HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

CERT-In Vulnerability Note CIVN-2008-91
Multiple vulnerabilities in the Solaris X Server

Original Issue Date: June 20, 2008

Severity Rating: Medium

System Affected

  • Solaris 8
  • Solaris 9
  • Solaris 10
  • Open solaris

Overview

Multiple vulnerabilities have been reported in Solaris X Server Extensions that may lead to a Denial of Service (DoS) or allow execution of arbitrary code.

Description

The GUI (Graphical User Interface) or ‘windows functionality' is part of every computer and is prime method of user interaction. In some operating systems it is not part of kernel but a separate program with name ‘x-window system'. X is an infrastructure that GUI uses to do its stuff. It handles low level of drawing of fonts, line, and pictures on the screen and accepts keyboard and mouse inputs as well as the inter program-communication of these. It also handles network distribution of users and remote sessions.

An X-server is a machine on the network where a windowing program exists and other machine, X-client can connect and use its services.

Multiple vulnerabilities have been reported in server side code of some extensions in x-window system. These vulnerabilities are Multiple integer, heap and buffer overflow security vulnerabilities and they exist in the Render, RECORD, Security, and MIT-SHM Extensions to the Solaris X11 display server (Xorg(1) and Xsun(1)) and the Solaris X11 print server (Xprt(1)).  These vulnerabilities may allow a local or remote unprivileged user who is authorized (via xhost(1) or xauth(1)) to connect to the X server and execute arbitrary code with root privileges, access arbitrary memory within the X server's address space, or crash the X11 display server process. This leads to a Denial of Service (DoS)condition.

Workaround

Disable the affected X-server extension. This may lead to non working of applications requesting the respective extension. Refer one follows link for details:
http://sunsolve.sun.com/search/printfriendly.do?
assetkey=1-66-238686-1

Solutions

Apply appropriate patches as recommended by Vendor
  • SPARC Platform
    • Solaris 8 T-patch T119067-10
    • Solaris 10 T-patch T119059-44 (for Xsun(1))
    • Solaris 10 T-patch T125719-12 (for Xorg(1))
  • x86 Platform
    • Solaris 8 T-patch T119068-10 (for Xsun(1))
    • Solaris 10 T-patch T119060-43 (for Xsun(1))
    • Solaris 10 T-patch T125720-23 (for Xorg(1))

Vendor Information

SUN
http://sunsolve.sun.com/search/printfriendly.do?
assetkey=1-66-238686-1

References

SUN
http://sunsolve.sun.com/search/printfriendly.do?
assetkey=1-66-238686-1

AusCERT
http://www.auscert.org.au/render.html?it=9458

Secunia
http://secunia.com/advisories/30671/

FrSIRT
http://www.frsirt.com/english/advisories/2008/1833

CVE Name
CVE-2008-2360
CVE-2008-2361
CVE-2008-2362
CVE-2008-1379
CVE-2008-1377

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003