This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200801-09
(X.Org X server and Xfont library: Multiple vulnerabilities)
regenrecht reported multiple vulnerabilities in various X server
extension via iDefense:
The XFree86-Misc extension does not properly sanitize a parameter
within a PassMessage request, allowing the modification of a function
Multiple functions in the XInput extension do not properly sanitize
client requests for swapping bytes, leading to corruption of heap
Integer overflow vulnerabilities in the EVI extension and in the
MIT-SHM extension can lead to buffer overflows (CVE-2007-6429).
The TOG-CUP extension does not sanitize an index value in the
ProcGetReservedColormapEntries() function, leading to arbitrary memory
A buffer overflow was discovered in the Xfont library when
processing PCF font files (CVE-2008-0006).
The X server does not enforce restrictions when a user specifies a
security policy file and attempts to open it (CVE-2007-5958).
Remote attackers could exploit the vulnerability in the Xfont library
by enticing a user to load a specially crafted PCF font file resulting
in the execution of arbitrary code with the privileges of the user
running the X server, typically root. Local attackers could exploit
this and the vulnerabilities in the X.org extensions to gain elevated
privileges. If the X server allows connections from the network, these
vulnerabilities could be exploited remotely. A local attacker could
determine the existence of arbitrary files by exploiting the last
vulnerability or possibly cause a Denial of Service.
Workarounds for some of the vulnerabilities can be found in the X.Org
security advisory as listed under References.
See also :
All X.Org X server users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=x11-base/xorg-server-188.8.131.52-r5'
All X.Org Xfont library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=x11-libs/libXfont-1.3.1-r1'
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true