Vulnerabilities > CVE-2013-1996 - Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X Libfs

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
x
CWE-119
nessus

Summary

X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function.

Vulnerable Configurations

Part Description Count
Application
X
4

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1853-1.NASL
    descriptionIlja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id66817
    published2013-06-06
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/66817
    titleUbuntu 12.04 LTS / 12.10 / 13.04 : libfs vulnerability (USN-1853-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-1853-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(66817);
      script_version("1.9");
      script_cvs_date("Date: 2019/09/19 12:54:29");
    
      script_cve_id("CVE-2013-1996");
      script_bugtraq_id(60130);
      script_xref(name:"USN", value:"1853-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 12.10 / 13.04 : libfs vulnerability (USN-1853-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Ilja van Sprundel discovered multiple security issues in various X.org
    libraries and components. An attacker could use these issues to cause
    applications to crash, resulting in a denial of service, or possibly
    execute arbitrary code.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/1853-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libfs6 package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfs6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2013/06/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|12\.10|13\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 12.10 / 13.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"libfs6", pkgver:"2:1.0.3-1ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"12.10", pkgname:"libfs6", pkgver:"2:1.0.4-1ubuntu0.12.10.1")) flag++;
    if (ubuntu_check(osver:"13.04", pkgname:"libfs6", pkgver:"2:1.0.4-1ubuntu0.13.04.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libfs6");
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_XORG_20141107.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. (CVE-2013-1981) - Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. (CVE-2013-1982) - Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. (CVE-2013-1984) - Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function. (CVE-2013-1985) - X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. (CVE-2013-1995) - X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function. (CVE-2013-1996) - Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions. (CVE-2013-1997) - Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions. (CVE-2013-1998) - Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function. (CVE-2013-2002) - The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. (CVE-2013-2004) - X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions. (CVE-2013-2005) - Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions. (CVE-2013-2062)
    last seen2020-06-01
    modified2020-06-02
    plugin id80822
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80822
    titleOracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from the Oracle Third Party software advisories.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(80822);
      script_version("1.2");
      script_cvs_date("Date: 2018/11/15 20:50:25");
    
      script_cve_id("CVE-2013-1981", "CVE-2013-1982", "CVE-2013-1984", "CVE-2013-1985", "CVE-2013-1995", "CVE-2013-1996", "CVE-2013-1997", "CVE-2013-1998", "CVE-2013-2002", "CVE-2013-2004", "CVE-2013-2005", "CVE-2013-2062");
    
      script_name(english:"Oracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org1)");
      script_summary(english:"Check for the 'entire' version.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Solaris system is missing a security patch for third-party
    software."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote Solaris system is missing necessary patches to address
    security updates :
    
      - Multiple integer overflows in X.org libX11 1.5.99.901
        (1.6 RC1) and earlier allow X servers to trigger
        allocation of insufficient memory and a buffer overflow
        via vectors related to the (1) XQueryFont, (2)
        _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4)
        XGetMotionEvents, (5) XListHosts, (6)
        XGetModifierMapping, (7) XGetPointerMapping, (8)
        XGetKeyboardMapping, (9) XGetWindowProperty, (10)
        XGetImage, (11) LoadColornameDB, (12)
        XrmGetFileDatabase, (13) _XimParseStringFile, or (14)
        TransFileName functions. (CVE-2013-1981)
    
      - Multiple integer overflows in X.org libXext 1.3.1 and
        earlier allow X servers to trigger allocation of
        insufficient memory and a buffer overflow via vectors
        related to the (1) XcupGetReservedColormapEntries, (2)
        XcupStoreColors, (3) XdbeGetVisualInfo, (4)
        XeviGetVisualInfo, (5) XShapeGetRectangles, and (6)
        XSyncListSystemCounters functions. (CVE-2013-1982)
    
      - Multiple integer overflows in X.org libXi 1.7.1 and
        earlier allow X servers to trigger allocation of
        insufficient memory and a buffer overflow via vectors
        related to the (1) XGetDeviceControl, (2)
        XGetFeedbackControl, (3) XGetDeviceDontPropagateList,
        (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6)
        XIGetSelectedEvents, (7) XGetDeviceProperties, and (8)
        XListInputDevices functions. (CVE-2013-1984)
    
      - Integer overflow in X.org libXinerama 1.1.2 and earlier
        allows X servers to trigger allocation of insufficient
        memory and a buffer overflow via vectors related to the
        XineramaQueryScreens function. (CVE-2013-1985)
    
      - X.org libXi 1.7.1 and earlier allows X servers to
        trigger allocation of insufficient memory and a buffer
        overflow via vectors related to an unexpected sign
        extension in the XListInputDevices function.
        (CVE-2013-1995)
    
      - X.org libFS 1.0.4 and earlier allows X servers to
        trigger allocation of insufficient memory and a buffer
        overflow via vectors related to an unexpected sign
        extension in the FSOpenServer function. (CVE-2013-1996)
    
      - Multiple buffer overflows in X.org libX11 1.5.99.901
        (1.6 RC1) and earlier allow X servers to cause a denial
        of service (crash) and possibly execute arbitrary code
        via crafted length or index values to the (1)
        XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3)
        _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5)
        _XkbReadKeySyms, (6) _XkbReadKeyActions, (7)
        _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9)
        _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap,
        (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply,
        (13) _XimXGetReadData, (14) XListFonts, (15)
        XListExtensions, and (16) XGetFontPath functions.
        (CVE-2013-1997)
    
      - Multiple buffer overflows in X.org libXi 1.7.1 and
        earlier allow X servers to cause a denial of service
        (crash) and possibly execute arbitrary code via crafted
        length or index values to the (1)
        XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and
        (3) XQueryDeviceState functions. (CVE-2013-1998)
    
      - Buffer overflow in X.org libXt 1.1.3 and earlier allows
        X servers to cause a denial of service (crash) and
        possibly execute arbitrary code via crafted length or
        index values to the _XtResourceConfigurationEH function.
        (CVE-2013-2002)
    
      - The (1) GetDatabase and (2) _XimParseStringFile
        functions in X.org libX11 1.5.99.901 (1.6 RC1) and
        earlier do not restrict the recursion depth when
        processing directives to include files, which allows X
        servers to cause a denial of service (stack consumption)
        via a crafted file. (CVE-2013-2004)
    
      - X.org libXt 1.1.3 and earlier does not check the return
        value of the XGetWindowProperty function, which allows X
        servers to trigger use of an uninitialized pointer and
        memory corruption via vectors related to the (1)
        ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut,
        (4) HandleNormal, and (5) HandleSelectionReplies
        functions. (CVE-2013-2005)
    
      - Multiple integer overflows in X.org libXp 1.0.1 and
        earlier allow X servers to trigger allocation of
        insufficient memory and a buffer overflow via vectors
        related to the (1) XpGetAttributes, (2)
        XpGetOneAttribute, (3) XpGetPrinterList, and (4)
        XpQueryScreens functions. (CVE-2013-2062)"
      );
      # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?4a913f44"
      );
      # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-xorg
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f5fab6fd"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11.1.8.4.0.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:xorg");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/11/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Solaris11/release");
    if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
    pkg_list = solaris_pkg_list_leaves();
    if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
    
    if (empty_or_null(egrep(string:pkg_list, pattern:"^xorg$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "xorg");
    
    flag = 0;
    
    if (solaris_check_release(release:"0.5.11-0.175.1.8.0.4.0", sru:"SRU 11.1.8.4.0") > 0) flag++;
    
    if (flag)
    {
      error_extra = 'Affected package : xorg\n' + solaris_get_report2();
      error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
      if (report_verbosity > 0) security_warning(port:0, extra:error_extra);
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_PACKAGE_NOT_AFFECTED, "xorg");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_XORG-X11-DEVEL-130612.NASL
    descriptionThis update of xorg-x11-libs fixes several integer and buffer overflow issues. (bnc#815451, bnc#821663)
    last seen2020-06-05
    modified2013-06-29
    plugin id67106
    published2013-06-29
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67106
    titleSuSE 11.2 Security Update : xorg-x11-libs (SAT Patch Number 7846)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-501.NASL
    descriptionThis update of libFS fixes an integer overflow issue. - U_0001-Sign-extension-issue-and-integer-overflow-in-FSOp enS.patch - Sign extension issue and integer overflow in FSOpenServer() [CVE-2013-1996] (bnc#821663, bnc#815451)
    last seen2020-06-05
    modified2014-06-13
    plugin id75037
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75037
    titleopenSUSE Security Update : libFS (openSUSE-SU-2013:1034-1)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_2EEBEBFFCD3B11E28F09001B38C3836C.NASL
    descriptionfreedesktop.org reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org
    last seen2020-06-01
    modified2020-06-02
    plugin id66798
    published2013-06-05
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/66798
    titleFreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-9976.NASL
    descriptionlibFS 1.0.5 Update to latest git to fix the following CVEs: CVE-2013-1996 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-07-12
    plugin id67392
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67392
    titleFedora 19 : libFS-1.0.5-1.fc19 (2013-9976)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2687.NASL
    descriptionIlja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
    last seen2020-03-17
    modified2013-05-24
    plugin id66571
    published2013-05-24
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/66571
    titleDebian DSA-2687-1 : libfs - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_XORG-X11-DEVEL-130625.NASL
    descriptionThis update of xorg-x11-libs fixes several integer and buffer overflow issues. Bug 815451/821663 CVE-2013-1984 / CVE-2013-1985 / CVE-2013-1986 / CVE-2013-1988 / CVE-2013-1990 / CVE-2013-1991 / CVE-2013-1992 / CVE-2013-1995 / CVE-2013-1996 / CVE-2013-1998 / CVE-2013-1999 / CVE-2013-2000 / CVE-2013-2001 / CVE-2013-2003 / CVE-2013-2063
    last seen2020-06-05
    modified2013-07-30
    plugin id69112
    published2013-07-30
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69112
    titleSuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 7944)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_XORG-X11-8623.NASL
    descriptionThis update of xorg-x11 fixes several security vulnerabilities. - Bug 815451- X.Org Security Advisory: May 23, 2013 - Bug 821664 - libX11 - Bug 821671 - libXv - Bug 821670 - libXt - Bug 821669 - libXrender - Bug 821668 - libXp - Bug 821667 - libXfixes - Bug 821665 - libXext - Bug 821663 - libFS, libXcursor, libXi, libXinerama, libXRes, libXtst, libXvMC, libXxf86dga, libXxf86vm, libdmx
    last seen2020-06-05
    modified2013-07-12
    plugin id67256
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67256
    titleSuSE 10 Security Update : xorg-x11 (ZYPP Patch Number 8623)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-9140.NASL
    descriptionUpdate to latest git to fix the following CVEs: CVE-2013-1996 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-06-03
    plugin id66750
    published2013-06-03
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/66750
    titleFedora 18 : libFS-1.0.4-6.20130524git26dc23446.fc18 (2013-9140)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201405-07.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201405-07 (X.Org X Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id74028
    published2014-05-16
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74028
    titleGLSA-201405-07 : X.Org X Server: Multiple vulnerabilities