FreeBSD : Xorg server -- two vulnerabilities in X server lock handling code (8441957c-f9b4-11e0-a78a-bcaec565249c)

low Nessus Plugin ID 56548

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Matthieu Herrb reports :

It is possible to deduce if a file exists or not by exploiting the way that Xorg creates its lock files. This is caused by the fact that the X server is behaving differently if the lock file already exists as a symbolic link pointing to an existing or non-existing file.

It is possible for a non-root user to set the permissions for all users on any file or directory to 444, giving unwanted read access or causing denies of service (by removing execute permission). This is caused by a race between creating the lock file and setting its access modes.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?0c0099c5

Plugin Details

Severity: Low

ID: 56548

File Name: freebsd_pkg_8441957cf9b411e0a78abcaec565249c.nasl

Version: 1.7

Type: local

Published: 10/19/2011

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:xorg-server, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/18/2011

Vulnerability Publication Date: 10/18/2011

Reference Information

CVE: CVE-2011-4028, CVE-2011-4029