[gentoo-announce] [ GLSA 200407-05 ] XFree86, X.org: XDM ignores requestPort setting - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200407-05 ] XFree86, X.org: XDM ignores requestPort setting
Date:	Mon, 05 Jul 2004 20:41:11
Message-Id:	`40E9BC9E.5000908@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200407-05

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: Low

11

     Title: XFree86, X.org: XDM ignores requestPort setting

12

      Date: July 05, 2004

13

      Bugs: #53226

14

        ID: 200407-05

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

XDM will open TCP sockets for its chooser, even if the

22

DisplayManager.requestPort setting is set to 0. This may allow

23

authorized users to access a machine remotely via X, even if the

24

administrator has configured XDM to refuse such connections.

25

26

Background

27

==========

28

29

The X Display Manager (XDM) is a program which provides a graphical

30

login prompt to users on the console or on remote X terminals. It has

31

largely been superseded by programs such as GDM and KDM.

32

33

Affected packages

34

=================

35

36

    -------------------------------------------------------------------

37

     Package            /   Vulnerable   /                  Unaffected

38

    -------------------------------------------------------------------

39

  1  x11-base/xfree         <= 4.3.0-r5                    >= 4.3.0-r6

40

  2  x11-base/xorg-x11       <= 6.7.0                      >= 6.7.0-r1

41

    -------------------------------------------------------------------

42

     2 affected packages on all of their supported architectures.

43

    -------------------------------------------------------------------

44

45

Description

46

===========

47

48

XDM will open TCP sockets for its chooser, even if the

49

DisplayManager.requestPort setting is set to 0. Remote clients can use

50

this port to connect to XDM and request a login window, thus allowing

51

access to the system.

52

53

Impact

54

======

55

56

Authorized users may be able to login remotely to a machine running

57

XDM, even if this option is disabled in XDM's configuration. Please

58

note that an attacker must have a preexisting account on the machine in

59

order to exploit this vulnerability.

60

61

Workaround

62

==========

63

64

There is no known workaround at this time. All users should upgrade to

65

the latest available version of X.

66

67

Resolution

68

==========

69

70

If you are using XFree86, you should run the following:

71

72

    # emerge sync

73

74

    # emerge -pv ">=x11-base/xfree-4.3.0-r6"

75

    # emerge ">=x11-base/xfree-4.3.0-r6"

76

77

If you are using X.org's X11 server, you should run the following:

78

79

    # emerge sync

80

81

    # emerge -pv ">=x11-base/xorg-x11-6.7.0-r1"

82

    # emerge ">=x11-base/xorg-x11-6.7.0-r1"

83

84

References

85

==========

86

87

  [ 1 ] CAN 2004-0419

88

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0419

89

  [ 2 ] XFree86 Bug

90

        http://bugs.xfree86.org/show_bug.cgi?id=1376

91

92

Availability

93

============

94

95

This GLSA and any updates to it are available for viewing at

96

the Gentoo Security Website:

97

98

    http://security.gentoo.org/glsa/glsa-200407-05.xml

99

100

Concerns?

101

=========

102

103

Security is a primary focus of Gentoo Linux and ensuring the

104

confidentiality and security of our users machines is of utmost

105

importance to us. Any security concerns should be addressed to

106

security@g.o or alternatively, you may file a bug at

107

http://bugs.gentoo.org.

108

109

License

110

=======

111

112

Copyright 2004 Gentoo Technologies, Inc; referenced text

113

belongs to its owner(s).

114

115

The contents of this document are licensed under the

116

Creative Commons - Attribution / Share Alike license.

117

118

http://creativecommons.org/licenses/by-sa/1.0

119

120

-----BEGIN PGP SIGNATURE-----

121

Version: GnuPG v1.2.4 (GNU/Linux)

122

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

123

124

iD8DBQFA6bydvcL1obalX08RAgEvAKCswccXfWOuIZ6wdOmB28H+ZYRMAgCfRR6A

125

9agYr6aSy992+8gT/TchK4o=

126

=3hE4

127

-----END PGP SIGNATURE-----

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200407-05
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: Low
11	Title: XFree86, X.org: XDM ignores requestPort setting
12	Date: July 05, 2004
13	Bugs: #53226
14	ID: 200407-05
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	XDM will open TCP sockets for its chooser, even if the
22	DisplayManager.requestPort setting is set to 0. This may allow
23	authorized users to access a machine remotely via X, even if the
24	administrator has configured XDM to refuse such connections.
25
26	Background
27	==========
28
29	The X Display Manager (XDM) is a program which provides a graphical
30	login prompt to users on the console or on remote X terminals. It has
31	largely been superseded by programs such as GDM and KDM.
32
33	Affected packages
34	=================
35
36	-------------------------------------------------------------------
37	Package / Vulnerable / Unaffected
38	-------------------------------------------------------------------
39	1 x11-base/xfree <= 4.3.0-r5 >= 4.3.0-r6
40	2 x11-base/xorg-x11 <= 6.7.0 >= 6.7.0-r1
41	-------------------------------------------------------------------
42	2 affected packages on all of their supported architectures.
43	-------------------------------------------------------------------
44
45	Description
46	===========
47
48	XDM will open TCP sockets for its chooser, even if the
49	DisplayManager.requestPort setting is set to 0. Remote clients can use
50	this port to connect to XDM and request a login window, thus allowing
51	access to the system.
52
53	Impact
54	======
55
56	Authorized users may be able to login remotely to a machine running
57	XDM, even if this option is disabled in XDM's configuration. Please
58	note that an attacker must have a preexisting account on the machine in
59	order to exploit this vulnerability.
60
61	Workaround
62	==========
63
64	There is no known workaround at this time. All users should upgrade to
65	the latest available version of X.
66
67	Resolution
68	==========
69
70	If you are using XFree86, you should run the following:
71
72	# emerge sync
73
74	# emerge -pv ">=x11-base/xfree-4.3.0-r6"
75	# emerge ">=x11-base/xfree-4.3.0-r6"
76
77	If you are using X.org's X11 server, you should run the following:
78
79	# emerge sync
80
81	# emerge -pv ">=x11-base/xorg-x11-6.7.0-r1"
82	# emerge ">=x11-base/xorg-x11-6.7.0-r1"
83
84	References
85	==========
86
87	[ 1 ] CAN 2004-0419
88	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0419
89	[ 2 ] XFree86 Bug
90	http://bugs.xfree86.org/show_bug.cgi?id=1376
91
92	Availability
93	============
94
95	This GLSA and any updates to it are available for viewing at
96	the Gentoo Security Website:
97
98	http://security.gentoo.org/glsa/glsa-200407-05.xml
99
100	Concerns?
101	=========
102
103	Security is a primary focus of Gentoo Linux and ensuring the
104	confidentiality and security of our users machines is of utmost
105	importance to us. Any security concerns should be addressed to
106	security@g.o or alternatively, you may file a bug at
107	http://bugs.gentoo.org.
108
109	License
110	=======
111
112	Copyright 2004 Gentoo Technologies, Inc; referenced text
113	belongs to its owner(s).
114
115	The contents of this document are licensed under the
116	Creative Commons - Attribution / Share Alike license.
117
118	http://creativecommons.org/licenses/by-sa/1.0
119
120	-----BEGIN PGP SIGNATURE-----
121	Version: GnuPG v1.2.4 (GNU/Linux)
122	Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
123
124	iD8DBQFA6bydvcL1obalX08RAgEvAKCswccXfWOuIZ6wdOmB28H+ZYRMAgCfRR6A
125	9agYr6aSy992+8gT/TchK4o=
126	=3hE4
127	-----END PGP SIGNATURE-----

Gentoo Archives: gentoo-announce