[Full-Disclosure] MDKSA-2003:118 - Updated XFree86 packages fix xdm vulnerability

From: Mandrake Linux Security Team (security_at_linux-mandrake.com)
Date: 12/19/03

  • Next message: Aaron Horst: "[Full-Disclosure] Re: Openware.org IE Fix - Warning"
    To: full-disclosure@lists.netsys.com
    Date: 19 Dec 2003 12:35:56 -0000
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

     _______________________________________________________________________

                    Mandrake Linux Security Update Advisory
     _______________________________________________________________________

     Package name: XFree86
     Advisory ID: MDKSA-2003:118
     Date: December 19th, 2003

     Affected versions: 9.0, 9.1, 9.2, Corporate Server 2.1
     ______________________________________________________________________

     Problem Description:

     A vulnerability was discovered in the XDM display manager that ships
     with XFree86. XDM does not check for successful completion of the
     pam_setcred() call and in the case of error conditions in the
     installed PAM modules, XDM may grant local root access to any user
     with valid login credentials. It has been reported that a certain
     configuration of the MIT pam_krb5 module can result in a failing
     pam_setcred() call which leaves the session alive and would provide
     root access to any regular user. It is also possible that this
     vulnerability can likewise be exploited with other PAM modules in a
     similar manner.
     
     A backported patch from XFree86 4.3 that corrects this vulnerability
     has been applied to these updated packages.
     _______________________________________________________________________

     References:

      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690
     ______________________________________________________________________

     Updated Packages:
      
     Corporate Server 2.1:
     7ba291697ec4355d7fa8641494fd6caf corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.6.C21mdk.i586.rpm
     1a1334d9b639c099e330cc5684b9973e corporate/2.1/RPMS/XFree86-4.2.1-6.6.C21mdk.i586.rpm
     14055e9c1990ffc0ae51eb8a62dc6ff1 corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.6.C21mdk.i586.rpm
     a9620d5d9c2db7a61ee02557ae63b4a9 corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.6.C21mdk.i586.rpm
     50fb7ed66e9b3e63b510b0f307582ea9 corporate/2.1/RPMS/XFree86-devel-4.2.1-6.6.C21mdk.i586.rpm
     fad9b5babd20b4f81107cac3229df28d corporate/2.1/RPMS/XFree86-doc-4.2.1-6.6.C21mdk.i586.rpm
     7dffea0280f7a66456fffbde0611ff50 corporate/2.1/RPMS/XFree86-glide-module-4.2.1-6.6.C21mdk.i586.rpm
     501ee2b8f244272ac695b56d14c04472 corporate/2.1/RPMS/XFree86-libs-4.2.1-6.6.C21mdk.i586.rpm
     34ce66ab9af42b521459d647442d3bae corporate/2.1/RPMS/XFree86-server-4.2.1-6.6.C21mdk.i586.rpm
     7bc53030d35ede94c59fa994002ec558 corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.6.C21mdk.i586.rpm
     3893ce26c8b2f6e50f0b6c478977d3c7 corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.6.C21mdk.i586.rpm
     7ac3a5b47f69873ac0e277d69dba5cbc corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.6.C21mdk.i586.rpm
     76984657d4e3c078440fca9067327fa9 corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.6.C21mdk.i586.rpm
     ddc5ff979384144f16884b7a05ec6d9d corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.6.C21mdk.i586.rpm
     6443f5436266224800834b1d721da412 corporate/2.1/SRPMS/XFree86-4.2.1-6.6.C21mdk.src.rpm

     Corporate Server 2.1/x86_64:
     b5cf0f68ffae1ca10a0c262d50b7cc33 x86_64/corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.6.C21mdk.x86_64.rpm
     8bd52e36599a09636cc3810f08e2327b x86_64/corporate/2.1/RPMS/XFree86-4.2.1-6.6.C21mdk.x86_64.rpm
     0535bc7f617edf7413e873baa1457454 x86_64/corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.6.C21mdk.x86_64.rpm
     fff3943f0e2cbdf8743164ab0fadda19 x86_64/corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.6.C21mdk.x86_64.rpm
     824df87aa0748428ead3df852f57922f x86_64/corporate/2.1/RPMS/XFree86-devel-4.2.1-6.6.C21mdk.x86_64.rpm
     547268b6e275e16d093936d2c1e34f77 x86_64/corporate/2.1/RPMS/XFree86-doc-4.2.1-6.6.C21mdk.x86_64.rpm
     b017b4c7835339dd020ed294aad87da8 x86_64/corporate/2.1/RPMS/XFree86-libs-4.2.1-6.6.C21mdk.x86_64.rpm
     72c016013e46b751e6c08417fc29e7a8 x86_64/corporate/2.1/RPMS/XFree86-server-4.2.1-6.6.C21mdk.x86_64.rpm
     ed38fb77a841fd8298e48fc81fa461d0 x86_64/corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.6.C21mdk.x86_64.rpm
     59f0ce8c3e9056dcd2206626e95aff2e x86_64/corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.6.C21mdk.x86_64.rpm
     9f05560a2a1bc5948547ff7eb684ad08 x86_64/corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.6.C21mdk.x86_64.rpm
     7b1dc02790f89447eb0c46632da13124 x86_64/corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.6.C21mdk.x86_64.rpm
     d8d73ef1e50c8b1a33b393d53abd7154 x86_64/corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.6.C21mdk.x86_64.rpm
     6443f5436266224800834b1d721da412 x86_64/corporate/2.1/SRPMS/XFree86-4.2.1-6.6.C21mdk.src.rpm

     Mandrake Linux 9.0:
     dce0a2b05ecab57a22ada818db285fb8 9.0/RPMS/XFree86-100dpi-fonts-4.2.1-3.2.90mdk.i586.rpm
     9fb3d81b3a14747d51044cdc87719bbc 9.0/RPMS/XFree86-4.2.1-3.2.90mdk.i586.rpm
     5efb4c80ccc0e87dd22260c1b4d46603 9.0/RPMS/XFree86-75dpi-fonts-4.2.1-3.2.90mdk.i586.rpm
     6457789af4a96220e43743c3b52eef58 9.0/RPMS/XFree86-cyrillic-fonts-4.2.1-3.2.90mdk.i586.rpm
     2e5e81a71eabccffadd6999539f90032 9.0/RPMS/XFree86-devel-4.2.1-3.2.90mdk.i586.rpm
     2f0c58d8c68b1aa024d42646a15e97cc 9.0/RPMS/XFree86-doc-4.2.1-3.2.90mdk.i586.rpm
     a20f2a1172f2ad4dcdf1909072b4fbd2 9.0/RPMS/XFree86-glide-module-4.2.1-3.2.90mdk.i586.rpm
     990a21d03523c464dd9b21728894b230 9.0/RPMS/XFree86-libs-4.2.1-3.2.90mdk.i586.rpm
     4275d42f4822b0a37af29e076524c9a4 9.0/RPMS/XFree86-server-4.2.1-3.2.90mdk.i586.rpm
     1a9439f73c6b77c4914d0bf7413ba474 9.0/RPMS/XFree86-static-libs-4.2.1-3.2.90mdk.i586.rpm
     e8d58a1c16fc5b1e121ef9018ea1aef0 9.0/RPMS/XFree86-xfs-4.2.1-3.2.90mdk.i586.rpm
     f26a7a481963ebd85184faaf13e8374b 9.0/RPMS/XFree86-Xnest-4.2.1-3.2.90mdk.i586.rpm
     7386556507eccf518e3663e79622ecd9 9.0/RPMS/XFree86-Xvfb-4.2.1-3.2.90mdk.i586.rpm
     df323b66b2942b7a3a6e4a1fba696237 9.0/RPMS/X11R6-contrib-4.2.1-3.2.90mdk.i586.rpm
     b1154d5004fc50db40dd06592714dd08 9.0/SRPMS/XFree86-4.2.1-3.2.90mdk.src.rpm

     Mandrake Linux 9.1:
     accf02b52fa3d5022402d68219ac8142 9.1/RPMS/XFree86-100dpi-fonts-4.3-8.4.91mdk.i586.rpm
     5d4685fcf62d6b94b3fcf5a7fe24b039 9.1/RPMS/XFree86-4.3-8.4.91mdk.i586.rpm
     ab79c17b5b76e981632a2f9d56333548 9.1/RPMS/XFree86-75dpi-fonts-4.3-8.4.91mdk.i586.rpm
     47d960baa8c3aa802594ab16f41eef3c 9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.4.91mdk.i586.rpm
     8df0b06fb35c80541977df7462b11049 9.1/RPMS/XFree86-devel-4.3-8.4.91mdk.i586.rpm
     a1d8100166c9102c75f4b98633f4f482 9.1/RPMS/XFree86-doc-4.3-8.4.91mdk.i586.rpm
     ac369ce428570a11a4ae8d11c3311c9c 9.1/RPMS/XFree86-glide-module-4.3-8.4.91mdk.i586.rpm
     1ff23138ecce0cf758c96bad2392abd0 9.1/RPMS/XFree86-libs-4.3-8.4.91mdk.i586.rpm
     330daab58436828598fe25d611855723 9.1/RPMS/XFree86-server-4.3-8.4.91mdk.i586.rpm
     fbd0852d9ad9f794a241defb5453d9a1 9.1/RPMS/XFree86-static-libs-4.3-8.4.91mdk.i586.rpm
     671f7179566a4cd590bb1554ad950edd 9.1/RPMS/XFree86-xfs-4.3-8.4.91mdk.i586.rpm
     40021e3303ae73b918e2394572ee2e29 9.1/RPMS/XFree86-Xnest-4.3-8.4.91mdk.i586.rpm
     f57ff155ba975a12c896ea90aade93c7 9.1/RPMS/XFree86-Xvfb-4.3-8.4.91mdk.i586.rpm
     e849a55ac77f5739763e81818eb8f1fe 9.1/RPMS/X11R6-contrib-4.3-8.4.91mdk.i586.rpm
     acd2a322042fa0d9e89fa28b110ad678 9.1/SRPMS/XFree86-4.3-8.4.91mdk.src.rpm

     Mandrake Linux 9.1/PPC:
     9f840aa8de13b8e9549bac8f3f401511 ppc/9.1/RPMS/XFree86-100dpi-fonts-4.3-8.4.91mdk.ppc.rpm
     ebc9b0fb7b4039525bc07e43bd9812cd ppc/9.1/RPMS/XFree86-4.3-8.4.91mdk.ppc.rpm
     c314d2a6444b8f69aa52a208d597db64 ppc/9.1/RPMS/XFree86-75dpi-fonts-4.3-8.4.91mdk.ppc.rpm
     e0803ca9429bbf99bb6d3a704e6dbe01 ppc/9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.4.91mdk.ppc.rpm
     7228f302044d983be022a5b78ea75a60 ppc/9.1/RPMS/XFree86-devel-4.3-8.4.91mdk.ppc.rpm
     3ace40d9e04f7c6f66119efab195d40e ppc/9.1/RPMS/XFree86-doc-4.3-8.4.91mdk.ppc.rpm
     e60088fa6f57ac942d7a7a3308b114e5 ppc/9.1/RPMS/XFree86-libs-4.3-8.4.91mdk.ppc.rpm
     07a8d306c4e7d3a7a9e6277ecc16301d ppc/9.1/RPMS/XFree86-server-4.3-8.4.91mdk.ppc.rpm
     c9678b2addd7539f0ee927d34058052d ppc/9.1/RPMS/XFree86-static-libs-4.3-8.4.91mdk.ppc.rpm
     002a58462dafe69d98b70d515ac5ba60 ppc/9.1/RPMS/XFree86-xfs-4.3-8.4.91mdk.ppc.rpm
     48adafdbf3a73bbfc4b72498f09a180d ppc/9.1/RPMS/XFree86-Xnest-4.3-8.4.91mdk.ppc.rpm
     1d45b2108bb885e02390534d76f54752 ppc/9.1/RPMS/XFree86-Xvfb-4.3-8.4.91mdk.ppc.rpm
     e55a6cdd3fe8ac35e76be48e766f45dd ppc/9.1/RPMS/X11R6-contrib-4.3-8.4.91mdk.ppc.rpm
     acd2a322042fa0d9e89fa28b110ad678 ppc/9.1/SRPMS/XFree86-4.3-8.4.91mdk.src.rpm

     Mandrake Linux 9.2:
     3819f8fb1f7cc944dd34ef18eca5288f 9.2/RPMS/XFree86-100dpi-fonts-4.3-24.1.92mdk.i586.rpm
     7e692f391ef5599be19cec344f2bab98 9.2/RPMS/XFree86-4.3-24.1.92mdk.i586.rpm
     dc94b3fb11a6095df83ebd87248b7f4c 9.2/RPMS/XFree86-75dpi-fonts-4.3-24.1.92mdk.i586.rpm
     f37af40fd524665d9652782199409138 9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.1.92mdk.i586.rpm
     ab8eb966751fd413130ea5d3b604a5f8 9.2/RPMS/XFree86-doc-4.3-24.1.92mdk.i586.rpm
     10c78b71783ffed3162ef528b2c301b9 9.2/RPMS/XFree86-glide-module-4.3-24.1.92mdk.i586.rpm
     96a17618e021c5e9ff694a17b3d4dcde 9.2/RPMS/XFree86-server-4.3-24.1.92mdk.i586.rpm
     2f1e7168f8e2f953c0a73a48b86276da 9.2/RPMS/XFree86-xfs-4.3-24.1.92mdk.i586.rpm
     41ca5f78e5cbefc73c5cc4bc9d80d72b 9.2/RPMS/XFree86-Xnest-4.3-24.1.92mdk.i586.rpm
     7d109f19ff97b1abb53507ec3b5797c8 9.2/RPMS/XFree86-Xvfb-4.3-24.1.92mdk.i586.rpm
     f957f0483d87b760cf02d0295e4afa8f 9.2/RPMS/X11R6-contrib-4.3-24.1.92mdk.i586.rpm
     da7ba782fbf305f53deae646c286faae 9.2/RPMS/libxfree86-4.3-24.1.92mdk.i586.rpm
     0786fd53b28cce825e335f91293ac260 9.2/RPMS/libxfree86-devel-4.3-24.1.92mdk.i586.rpm
     5e4db773a8df489cd8a6191c824c7458 9.2/RPMS/libxfree86-static-devel-4.3-24.1.92mdk.i586.rpm
     2725a3aafbd92245fada4012ffed5072 9.2/SRPMS/XFree86-4.3-24.1.92mdk.src.rpm

     Mandrake Linux 9.2/AMD64:
     840df90ccb53c8c5b622b91d35fae2a7 amd64/9.2/RPMS/XFree86-100dpi-fonts-4.3-24.1.92mdk.amd64.rpm
     0551119938d20d37feabe7b5d5622d4e amd64/9.2/RPMS/XFree86-4.3-24.1.92mdk.amd64.rpm
     8c40f36a224c680f6ee067b77406262a amd64/9.2/RPMS/XFree86-75dpi-fonts-4.3-24.1.92mdk.amd64.rpm
     56e2cf4946504da6bafeb0213865db14 amd64/9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.1.92mdk.amd64.rpm
     953decec9c8d06244c6255c6e6e85243 amd64/9.2/RPMS/XFree86-doc-4.3-24.1.92mdk.amd64.rpm
     9c6586b303a66060664efac85b61c4a4 amd64/9.2/RPMS/XFree86-server-4.3-24.1.92mdk.amd64.rpm
     d37d759d8288d9608608fb4f074a4337 amd64/9.2/RPMS/XFree86-xfs-4.3-24.1.92mdk.amd64.rpm
     dd093c2632d1cbe05c6562cfc169e866 amd64/9.2/RPMS/XFree86-Xnest-4.3-24.1.92mdk.amd64.rpm
     2ec74fd37a2240ada6911a0d1534cea6 amd64/9.2/RPMS/XFree86-Xvfb-4.3-24.1.92mdk.amd64.rpm
     2e69a9003740454ee3a729b549fc0938 amd64/9.2/RPMS/X11R6-contrib-4.3-24.1.92mdk.amd64.rpm
     6f53b91faee94c0f281fa00f7b236aa1 amd64/9.2/RPMS/lib64xfree86-4.3-24.1.92mdk.amd64.rpm
     26363c79205d8e8918993668c559d8f5 amd64/9.2/RPMS/lib64xfree86-devel-4.3-24.1.92mdk.amd64.rpm
     a0fb588cc0dde5c53584ffc625865f59 amd64/9.2/RPMS/lib64xfree86-static-devel-4.3-24.1.92mdk.amd64.rpm
     2725a3aafbd92245fada4012ffed5072 amd64/9.2/SRPMS/XFree86-4.3-24.1.92mdk.src.rpm
     _______________________________________________________________________

     To upgrade automatically use MandrakeUpdate or urpmi. The verification
     of md5 checksums and GPG signatures is performed automatically for you.

     A list of FTP mirrors can be obtained from:

      http://www.mandrakesecure.net/en/ftp.php

     All packages are signed by MandrakeSoft for security. You can obtain
     the GPG public key of the Mandrake Linux Security Team by executing:

      gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

     Please be aware that sometimes it takes the mirrors a few hours to
     update.

     You can view other update advisories for Mandrake Linux at:

      http://www.mandrakesecure.net/en/advisories/

     MandrakeSoft has several security-related mailing list services that
     anyone can subscribe to. Information on these lists can be obtained by
     visiting:

      http://www.mandrakesecure.net/en/mlist.php

     If you want to report vulnerabilities, please contact

      security_linux-mandrake.com

     Type Bits/KeyID Date User ID
     pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
      <security linux-mandrake.com>
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.7 (GNU/Linux)

    iD8DBQE/4vCsmqjQ0CJFipgRAjsfAKCOTl9ISJZTjR4Tp/9hS5zdDv1EdACeLI8R
    1NSRqCqktl2C34KGeXMWO0I=
    =fH2K
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Aaron Horst: "[Full-Disclosure] Re: Openware.org IE Fix - Warning"

    Relevant Pages

    • MDKSA-2001:079-2 - kernel updaet
      ... Alexander Viro discovered a vulnerability in the devfs implementation ... arbitrary amount of time in the kernel code. ... You can get the GPG public key of the Mandrake Linux Security Team at ...
      (Bugtraq)
    • MDKSA-2001:079-1 - kernel 2.4 update
      ... Subject: MDKSA-2001:079-1 - kernel 2.4 update ... Alexander Viro discovered a vulnerability in the devfs implementation ... You can get the GPG public key of the Mandrake Linux Security Team at ...
      (Bugtraq)
    • MDKSA-2001:053-1 - gnupg update
      ... A format string vulnerability exists in gnupg 1.0.5 and previous ... You can get the GPG public key of the Linux-Mandrake Security Team at ... Mandrake Linux 8.0: ...
      (Bugtraq)
    • MDKSA-2003:091 - Updated kdebase packages fix vulnerabilities in KDM
      ... KDM may grant local root access to any user with valid ... It is also possible that this vulnerability ... Mandrake Linux 9.0: ... All packages are signed by MandrakeSoft for security. ...
      (Bugtraq)
    • [Full-Disclosure] MDKSA-2003:091 - Updated kdebase packages fix vulnerabilities in KDM
      ... KDM may grant local root access to any user with valid ... It is also possible that this vulnerability ... Mandrake Linux 9.0: ... All packages are signed by MandrakeSoft for security. ...
      (Full-Disclosure)