Mandrake Linux Security Advisory : libxpm4 (MDKSA-2004:137-1)
Critical Nessus Plugin ID 15793
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionThe XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files.
A source code review of the XPM library, done by Thomas Biege of the SuSE Security-Team revealed several different kinds of bugs. These bugs include integer overflows, out-of-bounds memory access, shell command execution, path traversal, and endless loops.
These bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges, by using a specially crafted xpm image.
The previous libxpm4 update had a linking error that resulted in a missing s_popen symbol error running applications dependent on the library. In addition, the file path checking in the security updates prevented some applications, like gimp-2.0 from being able to save xpm format images.
Updated packages are patched to correct all these issues.
SolutionUpdate the affected packages.