HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2007-05
Multiple Vulnerabilities in Xorg, Xfree86 and Kerberos

Original issue date: January 16, 2007

Severity Rating: Medium

Systems Affected

  • X.Org X11 version 7.1 and prior
  • XFree86 version 4.6.99.15 and prior
  • MIT Kerberos V5 versions 1.4 through 1.4.4
  • MIT Kerberos V5 versions 1.5 through 1.5.1

Overview

Multiple vulnerabilities have been reported in Linux which could be exploited by remote attackers to execute commands on the affected system.

Description

1. X.Org X11 Render or XFree86 and DBE Extensions Multiple
Local Privilege Escalation Vulnerabilities (CVE-2006-6101 ,CVE-2006-6102 , CVE-2006-6103)

A vulnerability has been reported in X.Org and XFree86 X server
due to a memory corruption error in the "ProcRenderAddGlyphs()","ProcDbeGetVisualInfo()" and "ProcDbeSwapBuffers()" functions within the DBE extension, which could be exploited by remote attackers to execute arbitrary commands with "root" privileges via a specially crafted X protocol request.

2. Kerberos V5 Kadmind RPC Library Remote Code Execution
Vulnerability ( CVE-2006-6143 )

A vulnerability has been reported in server side portion of RPC library used in Kerberos administration daemon “kadmind “ due to its failure to properly initialize pointers. An remote attacker could exploit the vulnerability by sending a crafted packets on the affected system to execute arbitrary code or cause denial of service attack.

3. Kerberos V5 Kadmind GSS-API Library Remote Code
Execution Vulnerability ( CVE-2006-6144 )

A vulnerability has been reported in Kerberos due to memory management error in "mechglue" abstraction interface of the GSS-API library used in Kerberos administration daemon “kadmind “. An unauthenticated remote attacker could exploit the vulnerability by freeing uninitialized pointers to execute arbitrary code on the affected system.

Solution

Apply appropriate patches suggested by vendor

Vendor Information

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006
-002-rpc.txt
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006
-003-mechglue.txt

References

Red Hat
http://rhn.redhat.com/errata/RHSA-2007-0002.html

FrSIRT
http://www.frsirt.com/english/advisories/2007/0108

Secunia
http://secunia.com/advisories/23670

iDefence
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465
 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464
 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463

US-CERT
http://www.kb.cert.org/vuls/id/481564
http://www.kb.cert.org/vuls/id/831452

Security Focus
http://www.securityfocus.com/bid/21968
http://www.securityfocus.com/bid/21975
http://www.securityfocus.com/bid/21970

CVE Name
CVE-2006-6101
CVE-2006-6102
CVE-2006-6103
CVE-2006-6143
CVE-2006-6144

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003