CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2013-2179
https://notcve.org/view.php?id=CVE-2013-2179
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by attempting to log into an account whose password field contains invalid characters, as demonstrated using the crypt function from glibc 2.17 and later with (1) the "!" character in the salt portion of a password field or (2) a password that has been encrypted using DES or MD5 in FIPS-140 mode. X.Org xdm 1.1.10, 1.1.11 y posiblemente otras versiones, cuando se ejecuta la autenticación utilizando ciertas implementaciones de la función crypt de la API, que puede devolver NULL, permite a atacantes remotos causar denegación de servicio (referencia a puntero a NULL y caída) mediante el intento de acceder a una cuenta cuyo campo de contraseña contiene caracteres inválidos, como se muestra utilizando la función crypt de glibc 2.17 y posteriores con (1) el caracter "!" en la parte del salt de la contraseña (2) una contraseña que ha sido cifrado utilizando DES o MD5 en modo FIPS-140. • http://cgit.freedesktop.org/xorg/app/xdm/commit/?id=8d1eb5c74413e4c9a21f689fc106949b121c0117 http://lists.opensuse.org/opensuse-updates/2013-07/msg00002.html http://www.openwall.com/lists/oss-security/2013/06/13/8 https://bugs.mageia.org/show_bug.cgi?id=10682 • CWE-310: Cryptographic Issues •
CVSS: 7.4EPSS: 2%CPEs: 22EXPL: 0CVE-2013-4396 – xorg-x11-server: use-after-free flaw when handling ImageText requests
https://notcve.org/view.php?id=CVE-2013-4396
Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. Vulnerabilidad de uso después de liberación en la función dolmageText en dix/dixfonts.c del módulo xorg-server anterior a la versión 1.14.4 en X.Org X11 permite a usuarios remotos autenticados provocar una denegación de servicio (cuelgue del demonio) o posiblemente ejecutar código arbitrario a través de una petición ImageText manipulada que provoque un fallo de reubicación de memoria. • http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html http://lists.x.org/archives/xorg-announce/2013-October/002332.html http://openwall.com/lists/oss-security/2013/10/08/6 http://rhn.redhat.com/errata/RHSA-2013-1426.html http://www.debian.org/security/2013/dsa-2784 http://www.securityfocus.com/bid/62892 http://www.ubuntu.com/usn/USN-1990-1 https://bugzilla.redhat.com/show_bug.cgi?id=1 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1982 – libXext: Multiple integer overflows leading to heap-based buffer-overflows
https://notcve.org/view.php?id=CVE-2013-1982
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. Múltiples desbordamientos de enteros en X.org libXext v1.3.1 y anteriores permiten a los servidores X para activar la asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo , (5) XShapeGetRectangles, y (6) XSyncListSystemCounters. • http://lists.opensuse.org/opensuse-updates/2013-06/msg00139.html http://www.debian.org/security/2013/dsa-2682 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1857-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1982 https://bugzilla.redhat.com/show_bug.cgi?id=959046 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2004 – libX11: unbounded recursion leading to stack-overflow
https://notcve.org/view.php?id=CVE-2013-2004
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. Las funciones (1) GetDatabase y (2) _XimParseStringFile en X.org libX11 v1.5.99.901 (1.6 RC1) y anteriores no limitan la profundidad de recursividad en el tratamiento de las directivas de inclusión de archivos, lo que permite causar una denegación de servicio a los servidores X (por consumo de pila) a través de un archivo diseñado para tal fin. Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file. • http://www.debian.org/security/2013/dsa-2693 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1854-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2004 https://bugzilla.redhat.com/show_bug.cgi?id=959112 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1981 – libX11: Multiple integer overflows leading to heap-based buffer-overflows
https://notcve.org/view.php?id=CVE-2013-1981
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. Múltiples desbordamientos de enteros en X.org libX11 v1.5.99.901 (1.6 RC1) y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, y (10) XGetImage. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html http://www.debian.org/security/2013/dsa-2693 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60120 http://www.ubuntu.com/usn/USN-1854-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1981 https://bugzilla.redhat.com/show_bug.cgi?id=959040 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •