Novell Home

CVE-2011-4028

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-4028 at MITRE

Description

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.

NVD CVSS v2 Base Score: 1.2 (AV:L/AC:H/Au:N/C:P/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entry: 722944

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.3
  • xorg-x11-Xvnc-debuginfo >= 7.5_1.8.0-10.15.2
  • xorg-x11-server-debuginfo >= 7.5_1.8.0-10.15.2
  • xorg-x11-server-debugsource >= 7.5_1.8.0-10.15.2
  • xorg-x11-server-extra-debuginfo >= 7.5_1.8.0-10.15.2
openSUSE 11.3
  • xorg-x11-Xvnc >= 7.5_1.8.0-10.15.2
  • xorg-x11-server >= 7.5_1.8.0-10.15.2
  • xorg-x11-server-extra >= 7.5_1.8.0-10.15.2
  • xorg-x11-server-sdk >= 7.5_1.8.0-10.15.2
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • xorg-x11-server-rdp >= 7.3.99-3.18.2
Builds
SAT Patch Nr: 6111
SUSE Linux Enterprise Software Development Kit 11 SP1
  • xorg-x11-server-sdk >= 7.4-27.40.52.1
sle11-sp1-sdk.ppc
sles11-sp1-vmware.x86-64
sles11-sp1.x86
sle11-sp1-sdk.x86
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.ia64
sled11-sp1.x86-64
sle11-sp1-sdk.s390x
sles11-sp1.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ppc
SAT Patch Nr: 5479
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
  • xorg-x11-Xvnc >= 7.4-27.40.52.1
  • xorg-x11-server >= 7.4-27.40.52.1
  • xorg-x11-server-extra >= 7.4-27.40.52.1
sle11-sp1-sdk.ppc
sles11-sp1-vmware.x86-64
sles11-sp1.x86
sle11-sp1-sdk.x86
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.ia64
sled11-sp1.x86-64
sle11-sp1-sdk.s390x
sles11-sp1.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ppc
SAT Patch Nr: 5479
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
  • xorg-x11-server-dmx >= 7.3.99-17.11.1
Builds
SAT Patch Nr: 6112
SUSE Linux Enterprise Desktop 11 SP1
  • xorg-x11-server-rdp >= 7.3.99-3.11.10.1
Builds
SAT Patch Nr: 6113

© 2014 Novell