GLSA-200710-09 : NX 2.1: User-assisted execution of arbitrary code

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200710-09
(NX 2.1: User-assisted execution of arbitrary code)

Chris Evans reported an integer overflow within the FreeType PCF font
file parser (CVE-2006-1861). NX and NX Node are vulnerable to this due
to shipping XFree86 4.3.0, which includes the vulnerable FreeType code.

Impact :

A remote attacker could exploit these integer overflows by enticing a
user to load a specially crafted PCF font file which might lead to the
execution of arbitrary code with the privileges of the user on the
machine running the NX server.

Workaround :

There is no known workaround at this time.

See also :

http://www.gentoo.org/security/en/glsa/glsa-200607-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml

Solution :

All NX users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/nx-3.0.0'
All NX Node users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/nxnode-3.0.0-r3'

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Gentoo Local Security Checks

Nessus Plugin ID: 26980 (gentoo_GLSA-200710-09.nasl)

Bugtraq ID:

CVE ID: CVE-2006-1861