Auditorías de Seguridad de Red / Evaluación de vulnerabilidades de SecuritySpace

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: xorg-x11-server security update
Advisory ID:       RHSA-2007:0127-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0127.html
Issue date:        2007-04-03
Updated on:        2007-04-03
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-1003
- ---------------------------------------------------------------------

1. Summary:

Updated X.org X11 server packages that fix a security issue are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

iDefense reported an integer overflow flaw in the X.org X11 server XC-MISC
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or potentially execute arbitrary code with root
privileges on the X.org server. (CVE-2007-1003)

Users of the X.org X11 server should upgrade to these updated packages,
which contain a backported patch and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network.  Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

233001 - CVE-2007-1003 xserver XC-MISC integer overflow

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xorg-x11-server-1.1.1-48.13.0.1.el5.src.rpm
f165c646ef24bdf7aea35dcd02f3994e  xorg-x11-server-1.1.1-48.13.0.1.el5.src.rpm

i386:
4ac82a4321e40c6e2315d91f273f03f6  xorg-x11-server-Xdmx-1.1.1-48.13.0.1.el5.i386.rpm
15552fa4e7a6a1a1de0fc3f0e292ff9d  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.i386.rpm
6904668064a54569c0069ef84525244c  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.i386.rpm
35be18e2b2e480afcc7ef6ed783ccc51  xorg-x11-server-Xorg-1.1.1-48.13.0.1.el5.i386.rpm
a03d6baf97916deb19a038f44bbdc617  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.i386.rpm
2fe5571817c5799ab1434c3f640dc4f0  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.i386.rpm

x86_64:
3c3cabed8f92625968704ff192793fc4  xorg-x11-server-Xdmx-1.1.1-48.13.0.1.el5.x86_64.rpm
3d515fe01f61e31b6cd86bc20d4f1c05  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.x86_64.rpm
7160f1f23ea3690f716e29e0e8c61e6e  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.x86_64.rpm
278835bdc3120b247360205c30a1d6b5  xorg-x11-server-Xorg-1.1.1-48.13.0.1.el5.x86_64.rpm
cab10df3473d826cd1aa6ad4af7dcdc1  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.x86_64.rpm
300eca05c6e3ea81fa654695add71700  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xorg-x11-server-1.1.1-48.13.0.1.el5.src.rpm
f165c646ef24bdf7aea35dcd02f3994e  xorg-x11-server-1.1.1-48.13.0.1.el5.src.rpm

i386:
2fe5571817c5799ab1434c3f640dc4f0  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.i386.rpm
4b0fcea97774ed878cf8ec3d8229918e  xorg-x11-server-sdk-1.1.1-48.13.0.1.el5.i386.rpm

x86_64:
300eca05c6e3ea81fa654695add71700  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.x86_64.rpm
45552f0cfc32826ec7f15ef2fe85ebce  xorg-x11-server-sdk-1.1.1-48.13.0.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.13.0.1.el5.src.rpm
f165c646ef24bdf7aea35dcd02f3994e  xorg-x11-server-1.1.1-48.13.0.1.el5.src.rpm

i386:
4ac82a4321e40c6e2315d91f273f03f6  xorg-x11-server-Xdmx-1.1.1-48.13.0.1.el5.i386.rpm
15552fa4e7a6a1a1de0fc3f0e292ff9d  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.i386.rpm
6904668064a54569c0069ef84525244c  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.i386.rpm
35be18e2b2e480afcc7ef6ed783ccc51  xorg-x11-server-Xorg-1.1.1-48.13.0.1.el5.i386.rpm
a03d6baf97916deb19a038f44bbdc617  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.i386.rpm
2fe5571817c5799ab1434c3f640dc4f0  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.i386.rpm
4b0fcea97774ed878cf8ec3d8229918e  xorg-x11-server-sdk-1.1.1-48.13.0.1.el5.i386.rpm

ia64:
1382c0813050cf03d7e08823c152d09b  xorg-x11-server-Xdmx-1.1.1-48.13.0.1.el5.ia64.rpm
a4ced5410990effdde9931dda62693ad  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.ia64.rpm
1cb88ddefe5120343b601637159a582f  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.ia64.rpm
f3b6ab243b698987ae3f52c3df9694e0  xorg-x11-server-Xorg-1.1.1-48.13.0.1.el5.ia64.rpm
693e49f05f08f625414fbb4f0e2a43ef  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.ia64.rpm
d9cb5b8937cda60d6a4e52801ffc7600  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.ia64.rpm
de9422348f37dddbed72d0ba099784f9  xorg-x11-server-sdk-1.1.1-48.13.0.1.el5.ia64.rpm

ppc:
e9a5bd06364e558805adef522547da38  xorg-x11-server-Xdmx-1.1.1-48.13.0.1.el5.ppc.rpm
c9c28a3edbdb88e17e9f315c5ebe6a0b  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.ppc.rpm
8ba30d162413630541a3e86f2e955acc  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.ppc.rpm
12407cf8ef84e30858e881d4ee956493  xorg-x11-server-Xorg-1.1.1-48.13.0.1.el5.ppc.rpm
0ab6c48bb411139f4941b9976e5928c3  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.ppc.rpm
9c069ebb2910b2ee6528e3a9fb7d7778  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.ppc.rpm
f24e4514ce2d6837954b99f6f5ce78a9  xorg-x11-server-sdk-1.1.1-48.13.0.1.el5.ppc.rpm

s390x:
2d0ebaf16c3d4e111c24bdcefd3dd775  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.s390x.rpm
3aa5a53b66c679b6e65962cef215d479  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.s390x.rpm
49b504e4c01dad2303babbe272dc99b7  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.s390x.rpm
11e1f0d8afd7b7e502a75251395ebd07  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.s390x.rpm

x86_64:
3c3cabed8f92625968704ff192793fc4  xorg-x11-server-Xdmx-1.1.1-48.13.0.1.el5.x86_64.rpm
3d515fe01f61e31b6cd86bc20d4f1c05  xorg-x11-server-Xephyr-1.1.1-48.13.0.1.el5.x86_64.rpm
7160f1f23ea3690f716e29e0e8c61e6e  xorg-x11-server-Xnest-1.1.1-48.13.0.1.el5.x86_64.rpm
278835bdc3120b247360205c30a1d6b5  xorg-x11-server-Xorg-1.1.1-48.13.0.1.el5.x86_64.rpm
cab10df3473d826cd1aa6ad4af7dcdc1  xorg-x11-server-Xvfb-1.1.1-48.13.0.1.el5.x86_64.rpm
300eca05c6e3ea81fa654695add71700  xorg-x11-server-debuginfo-1.1.1-48.13.0.1.el5.x86_64.rpm
45552f0cfc32826ec7f15ef2fe85ebce  xorg-x11-server-sdk-1.1.1-48.13.0.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGEqhLXlSAg2UNWIIRAu6QAJ9BrqC37UChlWXzT8ex4VQec8kxlQCZAamo
q+umL6gq8Kl5skzZe/4VqnY=
=4AD9
-----END PGP SIGNATURE-----