XLoadImage Compressed Image Command Execution Vulnerability
BID:12712
Info
XLoadImage Compressed Image Command Execution Vulnerability
| Bugtraq ID: | 12712 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-0638 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 02 2005 12:00AM |
| Updated: | Nov 30 2006 04:59AM |
| Credit: | Tavis Ormandy is credited with the discovery of this issue. |
| Vulnerable: |
xloadimage xloadimage 4.1 xloadimage xloadimage 4.0 xloadimage xloadimage 3.0 xli xli 1.17 xli xli 1.16 xli xli 1.15 xli xli 1.14 SuSE Linux 8.1 SuSE Linux 8.0 i386 SuSE Linux 8.0 SuSE Linux 7.3 sparc SuSE Linux 7.3 ppc SuSE Linux 7.3 i386 SuSE Linux 7.3 SuSE Linux 7.2 i386 SuSE Linux 7.2 SuSE Linux 7.1 x86 SuSE Linux 7.1 sparc SuSE Linux 7.1 ppc SuSE Linux 7.1 alpha SuSE Linux 7.1 SuSE Linux 7.0 sparc SuSE Linux 7.0 ppc SuSE Linux 7.0 i386 SuSE Linux 7.0 alpha SuSE Linux 7.0 SuSE Linux 6.4 ppc SuSE Linux 6.4 i386 SuSE Linux 6.4 alpha SuSE Linux 6.4 SuSE Linux 6.3 ppc SuSE Linux 6.3 alpha SuSE Linux 6.3 SuSE Linux 6.2 SuSE Linux 6.1 alpha SuSE Linux 6.1 SuSE Linux 6.0 SuSE Linux 5.3 SuSE Linux 5.2 SuSE Linux 5.1 SuSE Linux 5.0 SuSE Linux 4.4.1 SuSE Linux 4.4 SuSE Linux 4.3 SuSE Linux 4.2 SuSE Linux 4.0 SuSE Linux 3.0 SuSE Linux 2.0 SuSE Linux 1.0 SGI ProPack 3.0 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 Redhat Linux Advanced Work Station 2.1 Redhat Linux 9.0 i386 Redhat Linux 7.3 i386 Redhat Fedora Core3 Redhat Fedora Core2 Redhat Fedora Core1 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux WS 2.1 IA64 Redhat Enterprise Linux WS 2.1 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux ES 2.1 IA64 Redhat Enterprise Linux ES 2.1 Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Enterprise Linux AS 2.1 IA64 Redhat Enterprise Linux AS 2.1 Redhat Desktop 4.0 Redhat Desktop 3.0 Gentoo Linux Avaya Modular Messaging (MSS) 2.0 Avaya Modular Messaging (MSS) 1.1 Avaya MN100 Avaya Intuity LX ALT Linux ALT Linux Junior 2.3 ALT Linux ALT Linux Compact 2.3 |
| Not Vulnerable: | |
Discussion
XLoadImage Compressed Image Command Execution Vulnerability
A remote command-execution vulnerability affects xloadimage. This issue is due to the application's failure to safely parse compressed images.
An attacker may leverage this by distributing a malicious image file designed to execute arbitrary commands with the privileges of an unsuspecting users.
A remote command-execution vulnerability affects xloadimage. This issue is due to the application's failure to safely parse compressed images.
An attacker may leverage this by distributing a malicious image file designed to execute arbitrary commands with the privileges of an unsuspecting users.
Exploit / POC
XLoadImage Compressed Image Command Execution Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
XLoadImage Compressed Image Command Execution Vulnerability
Solution:
Please see the referenced advisories for more information.
xli xli 1.17
xloadimage xloadimage 4.1
Solution:
Please see the referenced advisories for more information.
xli xli 1.17
-
Debian xli_1.17.0-11woody1_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _alpha.deb -
Debian xli_1.17.0-11woody1_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _arm.deb -
Debian xli_1.17.0-11woody1_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _hppa.deb -
Debian xli_1.17.0-11woody1_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _i386.deb -
Debian xli_1.17.0-11woody1_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _ia64.deb -
Debian xli_1.17.0-11woody1_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _m68k.deb -
Debian xli_1.17.0-11woody1_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _mips.deb -
Debian xli_1.17.0-11woody1_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _mipsel.deb -
Debian xli_1.17.0-11woody1_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _powerpc.deb -
Debian xli_1.17.0-11woody1_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _s390.deb -
Debian xli_1.17.0-11woody1_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/x/xli/xli_1.17.0-11woody1 _sparc.deb -
Mandriva xli-1.17.0-4.1.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-4.1.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-8.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-8.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-8.1.102mdk.i586.rpm
Mandrake Linux 10.2
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-8.1.102mdk.x86_64.rpm
Mandrake Linux 10.2/x86_64
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-8.2.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva xli-1.17.0-8.2.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www1.mandrivalinux.com/en/ftp.php3
xloadimage xloadimage 4.1
-
Fedora xloadimage-4.1-34.FC2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora xloadimage-4.1-34.FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora xloadimage-4.1-34.FC3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora xloadimage-4.1-34.FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora xloadimage-debuginfo-4.1-34.FC2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora xloadimage-debuginfo-4.1-34.FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora xloadimage-debuginfo-4.1-34.FC3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora xloadimage-debuginfo-4.1-34.FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
RedHat xloadimage-4.1-21.2.legacy.i386.rpm
Red Hat Linux 7.3:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/xloadimage-4. 1-21.2.legacy.i386.rpm -
RedHat xloadimage-4.1-27.2.legacy.i386.rpm
Red Hat Linux 9:
http://download.fedoralegacy.org/redhat/9/updates/i386/xloadimage-4.1- 27.2.legacy.i386.rpm -
RedHat xloadimage-4.1-29.2.legacy.i386.rpm
Fedora Core 1:
http://download.fedoralegacy.org/fedora/1/updates/i386/xloadimage-4.1- 29.2.legacy.i386.rpm -
RedHat xloadimage-4.1-34.FC2.2.legacy.i386.rpm
Fedora Core 2:
http://download.fedoralegacy.org/fedora/2/updates/i386/xloadimage-4.1- 34.FC2.2.legacy.i386.rpm -
TurboLinux xloadimage-4.1-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/xloadimage-4.1-22.i586.rpm -
TurboLinux xloadimage-4.1-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/xloadimage-4.1-22.i586.rpm -
TurboLinux xloadimage-4.1-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/xloadimage-4.1-22.i586.rpm -
TurboLinux xloadimage-4.1-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/xloadimage-4.1-22.i586.rpm -
TurboLinux xloadimage-4.1-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/xloadimage-4.1-22.i586.rpm -
TurboLinux xloadimage-4.1-22.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/xloadimage-4.1-22.i586.rpm
References
XLoadImage Compressed Image Command Execution Vulnerability
References:
References:
- [security-announce] I: updated packages available (ALT Linux)
- ASA-2005-134 - xloadimage (Avaya)
- RHSA-2005:332-10 xloadimage security update (RedHat)
- xli Readme File (X.org)