News Archive (1999-2012) | 2013-current at LinuxGizmos | Current Tech News Portal |    About   

Major X security hole found, plugged

May 2, 2006 — by LinuxDevices Staff — from the LinuxDevices Archive — views

Coverity Inc., which makes source code analysis software, announced May 2 that the biggest X Window System security vulnerability of the last six years has been identified and fixed, thanks to developers working with the U.S. Department of Homeland Security (DHS). Thankfully, the hole was plugged within a week, according to the company.

Using Coverity Prevent on the DHS project, developers tracked down a critical security vulnerability in the X Window System, the graphical user interface (GUI) framework found in most Linux and Unix and systems. The X Window System also ships as an optional GUI with Macintosh computers from Apple.

The vulnerability was one of the most significant ones discovered in recent memory, “something that we find once every three to six years and is very close to X's worst-case scenarios, in terms of security,” said Daniel Stone, a release manager for the X.Org Foundation.

“Coverity exposed vulnerabilities in our code that likely wouldn't have been spotted with human eyes. Its attention to subtle detail throughout the entire codebase — even parts you wouldn't normally examine manually — makes it a very valuable tool in checking your codebase, and has been of definite benefit to X.Org,” Stone said.

The vulnerability was found in versions X11R6.9.0 and X11R7.0.0 during a security analysis of 31 major open source projects that Coverity undertook as part of a DHS initiative, the company said. This pair of X Window System versions marked a major milestone when released in December 2005, because they were the first major updates to the X Window System in more than a decade.

After the X.Org development team received the results of the analysis, the vulnerability was fixed within a week. The security hole resulted from a missing parenthesis on a small piece of the program that checked the ID of the user, Coverity said. This minuscule flaw allowed local users to execute code with root privileges, giving them the ability to overwrite system files or initiate denial of service attacks.

Coverity is a privately-held company headquartered in San Francisco.


 
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.



Comments are closed.