February 2005
Three Gentoo Linux Security Advisories: 1. GLSA 200502-06 - LessTif: Multiple vulnerabilities in libXpm 2. GLSA 200502-07 - OpenMotif: Multiple vulnerabilities in libXpm 3. GLSA 200502-08 - PostgreSQL: Local privilege escalation
ID: 00106
Ref: 91/2005
Date: 08 February 2005:14:50:04
Version: 1
Title: Three Gentoo Linux Security Advisories: 1. GLSA 200502-06 - LessTif: Multiple vulnerabilities in libXpm 2. GLSA 200502-07 - OpenMotif: Multiple vulnerabilities in libXpm 3. GLSA 200502-08 - PostgreSQL: Local privilege escalation
Abstract:
Vendors affected: Gentoo
Operating systems affected: Gentoo
Applications affected: Gentoo
Title
=====
Three Gentoo Linux Security Advisories:
1. GLSA 200502-06 - LessTif: Multiple vulnerabilities in libXpm
2. GLSA 200502-07 - OpenMotif: Multiple vulnerabilities in libXpm
3. GLSA 200502-08 - PostgreSQL: Local privilege escalation
Detail
======
1. Multiple vulnerabilities, including buffer overflows, out of bounds
memory access and directory traversals, have been discovered in libXpm,
which is shipped as a part of the X Window System. LessTif, an
application that includes libXpm, suffers from the same issues.
2. Multiple vulnerabilities, such as buffer overflows, out of bounds memory
access or directory traversals, have been discovered in libXpm that is
shipped as a part of the X Window System (see GLSA 200409-34 and 200411-28).
OpenMotif, an application that includes this library, suffers from the
same issues.
3. PostgreSQL's LOAD extension is vulnerable to a local privilege escalation
discovered by John Heasman. A local user can load any shared library, but
the initialization function will then be executed with the permissions of
the PostgreSQL server.
1.
- ------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: LessTif: Multiple vulnerabilities in libXpm
Date: February 06, 2005
Bugs: #78483
ID: 200502-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in libXpm, which is
included in LessTif, that can potentially lead to remote code execution.
Background
==========
LessTif is a clone of OSF/Motif, which is a standard user interface
toolkit available on Unix and Linux.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-libs/lesstif < 0.94.0 >= 0.94.0
Description
===========
Multiple vulnerabilities, including buffer overflows, out of bounds
memory access and directory traversals, have been discovered in libXpm,
which is shipped as a part of the X Window System. LessTif, an
application that includes libXpm, suffers from the same issues.
Impact
======
A carefully-crafted XPM file could crash applications making use of
the LessTif toolkit, potentially allowing the execution of arbitrary
code with the privileges of the user running the application.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All LessTif users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/lesstif-0.94.0"
References
==========
[ 1 ] CAN-2004-0914
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
[ 2 ] LessTif Release Notes
http://www.lesstif.org/ReleaseNotes.html
Availability
============
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200502-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
Importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
2.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: OpenMotif: Multiple vulnerabilities in libXpm
Date: February 07, 2005
Bugs: #78111
ID: 200502-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in libXpm, which is
included in OpenMotif, that can potentially lead to remote code execution.
Background
==========
OpenMotif provides a free version of the Motif toolkit for open source
applications.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-libs/openmotif < 2.2.3 >= 2.2.3
Description
===========
Multiple vulnerabilities, such as buffer overflows, out of bounds memory
access or directory traversals, have been discovered in libXpm that is
shipped as a part of the X Window System (see GLSA 200409-34 and 200411-28).
OpenMotif, an application that includes this library, suffers from the
same issues.
Impact
======
A carefully-crafted XPM file could crash applications making use of the
OpenMotif toolkit, potentially allowing the execution of arbitrary code
with the privileges of the user running the application.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All OpenMotif users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/openmotif-2.2.3"
References
==========
[ 1 ] CAN-2004-0687
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
[ 2 ] CAN-2004-0688
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
[ 3 ] CAN-2004-0914
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
[ 4 ] GLSA 200409-34
http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
[ 5 ] GLSA 200411-28
http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml
Availability
============
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200502-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
3.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: PostgreSQL: Local privilege escalation
Date: February 07, 2005
Bugs: #80342
ID: 200502-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
The PostgreSQL server can be tricked by a local attacker to execute
arbitrary code.
Background
==========
PostgreSQL is a SQL compliant, open source object-relational database
management system.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/postgresql < 7.4.7 >= 7.4.7
Description
===========
PostgreSQL's LOAD extension is vulnerable to a local privilege escalation
discovered by John Heasman. A local user can load any shared library, but
the initialization function will then be executed with the permissions of
the PostgreSQL server.
Impact
======
A malicious local user could exploit this to execute arbitrary code with
the privileges of the PostgreSQL server.
Workaround
==========
There is no know workaround at this time.
Resolution
==========
All PostgreSQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/postgresql-7.4.7"
References
==========
[ 1 ] PostgreSQL Announcement
http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php
Availability
============
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200502-08.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality
and security of our users machines is of utmost importance to us. Any security
concerns should be addressed to security@gentoo.org or alternatively, you may
file a bug at http://bugs.gentoo.org.
License
=======
Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0