xloadimage FACES buffer overflow could allow remote code execution

xloadimage-faces-bo (6821) The risk level is classified as HighHigh Risk

Description:

The xloadimage package, included with several Linux distributions, is vulnerable to a buffer overflow in the faces file type reader. By posting a specially-crafted FACES file that is represented as a TIFF file by the Web server, a remote attacker can overflow a buffer when xloadimage attempts to display the file in a remote user¿s Web browser. An attacker can use this vulnerability to execute arbitrary code on the system as the user running Netscape.


Consequences:

Gain Access

Remedy:

For Red Hat Linux 6.2:
Upgrade to the latest version of xloadimage (4.1-19.6 or later), as listed in RHSA-2001:088-04. See References.

For Red Hat Linux 7.0 and 7.1:
Upgrade to the latest version of xloadimage (4.1-20 or later), as listed in Red Hatt Security Advisory RHSA-2001:088-04. See References.

For Debian GNU/Linux 2.2 (potato):
Upgrade to the latest version of xloadimage (4.1-5potato1 or later), as listed in DSA-069-1. See References.

For Debian GNU/Linux 3.0 (woody):
Update to the latest version of xloadimage (1.17.0-11woody1 or later), as listed in DSA-695-1. See References.

For SuSE Linux 6.3, 6.4, 7.0, 7.1, and 7.2 (Intel):
Upgrade to the latest version of xli (1.16-351 or later), as listed in SuSE Security Announcement SuSE-SA:2001:024. See References.

For SuSE Linux 6.3, 6.4, 7.0 (AXP Alpha), and 7.1 (Sparc and AXP Alpha):
Upgrade to the latest version of xli (1.16-301 or later), as listed in SuSE Security Announcement SuSE-SA:2001:024. See References.

For SuSE Linux 7.0 (Sparc):
Upgrade to the latest version of xli (1.16-300 or later), as listed in SuSE Security Announcement SuSE-SA:2001:024. See References.

For SuSE Linux 6.4, 7.0, and 7.1 (PPC Power PC):
Upgrade to the latest version of xli (1.16-304 or later), as listed in SuSE Security Announcement SuSE-SA:2001:024. See References.

For Mandrake Linux 7.1 and Corporate Server 1.0.1:
Upgrade to the latest version of xli (1.16-4.1mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2001:073-1 : xloadimage. See References.

For Mandrake Linux 7.2:
Upgrade to the latest version of xli (1.16-7.1mdk or later) or xloadimage (4.1-6.1mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2001:073-1 : xloadimage. See References.

For Mandrake Linux 8.0:
Upgrade to the latest version of xli (1.17.0-1.1mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2001:073-1 : xloadimage. See References.

For Conectiva Linux 4.0 and 4.0es:
Upgrade to the latest version of xloadimage (4.1-15U40_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Conectiva Linux 4.1:
Upgrade to the latest version of xloadimage (4.1-15U41_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Conectiva Linux 4.2:
Upgrade to the latest version of xloadimage (4.1-15U42_1.cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Conectiva Linux 5.0, ecommerce, and prg graficos:
Upgrade to the latest version of xloadimage (4.1-15U50_cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Conectiva Linux 5.1:
Upgrade to the latest version of xloadimage (4.1-16U51_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Conectiva Linux 6.0:
Upgrade to the latest version of xloadimage (4.1-17U60_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Conectiva Linux 7.0:
Upgrade to the latest version of xloadimage (4.1-17U70_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:415. See References.

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2005-03-05 for patch, upgrade, or suggested workaround information. See References.

For other distributions:
Contact your vendor for patch or upgrade information.

References:

Platforms Affected:

  • Conectiva Linux 4.0
  • Conectiva Linux 4.0es
  • Conectiva Linux 4.1
  • Conectiva Linux 4.2
  • Conectiva Linux 5.0
  • Conectiva Linux 5.1
  • Conectiva Linux 6.0
  • Conectiva Linux 7.0
  • Conectiva Linux ecommerce
  • Conectiva Linux prg_graficos
  • Debian Debian Linux 2.2
  • Debian Debian Linux 3.0
  • Gentoo Linux
  • MandrakeSoft Mandrake Linux 7.1
  • MandrakeSoft Mandrake Linux 7.2
  • MandrakeSoft Mandrake Linux 8.0
  • MandrakeSoft Mandrake Linux Corporate Server 1.0.1
  • MIT X Consortium xloadimage 4.1-16
  • RedHat Linux 6.2
  • RedHat Linux 7
  • RedHat Linux 7.1
  • RedHat Linux 7.2
  • RedHat Linux 7.3
  • SUSE SuSE Linux 6.3
  • SUSE SuSE Linux 6.4
  • SUSE SuSE Linux 7.0
  • SUSE SuSE Linux 7.1
  • SUSE SuSE Linux 7.2
  • Turbolinux Turbolinux 10 Desktop
  • Turbolinux Turbolinux 10 F...
  • Turbolinux Turbolinux 10 Server
  • Turbolinux Turbolinux 7 Server
  • Turbolinux Turbolinux 7 Workstation
  • Turbolinux Turbolinux 8 Server
  • Turbolinux Turbolinux 8 Workstation
  • Turbolinux Turbolinux Home

Reported:

Jul 10, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page