French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes libXfont PCF Buffer Overflow Vulnerability

Title : Fedora Security Update Fixes libXfont PCF Buffer Overflow Vulnerability
Advisory ID : FrSIRT/ADV-2008-0246
CVE ID : CVE-2008-0006
Rated as : Moderate Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2008-01-23

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by malicious users to execute arbitrary code with elevated privileges [...]

Solution

Upgrade the affected packages :

1abee4f6382d77b18380b62bc93d6ebcf9ff3d5b libXfont-debuginfo-1.2.9-3.fc7.ppc64.rpm
26064c202e1f72378dddffa2d67379b0798812c8 libXfont-devel-1.2.9-3.fc7.ppc64.rpm
80d0e6d684fad97bb7fa9c7ac3fd6696414fed41 libXfont-1.2.9-3.fc7.ppc64.rpm
397ede7646d407f7ad378191e81ff041b104fe4e libXfont-debuginfo-1.2.9-3.fc7.i386.rpm
71b600559094d736eda79478724f727b79de72de libXfont-devel-1.2.9-3.fc7.i386.rpm
d549935e282061059ed038c447b119e4c797c0e6 libXfont-1.2.9-3.fc7.i386.rpm
4be18dadb722d2e5f90dd3b1104f749292cc9162 libXfont-debuginfo-1.2.9-3.fc7.x86_64.rpm
c108759b4f2d560ed2efff16beb551d0790c74b7 libXfont-1.2.9-3.fc7.x86_64.rpm
5bccd560713d698e4478b91dc35b320f488eb22b libXfont-devel-1.2.9-3.fc7.x86_64.rpm
0a9ba458464bd1ea7ede5e4ecf796dd48769c174 libXfont-debuginfo-1.2.9-3.fc7.ppc.rpm
9034776dfb6309621435809aa1f3a15fdbb6c290 libXfont-devel-1.2.9-3.fc7.ppc.rpm
7f715606185271404684d5e0edee5514f03829f5 libXfont-1.2.9-3.fc7.ppc.rpm
225367431ad0b28e673b187773c5c32073b929f8 libXfont-1.2.9-3.fc7.src.rpm

90ddbe53973110318f542b58f0c5129eac810f70 libXfont-debuginfo-1.3.1-2.fc8.ppc64.rpm
5522e05e6b677bd3f39a03a819a831ec8cbcdeb5 libXfont-devel-1.3.1-2.fc8.ppc64.rpm
a1d73ad828b14abda0db3b48d3ceb7ef735b8e5f libXfont-1.3.1-2.fc8.ppc64.rpm
e38ec3ab2d62b6dd83fb75ffd709401768192409 libXfont-debuginfo-1.3.1-2.fc8.i386.rpm
b3542ffe428cc16c0c806b0aa3fb8680d14f0587 libXfont-devel-1.3.1-2.fc8.i386.rpm
e5deb9de3bc594b48ba5f22b9a4c557376e1fd17 libXfont-1.3.1-2.fc8.i386.rpm
b2fe10c4bee6f4cc6b8801ad59279f97510dd1f1 libXfont-debuginfo-1.3.1-2.fc8.x86_64.rpm
95e1c4408daf5c8444d61972e33e103256b75da5 libXfont-devel-1.3.1-2.fc8.x86_64.rpm
725bd5b66b52683e84c5f3412482f8ba6d1415f2 libXfont-1.3.1-2.fc8.x86_64.rpm
815ca48769898279b889cbaa9c803a299a9ec6dc libXfont-debuginfo-1.3.1-2.fc8.ppc.rpm
7cdc60e0c429da43091940a913a87e749a69f4d8 libXfont-devel-1.3.1-2.fc8.ppc.rpm
81c55ea1af85d268527f03dc10c01a98c9524ac4 libXfont-1.3.1-2.fc8.ppc.rpm
0f39a0a56c630212e75ce93373e0cf61925bd7a3 libXfont-1.3.1-2.fc8.src.rpm

ChangeLog

2008-01-23 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Microsoft Windows Vista "WRITE_ANDX" Denial of Service Vulnerability

Microsoft Office OneNote URL Code Execution (MS08-055)

Microsoft GDI+ Multiple Code Execution Vulnerabilities (MS08-052)

Microsoft Visual Studio "Msmask32" Code Execution Vulnerability

Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)

Microsoft Windows Messenger Data Disclosure (MS08-050)

Microsoft Windows Event System Code Execution (MS08-049)

Sun Solaris ACL UFS File Systems Denial of Service Vulnerability

Sun Solaris Text Editors Tag Files Local Code Execution Vulnerability

Sun Management Center Remote Denial of Service Vulnerability

Sun Solaris Bzip2 Archive Handling Denial of Service Vulnerability

Sun Solaris GNU Tar Headers Handling Buffer Overflow Vulnerability

Sun Solaris Covert Channel Local Security Bypass Vulnerability

Sun Solaris NFS RPC Zone Denial of Service Vulnerability

Cisco UCM SIP Remote Denial of Service

Cisco IOS Denial of Service and Security Bypass Vulnerabilities

Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities

Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy