Mandrake alert: Updated XFree86 packages fix xdm vulnerability

Posted by dave on Dec 19, 2003 3:52 AM EDT
Mailing list
Mail this story
Print this story

A vulnerability was discovered in the XDM display manager that ships with XFree86. XDM does not check for successful completion of the pam_setcred() call and in the case of error conditions in the installed PAM modules, XDM may grant local root access to any user with valid login credentials. It has been reported that a certain configuration of the MIT pam_krb5 module can result in a failing pam_setcred() call which leaves the session alive and would provide root access to any regular user. It is also possible that this vulnerability can likewise be exploited with other PAM modules in a similar manner.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandrake Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           XFree86
 Advisory ID:            MDKSA-2003:118
 Date:                   December 19th, 2003

 Affected versions:	 9.0, 9.1, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A vulnerability was discovered in the XDM display manager that ships
 with XFree86.  XDM does not check for successful completion of the
 pam_setcred() call and in the case of error conditions in the
 installed PAM modules, XDM may grant local root access to any user
 with valid login credentials.  It has been reported that a certain
 configuration of the MIT pam_krb5 module can result in a failing
 pam_setcred() call which leaves the session alive and would provide
 root access to any regular user.  It is also possible that this
 vulnerability can likewise be exploited with other PAM modules in a
 similar manner.
 
 A backported patch from XFree86 4.3 that corrects this vulnerability
 has been applied to these updated packages.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690
 ______________________________________________________________________

 Updated Packages:
  
 Corporate Server 2.1:
 7ba291697ec4355d7fa8641494fd6caf  corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.6.C21mdk.i586.rpm
 1a1334d9b639c099e330cc5684b9973e  corporate/2.1/RPMS/XFree86-4.2.1-6.6.C21mdk.i586.rpm
 14055e9c1990ffc0ae51eb8a62dc6ff1  corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.6.C21mdk.i586.rpm
 a9620d5d9c2db7a61ee02557ae63b4a9  corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.6.C21mdk.i586.rpm
 50fb7ed66e9b3e63b510b0f307582ea9  corporate/2.1/RPMS/XFree86-devel-4.2.1-6.6.C21mdk.i586.rpm
 fad9b5babd20b4f81107cac3229df28d  corporate/2.1/RPMS/XFree86-doc-4.2.1-6.6.C21mdk.i586.rpm
 7dffea0280f7a66456fffbde0611ff50  corporate/2.1/RPMS/XFree86-glide-module-4.2.1-6.6.C21mdk.i586.rpm
 501ee2b8f244272ac695b56d14c04472  corporate/2.1/RPMS/XFree86-libs-4.2.1-6.6.C21mdk.i586.rpm
 34ce66ab9af42b521459d647442d3bae  corporate/2.1/RPMS/XFree86-server-4.2.1-6.6.C21mdk.i586.rpm
 7bc53030d35ede94c59fa994002ec558  corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.6.C21mdk.i586.rpm
 3893ce26c8b2f6e50f0b6c478977d3c7  corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.6.C21mdk.i586.rpm
 7ac3a5b47f69873ac0e277d69dba5cbc  corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.6.C21mdk.i586.rpm
 76984657d4e3c078440fca9067327fa9  corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.6.C21mdk.i586.rpm
 ddc5ff979384144f16884b7a05ec6d9d  corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.6.C21mdk.i586.rpm
 6443f5436266224800834b1d721da412  corporate/2.1/SRPMS/XFree86-4.2.1-6.6.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 b5cf0f68ffae1ca10a0c262d50b7cc33  x86_64/corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.6.C21mdk.x86_64.rpm
 8bd52e36599a09636cc3810f08e2327b  x86_64/corporate/2.1/RPMS/XFree86-4.2.1-6.6.C21mdk.x86_64.rpm
 0535bc7f617edf7413e873baa1457454  x86_64/corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.6.C21mdk.x86_64.rpm
 fff3943f0e2cbdf8743164ab0fadda19  x86_64/corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.6.C21mdk.x86_64.rpm
 824df87aa0748428ead3df852f57922f  x86_64/corporate/2.1/RPMS/XFree86-devel-4.2.1-6.6.C21mdk.x86_64.rpm
 547268b6e275e16d093936d2c1e34f77  x86_64/corporate/2.1/RPMS/XFree86-doc-4.2.1-6.6.C21mdk.x86_64.rpm
 b017b4c7835339dd020ed294aad87da8  x86_64/corporate/2.1/RPMS/XFree86-libs-4.2.1-6.6.C21mdk.x86_64.rpm
 72c016013e46b751e6c08417fc29e7a8  x86_64/corporate/2.1/RPMS/XFree86-server-4.2.1-6.6.C21mdk.x86_64.rpm
 ed38fb77a841fd8298e48fc81fa461d0  x86_64/corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.6.C21mdk.x86_64.rpm
 59f0ce8c3e9056dcd2206626e95aff2e  x86_64/corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.6.C21mdk.x86_64.rpm
 9f05560a2a1bc5948547ff7eb684ad08  x86_64/corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.6.C21mdk.x86_64.rpm
 7b1dc02790f89447eb0c46632da13124  x86_64/corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.6.C21mdk.x86_64.rpm
 d8d73ef1e50c8b1a33b393d53abd7154  x86_64/corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.6.C21mdk.x86_64.rpm
 6443f5436266224800834b1d721da412  x86_64/corporate/2.1/SRPMS/XFree86-4.2.1-6.6.C21mdk.src.rpm

 Mandrake Linux 9.0:
 dce0a2b05ecab57a22ada818db285fb8  9.0/RPMS/XFree86-100dpi-fonts-4.2.1-3.2.90mdk.i586.rpm
 9fb3d81b3a14747d51044cdc87719bbc  9.0/RPMS/XFree86-4.2.1-3.2.90mdk.i586.rpm
 5efb4c80ccc0e87dd22260c1b4d46603  9.0/RPMS/XFree86-75dpi-fonts-4.2.1-3.2.90mdk.i586.rpm
 6457789af4a96220e43743c3b52eef58  9.0/RPMS/XFree86-cyrillic-fonts-4.2.1-3.2.90mdk.i586.rpm
 2e5e81a71eabccffadd6999539f90032  9.0/RPMS/XFree86-devel-4.2.1-3.2.90mdk.i586.rpm
 2f0c58d8c68b1aa024d42646a15e97cc  9.0/RPMS/XFree86-doc-4.2.1-3.2.90mdk.i586.rpm
 a20f2a1172f2ad4dcdf1909072b4fbd2  9.0/RPMS/XFree86-glide-module-4.2.1-3.2.90mdk.i586.rpm
 990a21d03523c464dd9b21728894b230  9.0/RPMS/XFree86-libs-4.2.1-3.2.90mdk.i586.rpm
 4275d42f4822b0a37af29e076524c9a4  9.0/RPMS/XFree86-server-4.2.1-3.2.90mdk.i586.rpm
 1a9439f73c6b77c4914d0bf7413ba474  9.0/RPMS/XFree86-static-libs-4.2.1-3.2.90mdk.i586.rpm
 e8d58a1c16fc5b1e121ef9018ea1aef0  9.0/RPMS/XFree86-xfs-4.2.1-3.2.90mdk.i586.rpm
 f26a7a481963ebd85184faaf13e8374b  9.0/RPMS/XFree86-Xnest-4.2.1-3.2.90mdk.i586.rpm
 7386556507eccf518e3663e79622ecd9  9.0/RPMS/XFree86-Xvfb-4.2.1-3.2.90mdk.i586.rpm
 df323b66b2942b7a3a6e4a1fba696237  9.0/RPMS/X11R6-contrib-4.2.1-3.2.90mdk.i586.rpm
 b1154d5004fc50db40dd06592714dd08  9.0/SRPMS/XFree86-4.2.1-3.2.90mdk.src.rpm

 Mandrake Linux 9.1:
 accf02b52fa3d5022402d68219ac8142  9.1/RPMS/XFree86-100dpi-fonts-4.3-8.4.91mdk.i586.rpm
 5d4685fcf62d6b94b3fcf5a7fe24b039  9.1/RPMS/XFree86-4.3-8.4.91mdk.i586.rpm
 ab79c17b5b76e981632a2f9d56333548  9.1/RPMS/XFree86-75dpi-fonts-4.3-8.4.91mdk.i586.rpm
 47d960baa8c3aa802594ab16f41eef3c  9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.4.91mdk.i586.rpm
 8df0b06fb35c80541977df7462b11049  9.1/RPMS/XFree86-devel-4.3-8.4.91mdk.i586.rpm
 a1d8100166c9102c75f4b98633f4f482  9.1/RPMS/XFree86-doc-4.3-8.4.91mdk.i586.rpm
 ac369ce428570a11a4ae8d11c3311c9c  9.1/RPMS/XFree86-glide-module-4.3-8.4.91mdk.i586.rpm
 1ff23138ecce0cf758c96bad2392abd0  9.1/RPMS/XFree86-libs-4.3-8.4.91mdk.i586.rpm
 330daab58436828598fe25d611855723  9.1/RPMS/XFree86-server-4.3-8.4.91mdk.i586.rpm
 fbd0852d9ad9f794a241defb5453d9a1  9.1/RPMS/XFree86-static-libs-4.3-8.4.91mdk.i586.rpm
 671f7179566a4cd590bb1554ad950edd  9.1/RPMS/XFree86-xfs-4.3-8.4.91mdk.i586.rpm
 40021e3303ae73b918e2394572ee2e29  9.1/RPMS/XFree86-Xnest-4.3-8.4.91mdk.i586.rpm
 f57ff155ba975a12c896ea90aade93c7  9.1/RPMS/XFree86-Xvfb-4.3-8.4.91mdk.i586.rpm
 e849a55ac77f5739763e81818eb8f1fe  9.1/RPMS/X11R6-contrib-4.3-8.4.91mdk.i586.rpm
 acd2a322042fa0d9e89fa28b110ad678  9.1/SRPMS/XFree86-4.3-8.4.91mdk.src.rpm

 Mandrake Linux 9.1/PPC:
 9f840aa8de13b8e9549bac8f3f401511  ppc/9.1/RPMS/XFree86-100dpi-fonts-4.3-8.4.91mdk.ppc.rpm
 ebc9b0fb7b4039525bc07e43bd9812cd  ppc/9.1/RPMS/XFree86-4.3-8.4.91mdk.ppc.rpm
 c314d2a6444b8f69aa52a208d597db64  ppc/9.1/RPMS/XFree86-75dpi-fonts-4.3-8.4.91mdk.ppc.rpm
 e0803ca9429bbf99bb6d3a704e6dbe01  ppc/9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.4.91mdk.ppc.rpm
 7228f302044d983be022a5b78ea75a60  ppc/9.1/RPMS/XFree86-devel-4.3-8.4.91mdk.ppc.rpm
 3ace40d9e04f7c6f66119efab195d40e  ppc/9.1/RPMS/XFree86-doc-4.3-8.4.91mdk.ppc.rpm
 e60088fa6f57ac942d7a7a3308b114e5  ppc/9.1/RPMS/XFree86-libs-4.3-8.4.91mdk.ppc.rpm
 07a8d306c4e7d3a7a9e6277ecc16301d  ppc/9.1/RPMS/XFree86-server-4.3-8.4.91mdk.ppc.rpm
 c9678b2addd7539f0ee927d34058052d  ppc/9.1/RPMS/XFree86-static-libs-4.3-8.4.91mdk.ppc.rpm
 002a58462dafe69d98b70d515ac5ba60  ppc/9.1/RPMS/XFree86-xfs-4.3-8.4.91mdk.ppc.rpm
 48adafdbf3a73bbfc4b72498f09a180d  ppc/9.1/RPMS/XFree86-Xnest-4.3-8.4.91mdk.ppc.rpm
 1d45b2108bb885e02390534d76f54752  ppc/9.1/RPMS/XFree86-Xvfb-4.3-8.4.91mdk.ppc.rpm
 e55a6cdd3fe8ac35e76be48e766f45dd  ppc/9.1/RPMS/X11R6-contrib-4.3-8.4.91mdk.ppc.rpm
 acd2a322042fa0d9e89fa28b110ad678  ppc/9.1/SRPMS/XFree86-4.3-8.4.91mdk.src.rpm

 Mandrake Linux 9.2:
 3819f8fb1f7cc944dd34ef18eca5288f  9.2/RPMS/XFree86-100dpi-fonts-4.3-24.1.92mdk.i586.rpm
 7e692f391ef5599be19cec344f2bab98  9.2/RPMS/XFree86-4.3-24.1.92mdk.i586.rpm
 dc94b3fb11a6095df83ebd87248b7f4c  9.2/RPMS/XFree86-75dpi-fonts-4.3-24.1.92mdk.i586.rpm
 f37af40fd524665d9652782199409138  9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.1.92mdk.i586.rpm
 ab8eb966751fd413130ea5d3b604a5f8  9.2/RPMS/XFree86-doc-4.3-24.1.92mdk.i586.rpm
 10c78b71783ffed3162ef528b2c301b9  9.2/RPMS/XFree86-glide-module-4.3-24.1.92mdk.i586.rpm
 96a17618e021c5e9ff694a17b3d4dcde  9.2/RPMS/XFree86-server-4.3-24.1.92mdk.i586.rpm
 2f1e7168f8e2f953c0a73a48b86276da  9.2/RPMS/XFree86-xfs-4.3-24.1.92mdk.i586.rpm
 41ca5f78e5cbefc73c5cc4bc9d80d72b  9.2/RPMS/XFree86-Xnest-4.3-24.1.92mdk.i586.rpm
 7d109f19ff97b1abb53507ec3b5797c8  9.2/RPMS/XFree86-Xvfb-4.3-24.1.92mdk.i586.rpm
 f957f0483d87b760cf02d0295e4afa8f  9.2/RPMS/X11R6-contrib-4.3-24.1.92mdk.i586.rpm
 da7ba782fbf305f53deae646c286faae  9.2/RPMS/libxfree86-4.3-24.1.92mdk.i586.rpm
 0786fd53b28cce825e335f91293ac260  9.2/RPMS/libxfree86-devel-4.3-24.1.92mdk.i586.rpm
 5e4db773a8df489cd8a6191c824c7458  9.2/RPMS/libxfree86-static-devel-4.3-24.1.92mdk.i586.rpm
 2725a3aafbd92245fada4012ffed5072  9.2/SRPMS/XFree86-4.3-24.1.92mdk.src.rpm

 Mandrake Linux 9.2/AMD64:
 840df90ccb53c8c5b622b91d35fae2a7  amd64/9.2/RPMS/XFree86-100dpi-fonts-4.3-24.1.92mdk.amd64.rpm
 0551119938d20d37feabe7b5d5622d4e  amd64/9.2/RPMS/XFree86-4.3-24.1.92mdk.amd64.rpm
 8c40f36a224c680f6ee067b77406262a  amd64/9.2/RPMS/XFree86-75dpi-fonts-4.3-24.1.92mdk.amd64.rpm
 56e2cf4946504da6bafeb0213865db14  amd64/9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.1.92mdk.amd64.rpm
 953decec9c8d06244c6255c6e6e85243  amd64/9.2/RPMS/XFree86-doc-4.3-24.1.92mdk.amd64.rpm
 9c6586b303a66060664efac85b61c4a4  amd64/9.2/RPMS/XFree86-server-4.3-24.1.92mdk.amd64.rpm
 d37d759d8288d9608608fb4f074a4337  amd64/9.2/RPMS/XFree86-xfs-4.3-24.1.92mdk.amd64.rpm
 dd093c2632d1cbe05c6562cfc169e866  amd64/9.2/RPMS/XFree86-Xnest-4.3-24.1.92mdk.amd64.rpm
 2ec74fd37a2240ada6911a0d1534cea6  amd64/9.2/RPMS/XFree86-Xvfb-4.3-24.1.92mdk.amd64.rpm
 2e69a9003740454ee3a729b549fc0938  amd64/9.2/RPMS/X11R6-contrib-4.3-24.1.92mdk.amd64.rpm
 6f53b91faee94c0f281fa00f7b236aa1  amd64/9.2/RPMS/lib64xfree86-4.3-24.1.92mdk.amd64.rpm
 26363c79205d8e8918993668c559d8f5  amd64/9.2/RPMS/lib64xfree86-devel-4.3-24.1.92mdk.amd64.rpm
 a0fb588cc0dde5c53584ffc625865f59  amd64/9.2/RPMS/lib64xfree86-static-devel-4.3-24.1.92mdk.amd64.rpm
 2725a3aafbd92245fada4012ffed5072  amd64/9.2/SRPMS/XFree86-4.3-24.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 A list of FTP mirrors can be obtained from:

  http://www.mandrakesecure.net/en/ftp.php

 All packages are signed by MandrakeSoft for security.  You can obtain
 the GPG public key of the Mandrake Linux Security Team by executing:

  gpg --recv-keys --keyserver http://www.mandrakesecure.net 0x22458A98

 Please be aware that sometimes it takes the mirrors a few hours to
 update.

 You can view other update advisories for Mandrake Linux at:

  http://www.mandrakesecure.net/en/advisories/

 MandrakeSoft has several security-related mailing list services that
 anyone can subscribe to.  Information on these lists can be obtained by
 visiting:

  http://www.mandrakesecure.net/en/mlist.php

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/4vCsmqjQ0CJFipgRAjsfAKCOTl9ISJZTjR4Tp/9hS5zdDv1EdACeLI8R
1NSRqCqktl2C34KGeXMWO0I=
=fH2K
-----END PGP SIGNATURE-----

  Nav
» Read more about: Story Type: Security; Groups: Mandriva

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.