Nessus Plugin #17317
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[GLSA-200503-15] X.org: libXpm vulnerability
- Family:
- Gentoo Local Security Checks
- Category:
- infos
- Copyright:
- (C) 2005 Michel Arboi
- Summary:
- X.org: libXpm vulnerability
- Version:
- $Revision: 1.1 $
- Cve_id:
- CAN-2005-0605
- Bugtraq_id:
- -
- Xrefs:
- GLSA:200503-15
- Description:
- The remote host is affected by the vulnerability described in GLSA-200503-15
(X.org: libXpm vulnerability)
Chris Gilbert has discovered potentially exploitable buffer overflow
cases in libXpm that weren't fixed in previous libXpm versions.
Impact
A carefully-crafted XPM file could crash X.org, potentially allowing
the execution of arbitrary code with the privileges of the user running
the application.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
https://bugs.freedesktop.org/show_bug.cgi?id=1920
Solution:
All X.org users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose x11-base/xorg-x11
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.