• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

X.Org X Server 'PassMessage' Request Local Privilege Escalation Vulnerability

Solution:
The vendor has released an update and an advisory. Please see the references for more information.


OpenBSD OpenBSD 4.3

• OpenBSD 003_xorg.patch
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/003_xorg.patch

Sun Solaris 10

• Sun 119059-37
  for Xsun
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -119059-37-1


• Sun 125719-07
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-125719-07-1

OpenBSD OpenBSD 4.2

• OpenBSD 006_xorg.patch
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/006_xorg.patch

X.org xorg-server 1.2

• X.org xorg-xserver-1.2-multiple-overflows.diff
  ftp://ftp.freedesktop.org/pub/xorg/X11R7.2/patches/xorg-xserver-1.2-mu ltiple-overflows.diff

X.org xorg-server 1.4

• X.org xorg-xserver-1.4-multiple-overflows.diff
  ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-mu ltiple-overflows.diff

OpenBSD OpenBSD 4.1

• OpenBSD 012_xorg.patch
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/012_xorg.patch

Sun Solaris 10_x86

• Sun 119060-36
  for Xsun
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -119060-36-1


• Sun 125720-16
  for Xorg
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -125720-16-1

X.org LibXfont 1.3.1

• X.org xorg-libXfont-1.3.1-pcf-parser.diff
  ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-libXfont-1.3.1 -pcf-parser.diff