|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200503-15] X.org: libXpm vulnerability Vulnerability Scan
Vulnerability Scan Summary X.org: libXpm vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200503-15
(X.org: libXpm vulnerability)
Chris Gilbert has discovered potentially exploitable buffer overflow
cases in libXpm that weren't fixed in previous libXpm versions.
Impact
A carefully-crafted XPM file could crash X.org, potentially allowing
the execution of arbitrary code with the rights of the user running
the application.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0605
https://bugs.freedesktop.org/show_bug.cgi?id=1920
Solution:
All X.org users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose x11-base/xorg-x11
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|