Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunity - new!Blog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > XBlockOut Multiple Privilege Escalation Vulnerabilities
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
XBlockOut Multiple Privilege Escalation Vulnerabilities
Secunia Advisory: SA9082
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2003-06-20
Popularity: 7,226 views

Critical:
Not critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS:Debian GNU/Linux 2.x
Debian GNU/Linux 3.0
Debian GNU/Linux unstable alias sid

Software:XBlockOut (xbl) 1.x
Subscribe: Instant alerts on relevant vulnerabilities


Description:
Debian has reported several vulnerabilities in XBlockOut (xbl), which can be exploited by malicious, local users to escalate their privileges on a vulnerable system.

The vulnerabilities are caused due to boundary errors in the handling of command line arguments and the use of the "XBLOPTIONS" environment variable.

Successful exploitation can result in buffer overflows and may allow execution of arbitrary code with the privileges of the "games" group.

Solution:
Updated packages:

-- Debian GNU/Linux 2.2 alias potato --

Source archives:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1.dsc
Size/MD5 checksum: 554 d4b156eca0f35de954bd913bcd189b3e
http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1.diff.gz
Size/MD5 checksum: 7844 a55498b9b859c7a71744e9e9e1752af3
http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i.orig.tar.gz
Size/MD5 checksum: 213223 b9ea1555044e7ca80ff781796fd867b1

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1_alpha.deb
Size/MD5 checksum: 120714 dc4849970e1a724b4387e7f3f07dc820

ARM architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1_arm.deb
Size/MD5 checksum: 104536 74d0a2c7da8e14e1b7f425f31ab6f5d8

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1_i386.deb
Size/MD5 checksum: 100054 3ef40d75316e7f455868fa23f40712d9

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1_m68k.deb
Size/MD5 checksum: 96526 22868d833d5b1ff7616709516ca91750

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1_powerpc.deb
Size/MD5 checksum: 108338 1bf1e03fcde2d23aa7c6bcfa751899db

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0i-7potato1_sparc.deb
Size/MD5 checksum: 107850 339f2a39f75c73d1eafd0bf20216bc95


-- Debian GNU/Linux 3.0 alias woody --

Source archives:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1.dsc
Size/MD5 checksum: 566 a25e8ecf19edb97ab3cc32d52f20712f
http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1.diff.gz
Size/MD5 checksum: 9244 2376e2e1b69d0d79f0b0c0f87fe99a73
http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k.orig.tar.gz
Size/MD5 checksum: 135080 22e7822a449ae5b68695158fd59ea49c

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_alpha.deb
Size/MD5 checksum: 122224 ef6d29658f10a304876a2f17660b92a4

ARM architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_arm.deb
Size/MD5 checksum: 111094 d02b8e87910b0c410698430110eb4609

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_i386.deb
Size/MD5 checksum: 103230 91c87f285064777b556e60a41b5d137e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_ia64.deb
Size/MD5 checksum: 151410 f01344cab1623a36565d7ccae04ff20c

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_hppa.deb
Size/MD5 checksum: 116734 8ba40022bd13b071ce9832879bc00057

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_m68k.deb
Size/MD5 checksum: 97730 5d8d438bd00e9f82b84a42f2d9797141

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_mips.deb
Size/MD5 checksum: 115968 161ebcca8ea2a4adb31ecad81c151ee1

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_mipsel.deb
Size/MD5 checksum: 115830 59b4a9b21a0658d6fc1f4b42d599f91d

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_powerpc.deb
Size/MD5 checksum: 112202 69b74ea9a5fb019dbcd56051789c8970

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_s390.deb
Size/MD5 checksum: 106190 59e14cbb58a28db14639bba8a3c0c802

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xbl/xbl_1.0k-3woody1_sparc.deb
Size/MD5 checksum: 111194 b67bf2b0ba2174935b2ef85ca45a28a3


-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.0k-5.

Provided and/or discovered by:
Steve Kemp

Original Advisory:
http://www.debian.org/security/2003/dsa-327

Other References:
http://cvs.kitenet.net/joey-cvs/publi...p;only_with_tag=debian_version_1_0k-5

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

2nd Dec, 2008
New advisories: 14
New vulnerabilities: 21
Updated advisories: 26

Less // 370 views
Linksys WRT160N Cross-Site Scripting Vulnerability
Less // 351 views
IBM Rational ClearQuest Multiple Vulnerabilities
Not // 276 views
Debian update for flamethrower
Not // 268 views
flamethrower Insecure Temporary Files
Less // 324 views
IBM Rational ClearCase Cross-Site Scripting Vulnerability
Not // 310 views
DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability
Not // 309 views
Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities
Moderately // 296 views
Rumpus Multiple Vulnerabilities
Less // 315 views
bcoos "cid" SQL Injection Vulnerability
Moderately // 329 views
ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. ClamAV "cli_check_jpeg_exploit()" Denial of Service Vulnerability // 49 views
2. Sun Java JDK / JRE Multiple Vulnerabilities // 49 views
3. Linksys WRT160N Cross-Site Scripting Vulnerability // 46 views
4. IBM Rational ClearCase Cross-Site Scripting Vulnerability // 42 views
5. IBM Rational ClearQuest Multiple Vulnerabilities // 39 views
6. ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue // 38 views
7. Rumpus Multiple Vulnerabilities // 37 views
8. Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities // 36 views
9. bcoos "cid" SQL Injection Vulnerability // 35 views
10. Debian update for flamethrower // 34 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008