[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[irix-security] IRIX Xlib vulnerability
- To: irix-security@sfu.ca
- Subject: [irix-security] IRIX Xlib vulnerability
- From: Martin Siegert <siegert@sfu.ca>
- Date: Wed, 5 Jun 2002 20:08:10 -0700
- User-Agent: Mutt/1.2.5.1i
Topic
=====
Buffer overflows in /usr/lib/libX11.so may lead to root compromise.
Problem Description
===================
Programs that are setuid and linked against Xlib can be made to overflow
buffers in /usr/lib/libX11.so.
See http://www.securityfocus.com/archive/1/139436 and
http://www.xfree86.org/security/ for additional details.
This vulnerability may be not exploited by a remote user, a local account is
required.
Affected Systems
================
The X11 library is part of the IRIX X11 Execution Environment, and is
installed by default on all graphics-capable SGI machines.
To see if libX11.so is installed, execute the following command:
$ versions x_eoe.sw.eoe
I = Installed, R = Removed
Name Date Description
I x_eoe 09/19/2000 X11 Execution Environment,
${IRIX_RELEASE_NUMBER}, based on X11R6.3
I x_eoe.sw 09/19/2000 X11 Execution Environment
I x_eoe.sw.eoe 09/19/2000 X11 Execution Environment
If the output looks similar to the above, then the X11 Execution Environment
is installed, and you are vulnerable if the version shown is earlier than
6.5.12.
This vulnerability has been fixed in IRIX 6.5.12 and later versions.
Solution
========
SGI has not provided patches for this vulnerability. Their recommendation is
to upgrade to IRIX 6.5.12 or a later version.
OS Version Vulnerable?
---------- -----------
IRIX 6.5 yes
IRIX 6.5.1 yes
IRIX 6.5.2 yes
IRIX 6.5.3 yes
IRIX 6.5.4 yes
IRIX 6.5.5 yes
IRIX 6.5.6 yes
IRIX 6.5.7 yes
IRIX 6.5.8 yes
IRIX 6.5.9 yes
IRIX 6.5.10 yes
IRIX 6.5.11 yes
IRIX 6.5.12 no
IRIX 6.5.13 no
IRIX 6.5.14 no
IRIX 6.5.15 no
IRIX 6.5.16 no