.2.100mdk.i586.rpm
 7e8d4c0d5d2c06c349d979f878d06904  10.0/RPMS/XFree86-75dpi-fonts-4.3-32.2.100mdk.i586.rpm
 e5943ade51bbb53aa4988e51d7f55e21  10.0/RPMS/XFree86-cyrillic-fonts-4.3-32.2.100mdk.i586.rpm
 73b4c3cca0af8beeed2dc8ea2af9328d  10.0/RPMS/XFree86-doc-4.3-32.2.100mdk.i586.rpm
 8abff89792decf4563d20e3298def8f5  10.0/RPMS/XFree86-glide-module-4.3-32.2.100mdk.i586.rpm
 3ea82bc33e519546877a39a733c9c417  10.0/RPMS/XFree86-server-4.3-32.2.100mdk.i586.rpm
 3a5aa6b83350355d2487da6c289fbd08  10.0/RPMS/XFree86-xfs-4.3-32.2.100mdk.i586.rpm
 c39d5eb61d33fe7a95f4d87a4acb25dd  10.0/RPMS/XFree86-Xnest-4.3-32.2.100mdk.i586.rpm
 fcf0d59a1c31ae4b719eccc11b13e9dd  10.0/RPMS/XFree86-Xvfb-4.3-32.2.100mdk.i586.rpm
 541b2b34e491e0d9c2b115a41544de79  10.0/SRPMS/XFree86-4.3-32.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 541b2b34e491e0d9c2b115a41544de79  amd64/10.0/SRPMS/XFree86-4.3-32.2.100mdk.src.rpm
 cd6132b03458466a2562c3a30b168502  amd64/10.0/RPMS/XFree86-4.3-32.2.100mdk.amd64.rpm
 a5ba7f7dc4e7a2edb0f6ec096e5a6759  amd64/10.0/RPMS/lib64xfree86-4.3-32.2.100mdk.amd64.rpm
 c5a57adf7640982f3808c5db00338b88  amd64/10.0/RPMS/lib64xfree86-devel-4.3-32.2.100mdk.amd64.rpm
 e4050b67d3450e6f429cd6dd59b11669  amd64/10.0/RPMS/lib64xfree86-static-devel-4.3-32.2.100mdk.amd64.rpm
 08db9659e9b8333a3c5a32b90548c688  amd64/10.0/RPMS/XFree86-100dpi-fonts-4.3-32.2.100mdk.amd64.rpm
 ddf14101db0b5acbf124c61a2279b54f  amd64/10.0/RPMS/XFree86-75dpi-fonts-4.3-32.2.100mdk.amd64.rpm
 22546ddc6d53b46103949a846148c5a2  amd64/10.0/RPMS/XFree86-cyrillic-fonts-4.3-32.2.100mdk.amd64.rpm
 1ceb7bab20d5d86eb5bf1dd46e4d5022  amd64/10.0/RPMS/XFree86-doc-4.3-32.2.100mdk.amd64.rpm
 e5ecd7a77dd8114f2b01dc1829d82b88  amd64/10.0/RPMS/XFree86-server-4.3-32.2.100mdk.amd64.rpm
 dcd5c36b070a69b7bab557bebe4308a9  amd64/10.0/RPMS/XFree86-xfs-4.3-32.2.100mdk.amd64.rpm
 02554ec8f462a953290b29376e8da9e2  amd64/10.0/RPMS/XFree86-Xnest-4.3-32.2.100mdk.amd64.rpm
 59ea3335b10ee14f9d0ea5f032c431f1  amd64/10.0/RPMS/XFree86-Xvfb-4.3-32.2.100mdk.amd64.rpm

 Corporate Server 2.1:
 e901f65d94c28271b5be9719bcaa530c  corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.10.C21mdk.i586.rpm
 e2a80f62dd03b6c797b4f0685dac1eb8  corporate/2.1/RPMS/XFree86-4.2.1-6.10.C21mdk.i586.rpm
 571c788226230893eb27e4b319d42825  corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.10.C21mdk.i586.rpm
 be85eb20f3837a76d888e92005b060d1  corporate/2.1/RPMS/XFree86-devel-4.2.1-6.10.C21mdk.i586.rpm
 2a51ed329cca3879f8ac1328296538de  corporate/2.1/RPMS/XFree86-libs-4.2.1-6.10.C21mdk.i586.rpm
 ec5088dbe7e9c8be7eca4a55c8bcf018  corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.10.C21mdk.i586.rpm
 6ecc6e0db8325b2b7f2e257a5f9baba3  corporate/2.1/RPMS/XFree86-doc-4.2.1-6.10.C21mdk.i586.rpm
 0fae2859fa0695ac0fd59af01a7a4975  corporate/2.1/RPMS/XFree86-server-4.2.1-6.10.C21mdk.i586.rpm
 044b2a9c5d8bae6ed2013035b2a19f53  corporate/2.1/RPMS/XFree86-glide-module-4.2.1-6.10.C21mdk.i586.rpm
 7d54ae278a123aee0e5480498f06b18e  corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.10.C21mdk.i586.rpm
 2fddac60e1c86c090e67793d657f09b0  corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.10.C21mdk.i586.rpm
 4a1096b9dbfdf3e2d98f5de321142bef  corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.10.C21mdk.i586.rpm
 cc7253cdac6b100cfea47db75b53296e  corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.10.C21mdk.i586.rpm
 19b7b5aee7498c1435228b907ef07e1f  corporate/2.1/SRPMS/XFree86-4.2.1-6.10.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 75126a161c6dedbb937b4c28de45e20c  x86_64/corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.10.C21mdk.x86_64.rpm
 95cd8c0e294e5a0655a1722bbb25cd71  x86_64/corporate/2.1/RPMS/XFree86-devel-4.2.1-6.10.C21mdk.x86_64.rpm
 553c5ec3dd448f6a32b1198835c65e14  x86_64/corporate/2.1/RPMS/XFree86-doc-4.2.1-6.10.C21mdk.x86_64.rpm
 e91ccaa84852b400bc110a7a3bc84b24  x86_64/corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.10.C21mdk.x86_64.rpm
 de7cbc373a397f010f64fe9aaea3e7d3  x86_64/corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.10.C21mdk.x86_64.rpm
 1b1f3599513d2c89574334d5abec5ad6  x86_64/corporate/2.1/RPMS/XFree86-4.2.1-6.10.C21mdk.x86_64.rpm
 4f35485ddf62ec642794ba055e20ad2e  x86_64/corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.10.C21mdk.x86_64.rpm
 fa490c6542356985b29479862a37e14f  x86_64/corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.10.C21mdk.x86_64.rpm
 b60c8ed666900e0d5e44ede1be911e0a  x86_64/corporate/2.1/RPMS/XFree86-libs-4.2.1-6.10.C21mdk.x86_64.rpm
 ffdce4cde212e7dc3d6d3f9adca260e2  x86_64/corporate/2.1/RPMS/XFree86-server-4.2.1-6.10.C21mdk.x86_64.rpm
 7600253361f2117ab96b2566118df7e0  x86_64/corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.10.C21mdk.x86_64.rpm
 bacae02d0b5e390f9de780f9595f387b  x86_64/corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.10.C21mdk.x86_64.rpm
 19b7b5aee7498c1435228b907ef07e1f  x86_64/corporate/2.1/SRPMS/XFree86-4.2.1-6.10.C21mdk.src.rpm

 Mandrakelinux 9.2:
 4e0e127b08d5c09c28d6cc0b7511237f  9.2/RPMS/libxfree86-4.3-24.5.92mdk.i586.rpm
 aa610b35928b997da0dd04f779baa00a  9.2/RPMS/libxfree86-devel-4.3-24.5.92mdk.i586.rpm
 c15f9b375f7f2f951eced437c6fc4450  9.2/RPMS/XFree86-100dpi-fonts-4.3-24.5.92mdk.i586.rpm
 ce94240859b48fe3ee551066e153016f  9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.5.92mdk.i586.rpm
 4a4d6f1030b15c93edf87260725155a7  9.2/RPMS/XFree86-xfs-4.3-24.5.92mdk.i586.rpm
 b67a24abf69d45d9fcd5ba65b83bd793  9.2/RPMS/libxfree86-static-devel-4.3-24.5.92mdk.i586.rpm
 a5be699ad2b5097253314c2ee25b1557  9.2/RPMS/XFree86-75dpi-fonts-4.3-24.5.92mdk.i586.rpm
 ac6ae823cb9981af067ae7d53db93e50  9.2/RPMS/XFree86-glide-module-4.3-24.5.92mdk.i586.rpm
 1663c6d77b048451d11c614630f3c920  9.2/RPMS/XFree86-4.3-24.5.92mdk.i586.rpm
 9908c0df16c2faf76d2037517eb7af0c  9.2/RPMS/XFree86-doc-4.3-24.5.92mdk.i586.rpm
 8e267dbed6a6415a034202c756dc0887  9.2/RPMS/XFree86-server-4.3-24.5.92mdk.i586.rpm
 30f0b05257278ff6f5b7ade1d5984fb5  9.2/RPMS/XFree86-Xnest-4.3-24.5.92mdk.i586.rpm
 06236e20e91dd247e7d5458dc10773ca  9.2/RPMS/XFree86-Xvfb-4.3-24.5.92mdk.i586.rpm
 eed1932ba7d07b3f7a3e93f6fc101e22  9.2/SRPMS/XFree86-4.3-24.5.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 4a1cf11b06553f00492f6080976dbf71  amd64/9.2/RPMS/lib64xfree86-devel-4.3-24.5.92mdk.amd64.rpm
 5a5a3704b1cbc3765264ca9c402f87f4  amd64/9.2/RPMS/XFree86-4.3-24.5.92mdk.amd64.rpm
 50d13b476df1d933c0f579f8ccd546ea  amd64/9.2/RPMS/lib64xfree86-4.3-24.5.92mdk.amd64.rpm
 f3f12bd4da52199c41ac585fcfc0f979  amd64/9.2/RPMS/lib64xfree86-static-devel-4.3-24.5.92mdk.amd64.rpm
 1eb4a6f947e53c796af52e06c84298d3  amd64/9.2/RPMS/XFree86-100dpi-fonts-4.3-24.5.92mdk.amd64.rpm
 dbf3c10a52bf88036be7310f32f28e8c  amd64/9.2/RPMS/XFree86-75dpi-fonts-4.3-24.5.92mdk.amd64.rpm
 37411c4ffe974ef9b0f09b308b4ffd3d  amd64/9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.5.92mdk.amd64.rpm
 5024f50ce4d3e0ca45828c5488477e2a  amd64/9.2/RPMS/XFree86-doc-4.3-24.5.92mdk.amd64.rpm
 434106b2719763a1a7c25d4dec468eb4  amd64/9.2/RPMS/XFree86-server-4.3-24.5.92mdk.amd64.rpm
 bb887cf687422a1f1c99e49493b17dc8  amd64/9.2/RPMS/XFree86-xfs-4.3-24.5.92mdk.amd64.rpm
 0f6aca5dea8d35457082965970c6da4a  amd64/9.2/RPMS/XFree86-Xnest-4.3-24.5.92mdk.amd64.rpm
 5fb4470b9052cc0df15333d240c0350d  amd64/9.2/RPMS/XFree86-Xvfb-4.3-24.5.92mdk.amd64.rpm
 eed1932ba7d07b3f7a3e93f6fc101e22  amd64/9.2/SRPMS/XFree86-4.3-24.5.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

   http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System
NIST to hypervisor admins: secure your systems
Quick PHP patch beats slow research reveal
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.