1. Gentoo Linux Security Advisory
| Advisory Reference | GLSA 200705-10 / tightvnc, libxfont |
| Release Date | May 08, 2007 |
| Latest Revision | May 08, 2007: 01 |
| Impact | high |
| Exploitable | local |
| Package | Vulnerable versions | Unaffected versions | Architecture(s) |
| net-misc/tightvnc | < 1.2.9-r4 | >= 1.2.9-r4 | All supported architectures |
| x11-libs/libXfont | < 1.2.7-r1 | >= 1.2.7-r1 | All supported architectures |
Related bugreports: #172575, #174200
Multiple vulnerabilities have been reported in libXfont and TightVNC, allowing for the execution of arbitrary code with root privileges.
LibXfont is the X.Org font library. TightVNC is a VNC client/server for X displays.
The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected.
A local attacker could use a specially crafted BDF Font to gain root privileges on the vulnerable host.
There is no known workaround at this time.
All libXfont users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.7-r1" |
All TightVNC users should upgrade to the latest version:
Code Listing 3.2: Resolution |
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tightvnc-1.2.9-r4" |