L'équipe Vigil@nce veille les vulnérabilités publiques qui affectent votre parc informatique, puis propose des correctifs sécurité, une base de données de vigilance et des outils pour y remédier.

Vulnérabilité de X.Org X Server : buffer overflow de l'extension Composite

Synthèse de la vulnérabilité 

Un attaquant local peut élever ses privilèges en provoquant un débordement dans l'extension Composite de X.Org X Server.
Produits vulnérables : Debian, Mandriva Linux, openSUSE, RHEL, XOrg Bundle ~ non exhaustif.
Gravité de cette faille : 2/4.
Date de création : 10/09/2007.
Références de ce bulletin : BID-25606, CERTA-2007-AVI-403, CVE-2007-4730, DSA-1372-1, MDKSA-2007:178, RHSA-2007:0898-01, SUSE-SA:2007:054, VIGILANCE-VUL-7158.

Description de la vulnérabilité 

L'extension Composite du serveur X permet de générer le contenu dans un buffer, puis par exemple d'associer le buffer et l'écran pour obtenir des fenêtres transparentes. Cette extension peut être activée dans la section "Extensions" de xorg.conf :
  Option "Composite" "Enable"

Lorsque le serveur X est démarré en mode 16bpp (bits per pixel), un attaquant local peut employer xcompmgr afin de forcer l'extension à y copier une image bitmap de 32bpp. Un débordement se produit alors.

Un attaquant local peut ainsi provoquer un buffer overflow afin d'obtenir les privilèges root.
Bulletin complet, filtrage par logiciel, emails, correctifs, ... (Demandez votre essai gratuit)

Cette annonce cybersécurité concerne les logiciels ou systèmes comme Debian, Mandriva Linux, openSUSE, RHEL, XOrg Bundle ~ non exhaustif.

Notre équipe Vigil@nce a déterminé que la gravité de cette alerte de menace est moyen.

Le niveau de confiance est de type confirmé par l'éditeur, avec une provenance de shell utilisateur.

Un attaquant avec un niveau de compétence expert peut exploiter cette faille cyber-sécurité.

Solutions pour cette menace 

X.Org X Server : version 1.4.
La version 1.4 est corrigée :
http://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.4.tar.bz2
MD5 (xorg-server-1.4.tar.bz2) = a06d9fe4f9f1d459ae02657f9ce64220
SHA1 (xorg-server-1.4.tar.bz2) = 3aa6327f4def4d33ce2a8d6d7587295db231ab6d
http://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.4.tar.gz
MD5 (xorg-server-1.4.tar.gz) = 58ec1ea74c17d56a4d86243e7fd28fa6
SHA1 (xorg-server-1.4.tar.gz) = 3f556c94949769b7bfda8dd920a710ac0c17b540

Debian : nouveaux paquetages xorg-server.
De nouveaux paquetages sont disponibles :
  AMD64 architecture:
    http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 859102 da077a3b9ee01a66b3de1651d932acaf
    http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 130182 fbf76362c4261ff534cc8c529d323c08
    http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 1472862 696e796f15ca561b6b07256814b13e5f
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 1654590 995dddb3246c71bfb8bae0018cdd836c
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 3902396 1a8798118bead94e4b5572852f137569
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 345012 e1f5e1251d2107812b375c3a13312252
    http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch1_amd64.deb
      Size/MD5 checksum: 1624188 6bf3205815c23651eef568640c3cf5ad
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 807370 f2ad4edec31adf075abe75f10643de7f
    http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 121352 c7a7d4de270399449afea857221b7f91
    http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 1387858 19cf74099c6676b309b724b8414963f9
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 1562444 dd469c7c4890339fa0bb43c9301a310f
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 3653718 6d648db6d7fe48f00f431ee5e86d7c86
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 345064 b1b629661823fb8730f161c731fc15fc
    http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch1_i386.deb
      Size/MD5 checksum: 1537096 4cefefec714244f78a28233bac11e418
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 1305428 f2ece147ad1b907995838bed86cb6577
    http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 161196 c9180372fa91bf36126c1ea0ba7ab4d8
    http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 2220142 3948c693f89b3182dd60f040e2d5abf7
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 2496064 54444a1894c6bc2337b041fe08861bfa
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 5490490 e5bfa8cff919b6648119e344035bde66
    http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 345034 9ff6c816d7e97ed6c5ad0bae1e399c39
    http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch1_ia64.deb
      Size/MD5 checksum: 2447228 6859f398dfc87427937c49327e1100d4

Mandriva : nouveaux paquetages x11-server.
De nouveaux paquetages sont disponibles :
 
 Mandriva Linux 2007.0:
 b7f65f220a7e0d60468de2591480c81f 2007.0/i586/x11-server-1.1.1-12.2mdv2007.0.i586.rpm
 6531fccbefc159f11ab350a5005a2a37 2007.0/i586/x11-server-common-1.1.1-12.2mdv2007.0.i586.rpm
 d226660aa402ad02c1a6409a530315a4 2007.0/i586/x11-server-devel-1.1.1-12.2mdv2007.0.i586.rpm
 1cbd8d452b28b3ef33fb87bd62627472 2007.0/i586/x11-server-xati-1.1.1-12.2mdv2007.0.i586.rpm
 5ae5f6604245486ae6c4fe5718b4708d 2007.0/i586/x11-server-xchips-1.1.1-12.2mdv2007.0.i586.rpm
 f5a5d272c45a70c27b10c01c4d5fedbe 2007.0/i586/x11-server-xdmx-1.1.1-12.2mdv2007.0.i586.rpm
 97b8a31e97ce2560b084b31400f8db19 2007.0/i586/x11-server-xephyr-1.1.1-12.2mdv2007.0.i586.rpm
 08215333e77aedf5295a2a7f3de363a6 2007.0/i586/x11-server-xepson-1.1.1-12.2mdv2007.0.i586.rpm
 251281eb2c8bbc593c64c8431da23264 2007.0/i586/x11-server-xfake-1.1.1-12.2mdv2007.0.i586.rpm
 2da1f5f9b51c5dc6382ddd75c6f21705 2007.0/i586/x11-server-xfbdev-1.1.1-12.2mdv2007.0.i586.rpm
 649c70b4548c0a2c9cff273f6050b49a 2007.0/i586/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.i586.rpm
 d9e4f46fc32a7ef7e0867d0be8c8d5a5 2007.0/i586/x11-server-xi810-1.1.1-12.2mdv2007.0.i586.rpm
 031ae580506097876217fb649112d883 2007.0/i586/x11-server-xmach64-1.1.1-12.2mdv2007.0.i586.rpm
 2239a80521a1b74505bff4b03eae9ade 2007.0/i586/x11-server-xmga-1.1.1-12.2mdv2007.0.i586.rpm
 5c0ba6b312c07e8aa54d220be66dcccb 2007.0/i586/x11-server-xneomagic-1.1.1-12.2mdv2007.0.i586.rpm
 d589cf3b29b764b0155f6fc4ccef7560 2007.0/i586/x11-server-xnest-1.1.1-12.2mdv2007.0.i586.rpm
 4a4d7944f435dccd6e6d14a419451add 2007.0/i586/x11-server-xnvidia-1.1.1-12.2mdv2007.0.i586.rpm
 a4dfc77d69799d1fff4cdd740afe97fc 2007.0/i586/x11-server-xorg-1.1.1-12.2mdv2007.0.i586.rpm
 940ca130c5173a96be8a02d1cca00900 2007.0/i586/x11-server-xpm2-1.1.1-12.2mdv2007.0.i586.rpm
 1a79715f3811769ccd6ebc9024e2c188 2007.0/i586/x11-server-xprt-1.1.1-12.2mdv2007.0.i586.rpm
 763825c0b68ac98ef45d7b17191d5b6f 2007.0/i586/x11-server-xr128-1.1.1-12.2mdv2007.0.i586.rpm
 afcddc9001954e94e25c71802dc3dbb0 2007.0/i586/x11-server-xsdl-1.1.1-12.2mdv2007.0.i586.rpm
 88c03e6cf97ce32a58b867a323b749e0 2007.0/i586/x11-server-xsmi-1.1.1-12.2mdv2007.0.i586.rpm
 f021f41f108226046db77b55c0ac893b 2007.0/i586/x11-server-xvesa-1.1.1-12.2mdv2007.0.i586.rpm
 4095bf9b8b47e31234603e4edacb7116 2007.0/i586/x11-server-xvfb-1.1.1-12.2mdv2007.0.i586.rpm
 503e8cd0668ede239bc78a0f855c5ab9 2007.0/i586/x11-server-xvia-1.1.1-12.2mdv2007.0.i586.rpm
 e65256c48101eb1f0d51f8e246b74f9e 2007.0/SRPMS/x11-server-1.1.1-12.2mdv2007.0.src.rpm
 c94f94783b9a833f9ba84a2c6447360b 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.src.rpm
 Mandriva Linux 2007.0/X86_64:
 0e28499a5c6b439a25d9fabb1a9a4b47 2007.0/x86_64/x11-server-1.1.1-12.2mdv2007.0.x86_64.rpm
 f20c62bbccc71f6c501d25b4ea913a74 2007.0/x86_64/x11-server-common-1.1.1-12.2mdv2007.0.x86_64.rpm
 c96011aa8acbab908139604c05ab23e4 2007.0/x86_64/x11-server-devel-1.1.1-12.2mdv2007.0.x86_64.rpm
 729bc1d5ad879d4c1942899a4df7c59b 2007.0/x86_64/x11-server-xdmx-1.1.1-12.2mdv2007.0.x86_64.rpm
 0d4c1599d50f76b792bbecc904f01567 2007.0/x86_64/x11-server-xephyr-1.1.1-12.2mdv2007.0.x86_64.rpm
 90f0260b44b5fb3bedf77bd2cd0f6ceb 2007.0/x86_64/x11-server-xfake-1.1.1-12.2mdv2007.0.x86_64.rpm
 1db3512f3401934ffd82a12e74d3a3bf 2007.0/x86_64/x11-server-xfbdev-1.1.1-12.2mdv2007.0.x86_64.rpm
 24812e53f83a6751fad94544814fbb63 2007.0/x86_64/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.x86_64.rpm
 84b70cd0146b642215596eec51dcb7b1 2007.0/x86_64/x11-server-xnest-1.1.1-12.2mdv2007.0.x86_64.rpm
 b16678c47a6f526e904eb764d1aa5c68 2007.0/x86_64/x11-server-xorg-1.1.1-12.2mdv2007.0.x86_64.rpm
 5466332d5fd645bd0b1de06f41f2e7d7 2007.0/x86_64/x11-server-xprt-1.1.1-12.2mdv2007.0.x86_64.rpm
 071baaa67706c90aac05e9362b32f1de 2007.0/x86_64/x11-server-xsdl-1.1.1-12.2mdv2007.0.x86_64.rpm
 d0cfa2a81086e55ad3a024da165e1570 2007.0/x86_64/x11-server-xvfb-1.1.1-12.2mdv2007.0.x86_64.rpm
 e65256c48101eb1f0d51f8e246b74f9e 2007.0/SRPMS/x11-server-1.1.1-12.2mdv2007.0.src.rpm
 c94f94783b9a833f9ba84a2c6447360b 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.11.2mdv2007.0.src.rpm
 Mandriva Linux 2007.1:
 68d47b19c4b867ee11f15b71f3c8226a 2007.1/i586/x11-server-1.2.0-9.3mdv2007.1.i586.rpm
 39872d0705024f838c47bdeb5c01b63b 2007.1/i586/x11-server-common-1.2.0-9.3mdv2007.1.i586.rpm
 58c57bf66d436909db3aa46332f1161d 2007.1/i586/x11-server-devel-1.2.0-9.3mdv2007.1.i586.rpm
 7f46aea7b12cc7d63ca1094e45fd8185 2007.1/i586/x11-server-xati-1.2.0-9.3mdv2007.1.i586.rpm
 ce49e5eb2b938d0b2439c4d23cc6c886 2007.1/i586/x11-server-xchips-1.2.0-9.3mdv2007.1.i586.rpm
 1b8288fa1550e75e506ebb5613fab8b1 2007.1/i586/x11-server-xdmx-1.2.0-9.3mdv2007.1.i586.rpm
 051d34d81ae1e041fbec3d2d3142178e 2007.1/i586/x11-server-xephyr-1.2.0-9.3mdv2007.1.i586.rpm
 d3771704e8094acc9a19f31d0a3e5b23 2007.1/i586/x11-server-xepson-1.2.0-9.3mdv2007.1.i586.rpm
 d1af00fd18f02cebe28c319319b7147a 2007.1/i586/x11-server-xfake-1.2.0-9.3mdv2007.1.i586.rpm
 b742892b760c61c6ea689a5541246c5d 2007.1/i586/x11-server-xfbdev-1.2.0-9.3mdv2007.1.i586.rpm
 3e9ab8e79ccd908056943704eb849659 2007.1/i586/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.i586.rpm
 170e7f0b8cae29dcd4fbd54ece1c89f8 2007.1/i586/x11-server-xi810-1.2.0-9.3mdv2007.1.i586.rpm
 491413b40e7dc71b86cba615bca7c465 2007.1/i586/x11-server-xmach64-1.2.0-9.3mdv2007.1.i586.rpm
 5890faac3b923e21c0dc5bded02d086e 2007.1/i586/x11-server-xmga-1.2.0-9.3mdv2007.1.i586.rpm
 f494f66f71ddc5b69479a23ce201a41d 2007.1/i586/x11-server-xneomagic-1.2.0-9.3mdv2007.1.i586.rpm
 c8e42471bdbbdc4a66ffd91b1f0cb182 2007.1/i586/x11-server-xnest-1.2.0-9.3mdv2007.1.i586.rpm
 701cd236e6a50d072bf10e2d739dea99 2007.1/i586/x11-server-xnvidia-1.2.0-9.3mdv2007.1.i586.rpm
 6c0a51eb71c5e08a514065a86940345b 2007.1/i586/x11-server-xorg-1.2.0-9.3mdv2007.1.i586.rpm
 2dd8ca5bbce666924593f66ed7e9186c 2007.1/i586/x11-server-xpm2-1.2.0-9.3mdv2007.1.i586.rpm
 d53a2928b2068609b8429baa3de55098 2007.1/i586/x11-server-xprt-1.2.0-9.3mdv2007.1.i586.rpm
 a167c69874d9122d19806af6ac57e10c 2007.1/i586/x11-server-xr128-1.2.0-9.3mdv2007.1.i586.rpm
 e21ed3731dbf7e5345e4c57223e1c47d 2007.1/i586/x11-server-xsdl-1.2.0-9.3mdv2007.1.i586.rpm
 3642c4ab48e21c5f810e83502aec4ff0 2007.1/i586/x11-server-xsmi-1.2.0-9.3mdv2007.1.i586.rpm
 24004ec8195d11e8fb0e13ba19c700a7 2007.1/i586/x11-server-xvesa-1.2.0-9.3mdv2007.1.i586.rpm
 74bd661eaf42b16fe38c4b08a268600b 2007.1/i586/x11-server-xvfb-1.2.0-9.3mdv2007.1.i586.rpm
 5d340c30d104e1396436f6d6a83b21db 2007.1/i586/x11-server-xvia-1.2.0-9.3mdv2007.1.i586.rpm
 9abbbeae06a1e0c527d96236ca9cc41e 2007.1/i586/x11-server-xvnc-1.2.0-9.3mdv2007.1.i586.rpm
 893f78ce4f78b7def6d01c02d28262b7 2007.1/SRPMS/x11-server-1.2.0-9.3mdv2007.1.src.rpm
 6df770cb70e3eb4bc5cd9baa9af8b0c9 2007.1/SRPMS/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.src.rpm
 Mandriva Linux 2007.1/X86_64:
 fe1fb94aff46fdfb0b8a1f1d325267b6 2007.1/x86_64/x11-server-1.2.0-9.3mdv2007.1.x86_64.rpm
 50451c60869e8790c386de687462b208 2007.1/x86_64/x11-server-common-1.2.0-9.3mdv2007.1.x86_64.rpm
 7dd32f5f112988c8ea7260f0ce21123e 2007.1/x86_64/x11-server-devel-1.2.0-9.3mdv2007.1.x86_64.rpm
 886994cfc8ee33d2ec47f8c5fd5498f6 2007.1/x86_64/x11-server-xdmx-1.2.0-9.3mdv2007.1.x86_64.rpm
 746ffd08c46db2b3c1d3d6978aa4750c 2007.1/x86_64/x11-server-xephyr-1.2.0-9.3mdv2007.1.x86_64.rpm
 1245fecc83cf5be468248891a64ff533 2007.1/x86_64/x11-server-xfake-1.2.0-9.3mdv2007.1.x86_64.rpm
 c298bd4969d404cf917496daf93fae2e 2007.1/x86_64/x11-server-xfbdev-1.2.0-9.3mdv2007.1.x86_64.rpm
 6deb0b784971e39c3a488ec8cbd14393 2007.1/x86_64/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.x86_64.rpm
 7e17896d835ba51451c04d075db91894 2007.1/x86_64/x11-server-xnest-1.2.0-9.3mdv2007.1.x86_64.rpm
 2aab234827f3c4d61c47d5ebd7af4a8b 2007.1/x86_64/x11-server-xorg-1.2.0-9.3mdv2007.1.x86_64.rpm
 8cfcf665a3979e1faaab471444adcd64 2007.1/x86_64/x11-server-xprt-1.2.0-9.3mdv2007.1.x86_64.rpm
 657e13900d1e6a9844261e4428fb2776 2007.1/x86_64/x11-server-xsdl-1.2.0-9.3mdv2007.1.x86_64.rpm
 61186f95dc6356f5be674d0497fc2251 2007.1/x86_64/x11-server-xvfb-1.2.0-9.3mdv2007.1.x86_64.rpm
 287707c225cb7f3069ed2393b7f6dcbb 2007.1/x86_64/x11-server-xvnc-1.2.0-9.3mdv2007.1.x86_64.rpm
 893f78ce4f78b7def6d01c02d28262b7 2007.1/SRPMS/x11-server-1.2.0-9.3mdv2007.1.src.rpm
 6df770cb70e3eb4bc5cd9baa9af8b0c9 2007.1/SRPMS/x11-server-xgl-0.0.1-0.20070105.4.2mdv2007.1.src.rpm

RHEL 4 : nouveaux paquetages xorg-x11.
De nouveaux paquetages sont disponibles :
Red Hat Enterprise Linux version 4: xorg-x11-6.8.2-1.EL.31

SUSE : nouveaux paquetages xorg-x11.
De nouveaux paquetages sont disponibles :
openSUSE 10.3 :
   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/*/xorg-x11-7.2-135.2.*.rpm
openSUSE 10.2 :
   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/*/xorg-x11-7.2-28.*.rpm
SUSE LINUX 10.1 :
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/*/xorg-x11-6.9.0-50.52.*.rpm
SUSE LINUX 10.0 :
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/*/xorg-x11-6.8.2-100.13.*.rpm
Bulletin complet, filtrage par logiciel, emails, correctifs, ... (Demandez votre essai gratuit)

Service de veille sur les vulnérabilités informatiques 

Vigil@nce fournit des avis de vulnérabilité applicative. Chaque administrateur peut personnaliser la liste des produits pour lesquels il souhaite recevoir des alertes de vulnérabilités.