HOME >> IT Security >> Vulnerabilities >> Security Alert for X.Org Foundation X Server Vulnerability
Security Alert for X.Org Foundation X Server Vulnerability
June 10, 2008
>> JAPANESE
Information-technology Promotion Agency, Japan (IPA, Chairman Koji Nishigaki) has issued the Security Alert for X.Org Foundation X Server Vulnerability on June 10, 2008.
This vulnerability allows an attacker to execute arbitrary code when an X Server reads in a specially crafted PCF font file.
When exploited, a remote attacker could take control over the computer and, for example, execute unauthorized programs, delete files and install malicious tools such as bot software.
To fix the problem, update to the latest version provided by the developer or OS vendor.
1.Overview
The X.Org Foundation’s X Server is an open source implementation of the X Window System, which provides a GUI(*1) environment for Unix-based systems such as Linux. The X.Org Foundation’s X Server has a buffer overflow vulnerability due to improper handling of the PCF(*2) font. When exploited, an attacker could execute arbitrary code on the computer running the X Server.
X.Org Foundation has released an X.Org security advisory for this vulnerability on January 18, 2008, at:
http://lists.freedesktop.org/archives/xorg/2008-January/031918.html
For the latest information, please refer to:
http://jvndb.jvn.jp/contents/en/2008/JVNDB-2008-001043.html
The following creditee reported this vulnerability to IPA. JPCERT Coordination Center (JPCERT/CC) coordinated with the product vendors and published the vulnerability on June 10, 2008, under Information Security Early Warning Partnership.
Credit: Takuya Shiozaki of CODE blog (codeblog.org)
2.Impact
An attacker with an established, authorized connection to an X Server could execute unauthorized programs, delete files and install malicious tools such as bot software with the privileges of X Server by feeding a specially crafted PCF font file to the X Server.
If an X Server is accessible via networks, a remote attacker who has managed to pass X Server’s authentication also could execute unauthorized programs, delete files and install malicious tools such as bot software with the X Server privileges by having the X Server process a specially crafted PCF font file.
3.Solution
To fix the problem, update to the latest version provided by the product developer or OS vendor.
4.CVSS Severity
(1)Evaluation Result
| Severity Rating (CVSS base score) |
□ Low (0.0~3.9) |
□ Medium (4.0~6.9) |
■ High (7.0~10.0) |
|---|---|---|---|
| CVSS base score | 7.4 |
(2) Base Score Metrics
| AV:Access Vector | □ Local | ■ Adjacent Network |
□ Network |
|---|---|---|---|
| AC:Access Complexity | □ High | ■ Medium | □ Low |
| Au:Authentication | □ Multiple | ■ Single | □ None |
| C:Confidentiality Impact | □ None | □ Partial | ■ Complete |
| I:Integrity Impact | □ None | □ Partial | ■ Complete |
| A:Availability Impact | □ None | □ Partial | ■ Complete |
■:Selected Values
Footnote
(*1)Graphical User Interface. A graphically displayed user interface on which the user can interact with the computer using a mouse or other means.
(*2)Portable Complied Font. One of the font types X Server handles.
Contact
IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)
E-mail: 