发布时间 :2005-01-10 00:00:00
修订时间 :2017-10-10 21:29:37

[原文]Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

[CNNVD]libXpm 多个 安全漏洞(CNNVD-200501-094)

        libXpm是一款使用X Windows系统操作pixmaps的库。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:gentoo:linuxGentoo Linux
cpe:/o:suse:suse_linux:8.1SuSE SuSE Linux 8.1
cpe:/o:suse:suse_linux:8.2SuSE SuSE Linux 8.2
cpe:/o:suse:suse_linux:9.0SuSE SuSE Linux 9.0
cpe:/o:suse:suse_linux:9.1SuSE SuSE Linux 9.1
cpe:/o:suse:suse_linux:9.2SuSE SuSE Linux 9.2

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9943Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2)...

- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  FEDORA  FLSA-2006:152803
(UNKNOWN)  XF  libxpm-image-bo(18142):
(UNKNOWN)  XF  libxpm-improper-memory-access(18144):
(UNKNOWN)  XF  libxpm-command-execution(18145):
(UNKNOWN)  XF  libxpm-directory-traversal(18146):
(UNKNOWN)  XF  libxpm-dos(18147)

- 漏洞信息

libXpm 多个 安全漏洞
危急 路径遍历
2005-01-10 00:00:00 2006-06-15 00:00:00
        libXpm是一款使用X Windows系统操作pixmaps的库。

- 公告与补丁


- 漏洞信息 (F40209)

SSRT5988.txt (PacketStormID:F40209)
2005-09-23 00:00:00
advisory,remote,denial of service,arbitrary,vulnerability

HP Security Bulletin - Multiple potential Vulnerabilities have been identified in the X11 Pixmap routines used in the HP Tru64 UNIX Motif library (libXpm) and in the X11 Image Viewer (dximageview). Under certain circumstances, remote unauthorized users could cause a Denial of Service (DoS), or execute arbitrary code.

Hash: SHA1



SSRT5988 rev.1 - HP Tru64 Unix libXpm Remote Denial of Service
(DoS) or Execute Privileged Code

The information in this Security Bulletin should be acted upon
as soon as possible.

20 September 2005

Remote Denial of Service (DoS) or execute privileged code.

Hewlett-Packard Company
HP Software Security Response Team

Multiple potential Vulnerabilities have been identified in the
X11 Pixmap routines used in the HP Tru64 UNIX Motif library
(libXpm) and in the X11 Image Viewer (dximageview).
Under certain circumstances, remote unauthorized users could cause
a Denial of Service (DoS), or execute arbitrary code.


SUPPORTED SOFTWARE VERSIONS*:  ONLY impacted versions are listed.
HP Tru64 UNIX 5.1B-3
HP Tru64 UNIX 5.1B-2/PK4
HP Tru64 UNIX 5.1A PK
HP Tru64 UNIX 4.0G PK4
HP Tru64 UNIX 4.0F PK8



Until the resolutions are available in a mainstream release patch
kit, HP is releasing the following Early Release Patch (ERP) kits
publicly for use by any customer.

The ERP kits use dupatch to install and will not install over any
installed Customer Specific Patches (CSPs) that have file
intersections with the ERPs.

Please contact your service provider for assistance if the ERP
installation is blocked by any of your installed CSPs.

The resolutions contained in the ERP kits are scheduled to be
available in the following mainstream patch kit:

    HP Tru64 UNIX 5.1B-4

Early Release Patches

    The ERPs deliver the following files:


HP Tru64 UNIX 5.1B-3
ERP Kit Name: T64KIT0026421-V51BB26-ES-20050913
Kit Location:
MD5 checksum: 2b3bacc16e24ba95a981874009efecd8

HP Tru64 UNIX 5.1B-2/PK4
ERP Kit Name: T64KIT0026461-V51BB25-ES-20050915
Kit Location:
MD5 checksum: b962e47a51c33706a3fe7ddf0ad4f059

HP Tru64 UNIX 5.1A PK6
ERP Kit Name: T64KIT0026462-V51AB24-ES-20050915
Kit Location:
MD5 checksum: db68a200a69a7a74b469275be95edafd

HP Tru64 UNIX 4.0G PK4
ERP Kit Name: T64KIT0026463-V40GB22-ES-20050915
Kit Location:
MD5 checksum: a696bdb209725696b170dde68329af90

HP Tru64 UNIX 4.0F PK8
ERP Kit Name: DUXKIT0026464-V40FB22-ES-20050915
Kit Location:
MD5 checksum: 220db58948a0f18dfd047b6c6a9146bf

General ITRC Patch Page:

Revision 0: 19 September 2005
    Initial Release
Revision 1: 20 September 2005
    Updated CAN Reference Number

SUPPORT: For further information, contact normal HP Services
support channel.

REPORT: To report a potential security vulnerability with any HP
supported product, send Email to: It is
strongly recommended that security related information being
communicated to HP be encrypted using PGP, especially exploit
information. To obtain the security-alert PGP key please send an
e-mail message to with the Subject of
'get key' (no quotes).

SUBSCRIBE: To initiate a subscription to receive future HP
Security Bulletins via Email:

On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
     - check ALL categories for which alerts are required and
Under Step2: your ITRC operating systems
     - verify your operating system selections are checked and

To update an existing subscription:

Log in on the web page
  Subscriber's choice for Business: sign-in.
On the Web page:
 Subscriber's Choice: your profile summary
   - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit:

* The Software Product Category that this Security Bulletin
  relates to is represented by the 5th and 6th characters of the
  Bulletin number:
    GN = HP General SW,
    MA = HP Management Agents,
    MI = Misc. 3rd party SW,
    MP = HP MPE/iX,
    NS = HP NonStop Servers,
    OV = HP OpenVMS,
    PI = HP Printing & Imaging,
    ST = HP Storage SW,
    TL = HP Trusted Linux,
    TU = HP Tru64 UNIX,
    UX = HP-UX,
    VV = HP Virtual Vault

System management and security procedures must be reviewed
frequently to maintain system integrity. HP is continually
reviewing and enhancing the security features of software products
to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to
bring to the attention of users of the affected HP products the
important security information contained in this Bulletin. HP
recommends that all users determine the applicability of this
information to their individual situations and take appropriate
action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP
will not be responsible for any damages resulting from user's use
or disregard of the information provided in this Bulletin. To the
extent permitted by law, HP disclaims all warranties, either
express or implied, including the warranties of merchantability
and fitness for a particular purpose, title and non-infringement."

(c)Copyright 2005 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or
editorial errors or omissions contained herein. The information
provided is provided "as is" without warranty of any kind. To the
extent permitted by law, neither HP nor its affiliates,
subcontractors or suppliers will be liable for incidental, special
or consequential damages including downtime cost; lost profits;
damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration.
The information in this document is subject to change without
notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard
Company in the United States and other countries. Other product
and company names mentioned herein may be trademarks of their
respective owners.

Version: PGP 8.1



- 漏洞信息 (F35287)

dsa-607.txt (PacketStormID:F35287)
2004-12-12 00:00:00

Debian Security Advisory 607-1 - Several developers have discovered a number of problems in the libXpm library which is provided by X.Org, XFree86 and LessTif. These bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges, by using a specially crafted XPM image.

Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 607-1                                        Martin Schulze
December 10th, 2004           
- --------------------------------------------------------------------------

Package        : xfree86
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0914

Several developers have discovered a number of problems in the libXpm
library which is provided by X.Org, XFree86 and LessTif.  These bugs
can be exploited by remote and/or local attackers to gain access to
the system or to escalate their local privileges, by using a specially
crafted XPM image.

For the stable distribution (woody) this problem has been fixed in
version 4.1.0-16woody5.

For the unstable distribution (sid) this problem will be fixed in
version 4.3.0.dfsg.1-9.

We recommend that you upgrade your libxpm package immediately.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:     1512 826f911016453d6f512fac4494b48c58
      Size/MD5 checksum:  1617667 ad4dc77a8dbde56fc7a3d06f774f3d40
      Size/MD5 checksum: 54433247 ea7a32e6a81a850e9f19428f3104c300

  Architecture independent components:
      Size/MD5 checksum:    60604 1c1e8c20bb24da351662146a33e5639f
      Size/MD5 checksum:  8333750 129f41352a58537243a151bed8d62610
      Size/MD5 checksum:  4442488 edc68faf02ca047d7dc41e9fc45d5656
      Size/MD5 checksum:  7225840 0390a1429368e0f7e071364efbec1174
      Size/MD5 checksum:  3931824 e90d7b2d74814c8028ea016256750f50
      Size/MD5 checksum:  1105246 81b4d1c98b90ab9c1f12a7d008396acf
      Size/MD5 checksum:  5029006 a9c3ddb273cc208a2d009eebc3760967
      Size/MD5 checksum:   438786 68e757f5fa1f3d1294cef852b5beda20
      Size/MD5 checksum:    69142 6bd8cb79ef086acfd69ea9815444f0f1
      Size/MD5 checksum:   796550 654c36501891308f40d548ca9b433c55
      Size/MD5 checksum:   546708 8c17cdb362282f27e408aa2c8247bced
      Size/MD5 checksum:    60564 794db2a39dc83fb91f375bba3b9ff335
      Size/MD5 checksum:    60760 afb36d47831c04bbdd5aaabe3c3f3ac0
      Size/MD5 checksum:  4164682 2b32fd48c9eb444cd0b99a3ae89cf158

  Alpha architecture:
      Size/MD5 checksum:   165796 073d4b00e5769e4113c6d0dede86c072
      Size/MD5 checksum:   307054 77b22086347517346d03981073d64d1c
      Size/MD5 checksum:   198824 88822d14cc17ccf7be40e824c65697fd
      Size/MD5 checksum:   779210 6d2d3376dab9408a878f62c40b65d95f
      Size/MD5 checksum:   204122 65e5752a059fd3841acbc9ad605929fe
      Size/MD5 checksum:   649940 0ce21be0d5f6e04251d6aa6600792324
      Size/MD5 checksum:   390892 3d5e54f45b33deb6cd6e960919b246df
      Size/MD5 checksum:   264510 cd151b7ccf15fa860631b94a9cf593f3
      Size/MD5 checksum:   821048 7bd5e41b39b023fd3c7d23826c03e51b
      Size/MD5 checksum:   390780 53d6f64015cd2e527b23a83524e41509
      Size/MD5 checksum:    79486 1ae62cb8fb46e25fc9895c05b32e5794
      Size/MD5 checksum:   178282 8ed0fe87aafcd218f6f08155cdca5be4
      Size/MD5 checksum:    60772 86e472c95788c7f2205f8bb81e4a3ae9
      Size/MD5 checksum:  1991636 c425d06e4275b550b4765e4153320dd6
      Size/MD5 checksum:   190496 3ab410336a8175978641ce3cba705697
      Size/MD5 checksum:   375788 a075dff0f09021a1a70d36f623d927d9
      Size/MD5 checksum:    85354 82a7c25cb3abde211d74db41696a661d
      Size/MD5 checksum:   694792 5a0f265b4b62004d8f9e9d54b20e4a21
      Size/MD5 checksum:  4134878 51281a1fa89709c551293c3560367374
      Size/MD5 checksum:  1490694 6e90669b5d47739212fcd53545d69161
      Size/MD5 checksum:   712616 e830847b60e8a5ed728711c7dcbbf92a
      Size/MD5 checksum:   611946 2b8b82a237b291690835e276b937ab27
      Size/MD5 checksum:  1604000 149161403061b30b7208a943d6e35b6c
      Size/MD5 checksum:  1375630 053e357325d0d0755eb850669de1272c
      Size/MD5 checksum:  4400444 6d9e7f56a5732d79b47d617b9f76087c
      Size/MD5 checksum:  3229354 db4206011a161295644d25d8d7426c6c
      Size/MD5 checksum:    84956 e987f00ff97bb8942df9707524224305
      Size/MD5 checksum:   151302 406d28c95bb9c1bb1869f1315c95393d
      Size/MD5 checksum:  1889604 f3fcbcfacd27fd02ed5086274d58a3ce
      Size/MD5 checksum:  1476406 aa3962a58898a209d16286deb587fa62
      Size/MD5 checksum:   220732 dc0a02acb8e19ccb70309748c6ca6970
      Size/MD5 checksum:  5721032 aa235a02c2bc2009c995ee218f1461ee
      Size/MD5 checksum:   525994 a9773922e4b6f1c92a5c7718287d66fa
      Size/MD5 checksum:   713496 51527b87d2753eab9a35dd30c545bb60
      Size/MD5 checksum:  2048310 5195241bf0d1473f356e130c899a77d2

  ARM architecture:
      Size/MD5 checksum:   145628 fbf412e3ee61aaf2595f51b982a40850
      Size/MD5 checksum:   253532 4dd808ea14a06f1459680636b7145b79
      Size/MD5 checksum:   179484 fb8ae6faf182e04c9ebe3510920615ac
      Size/MD5 checksum:   444888 e5789bd49b005fd438ae6974321d78da
      Size/MD5 checksum:   189280 08c03c8407b063d52c4ab7a867da3d0b
      Size/MD5 checksum:   378446 ccd6c2b3ce71170a859b704620ec5866
      Size/MD5 checksum:   349010 087e95b77579e211d0dac3b73f34ae59
      Size/MD5 checksum:   241260 d902a76d1fd823b6813f4330e8ef36b1
      Size/MD5 checksum:   491660 a1bd6c74c26ee139e6b7ba57fc7f3a66
      Size/MD5 checksum:   348906 419f1ac0bcd38a0e62ffcf22830beeac
      Size/MD5 checksum:    76972 c161db0d8d82d1896cad349c9a747f89
      Size/MD5 checksum:   169528 eda26153cc9356d4f87877bf9b4811d4
      Size/MD5 checksum:    60788 50871fc3f2d34485afa69ce836e71bb1
      Size/MD5 checksum:  1625306 374bccf11edd904a095f6198945b9ccb
      Size/MD5 checksum:   176118 98f654b995fbe58af4d4c1b962698985
      Size/MD5 checksum:   325570 4a9c7c801b2261f877dc029bf3451bb9
      Size/MD5 checksum:    82522 bb9461517a89af0315861ca20fdeea24
      Size/MD5 checksum:   607360 526f9eae30fbd473aab85bbb7a8b7761
      Size/MD5 checksum:   352552 a4e278cd12388fdc6228c0a7010d45b6
      Size/MD5 checksum:   932786 dba7ae683f449742572f8739e8de7cd5
      Size/MD5 checksum:  1316418 8f1bae7b2ac0298316a2d98ce7fb2577
      Size/MD5 checksum:  2761476 d74f67b45b4f2345fa4a2a47c6dc0c83
      Size/MD5 checksum:  3093750 6b3c29a29a5c17c95574a249cfb0cc52
      Size/MD5 checksum:    85010 e6f2d785b055b91f4b71ee13d1e1ded5
      Size/MD5 checksum:   133902 fc1e9d6de6281f816a77f600d1a1088b
      Size/MD5 checksum:  1656504 e7102736a69a89c89a8f6d5775f768b4
      Size/MD5 checksum:  1340636 b62370a93e46386753e1b86744e7891c
      Size/MD5 checksum:   219964 6ba3d97f6c516b02c9132dbbf4b8ebff
      Size/MD5 checksum:  4833338 b762fa9ea784d28d02f507cfd1a2bbc3
      Size/MD5 checksum:   495116 5f1ab6f0f628e8d398028e5b97431f6b
      Size/MD5 checksum:   621772 11481172653c7341f14774dae8ca7b1b
      Size/MD5 checksum:  1787734 9c8fd662cb8e8611476a0fccd718d6fa

  Intel IA-32 architecture:
      Size/MD5 checksum:   132798 49f7e4fcf414c4f3c60e25ac0b3e094b
      Size/MD5 checksum:   230016 0a49931d29d99452a32ec540ff300542
      Size/MD5 checksum:   168798 e473757b12bfeb8e17df0ffbfc302b46
      Size/MD5 checksum:   409786 058a753335e16029b8b38d4b30e304e1
      Size/MD5 checksum:   166746 826261aa44c1625295f6e97f961699c4
      Size/MD5 checksum:   334576 d0b18db73233accc30b775854f07136b
      Size/MD5 checksum:   292940 955778e54537451b8e19b4e39144259d
      Size/MD5 checksum:   213622 84e7cd54719f3d6848942e19c78423ac
      Size/MD5 checksum:   434220 e487bd03a93f3db462f3fd220e672ece
      Size/MD5 checksum:   292836 b7aada2213d92627ec1398fe152b76ae
      Size/MD5 checksum:    76748 33b3be242ea9d6737c52bf9cf007956d
      Size/MD5 checksum:   152010 9bf227819118bbd531a7c9848b81bfbe
      Size/MD5 checksum:    60772 3abf1bb411f57174810b1577f3b419f3
      Size/MD5 checksum:  1456738 572973ba13218a142842a1376c5bfd04
      Size/MD5 checksum:   171424 742859f5c4d0f6321d9fe1f137dbe869
      Size/MD5 checksum:   276034 9259e968d8cdc3b61f4deb9b5679319b
      Size/MD5 checksum:    81300 5a4e32971157f8559d88ce8870a4749c
      Size/MD5 checksum:   552964 acc664b9316d0f9e750bafd27a057b21
      Size/MD5 checksum:  3422886 9b751373cf3c6badda84f456f692d731
      Size/MD5 checksum:   866180 fbd3152586a3b5b56a08559498311eb0
      Size/MD5 checksum:   522880 05c5efdbca65aa0d57f8593037dea6f7
      Size/MD5 checksum:   462980 6042cff3f6da8c79c6179d46d975db54
      Size/MD5 checksum:   964522 8658a013622cdeb3a287db37711fc82b
      Size/MD5 checksum:  1225848 0de4891834c9fa5814ef746c55c61400
      Size/MD5 checksum:  2542744 f94a84d7997b0d3864407b38da507760
      Size/MD5 checksum:  2725702 0908b4e877020972907c125e9ac0f614
      Size/MD5 checksum:    73732 a4cf49b5e837b4807ee3a84b22766ce7
      Size/MD5 checksum:   124872 2be738f4d33f0139d71acb390fcb7435
      Size/MD5 checksum:  1394160 aa1b74d2fb1e3a46e7763dabc22c72ab
      Size/MD5 checksum:  1123704 1998b1cb4426de732d5f0de215157a09
      Size/MD5 checksum:   220012 b30ae9f159c8813da76aa1c2d20104fc
      Size/MD5 checksum:  4336060 194c02c24a010a751e8983418dfb9955
      Size/MD5 checksum:   484658 588784f474674937c7fb2a4a2a3bedce
      Size/MD5 checksum:   602732 f12e8f8804af295525bbb42f593a2db7
      Size/MD5 checksum:  1497140 40715ddad2f57ce1ff532a7cba54dd60

  Intel IA-64 architecture:
      Size/MD5 checksum:   191984 ea5aa3ec909238a31c369ffa9b56bb81
      Size/MD5 checksum:   322456 dddc5f057f1165437c1284c46693b3c5
      Size/MD5 checksum:   241800 61ccdff3aca0b03e8a20692be95cedfe
      Size/MD5 checksum:   825416 aeee2a0653e79239d180de0489c4aa1d
      Size/MD5 checksum:   258436 e4ea074cd57d501a5d75bcdf10de1c58
      Size/MD5 checksum:  1167824 ada78592744023a06dcae2fc458d9749
      Size/MD5 checksum:   444550 b1f50ac55940062b5de3363e524e8be9
      Size/MD5 checksum:   340650 c4cc701b45c2f11ef5b8fee04a081be0
      Size/MD5 checksum:  1334238 9fb7de7ed53b993268ea4a6bf466020d
      Size/MD5 checksum:   444452 180a033b06458fa4502d99d60e195e9f
      Size/MD5 checksum:    84246 e226bffeb4a30691a9cd4eb6874559dc
      Size/MD5 checksum:   208080 4cfbc391f979c5d46a84fc606caac8f7
      Size/MD5 checksum:    60772 4da08580a4cc8ebd4a79089215015318
      Size/MD5 checksum:  2410740 e02ad2079848a164df8a4e44db45b37e
      Size/MD5 checksum:   211294 3b42cc26703aaf16433abc593311b09b
      Size/MD5 checksum:   474296 1a5533e27d0cb3b2699628f03f2d6589
      Size/MD5 checksum:    91450 fec8a3d49ac637dc415140d667564422
      Size/MD5 checksum:   743908 a797c5209b4aba6e00465802bb33b1e5
      Size/MD5 checksum:  5185906 905d1e41a6cccf74ab56b506f25d3e56
      Size/MD5 checksum:  2395058 32fffcea030c85d663743a5f6d8165d0
      Size/MD5 checksum:   832176 387be7be135e7a6e1fdcc06e6c1ea48e
      Size/MD5 checksum:   756284 b33954a5751018431ade13e6cbd4dc90
      Size/MD5 checksum:  3199748 bf73aa3b9c495eec9942f5858788147c
      Size/MD5 checksum:  1654830 ccae2c25fbc8ff4880c5101db6c52d7d
      Size/MD5 checksum: 18067620 ad5b42290b6f41365dedabb5e0d803fb
      Size/MD5 checksum:  3515804 a8910c7bd8a241b860974f8ebac29c19
      Size/MD5 checksum:    89618 7915f7117dbdcb6351cbe49ac774abee
      Size/MD5 checksum:   170656 eff6d1b3a4c7436f3f744aeced3f58e2
      Size/MD5 checksum:  2371072 b46bec843c683d22eff842415d62c72d
      Size/MD5 checksum:  1895734 2049905d139901b06548182b71116d13
      Size/MD5 checksum:   221894 63dff8253882437d89e44abab194d3f4
      Size/MD5 checksum:  6901820 519b38f5a248033461d1a361ee30c637
      Size/MD5 checksum:   567174 ae2d0d55cac5fe73b74e8f5bf23cd72f
      Size/MD5 checksum:   816268 1d5b1d9a94665d7178aba93c7ee6e8ba
      Size/MD5 checksum:  2572248 44b106166f65fe50a9f6f309ab9ecc44

  HP Precision architecture:
      Size/MD5 checksum:   154900 ece2d038276c6a9f7a1cdeb0e4f22bf8
      Size/MD5 checksum:   278796 5d2e606b980bfc4baffd074ea3ca5801
      Size/MD5 checksum:   202822 33f3dfc56a732e93e54300fc5176e25c
      Size/MD5 checksum:   489264 3f7797f0a28cc24210d1d1b360415a24
      Size/MD5 checksum:   204318 1321265a16f23225217b24f4177cba02
      Size/MD5 checksum:   398188 d9d52b083d6b429df048f2c0e3f34c09
      Size/MD5 checksum:   358854 693ca71ee642bd148e2a6f7e037db004
      Size/MD5 checksum:   264738 059c47efdf4e60f96b6a68a56af63ab3
      Size/MD5 checksum:   517822 5983958228ede5a8b883ecc595210f50
      Size/MD5 checksum:   358742 ea55dfe77bae353f1b9b81594c0ab433
      Size/MD5 checksum:    78890 c1e637d94dacfb4b058799de5c1a9fcb
      Size/MD5 checksum:   172812 bbbe3331b8a88536bb1cc2627a95b853
      Size/MD5 checksum:    60776 b14d0016f77ca6c03bffb79d01a5e9eb
      Size/MD5 checksum:  1700584 46365e3b8bb733374be52255d13831b0
      Size/MD5 checksum:   181452 2c04614586e7de30e85ad5670c7d3ab8
      Size/MD5 checksum:   338928 31993c0376914bcc03769c5783dd4c38
      Size/MD5 checksum:    83944 b5c0f86105bbe22040b3825d78bc9c49
      Size/MD5 checksum:   681928 fdb6fd334ca13cc4ba7d9ca5e6d97cff
      Size/MD5 checksum:   435064 3db53e0b77612d68233f7e09ffbc923c
      Size/MD5 checksum:   995974 d4d54b479620ac2f953db3bb0ec6dbd4
      Size/MD5 checksum:  1458560 d1db52dc654c03cdd208defbbff21c65
      Size/MD5 checksum:  2984892 e1c3969a1b599fa5d526bdd878de82a0
      Size/MD5 checksum:  3194256 c6d5be2d69eb34a97c386b86f78ba322
      Size/MD5 checksum:    81460 cb69167cd10f6dc45e79de8b824353f7
      Size/MD5 checksum:   138200 cdca687b924ce300a4696e7bb70f7e0e
      Size/MD5 checksum:  1924204 37d0b2ba6d7d9cf8afd3d91784a66648
      Size/MD5 checksum:  1499762 172521be313858d106695d1c4bcaed0a
      Size/MD5 checksum:   220458 0737306309ca8a80059b98497329e9ad
      Size/MD5 checksum:  3592932 958aff8fb48fa80c040119a81560aaad
      Size/MD5 checksum:   510534 93305cc125adc12dbddafbc9da17957f
      Size/MD5 checksum:   665712 efa152dd0f2a33eb2f8e2211f10255eb
      Size/MD5 checksum:  2070734 20db2f84bccc1ca839212cdba97422b6

  Motorola 680x0 architecture:
      Size/MD5 checksum:   127932 c8c911f4218fbd8a39ef5958260f51c8
      Size/MD5 checksum:   232746 4e470d717d1e1877493e74fe4c162651
      Size/MD5 checksum:   177066 3e8e3f0fdbc89c1d93ba0af961d0dbd4
      Size/MD5 checksum:   433528 b899eda95ca73f0ea7d3c25b21d2f04c
      Size/MD5 checksum:   163930 67caf80fafcc3d099052d190980ad826
      Size/MD5 checksum:   341240 50068c34450e07e673ee782e502d1e6c
      Size/MD5 checksum:   283624 d37fa7eeabcf9acdafd450d71aae3539
      Size/MD5 checksum:   208412 004cbfe92aa327cfb3f6ef6c19972514
      Size/MD5 checksum:   443758 9ed4f19fc30d4af36adc36afdf8dd7a8
      Size/MD5 checksum:   283512 832321345f9eff6f2fea44a908dd6faf
      Size/MD5 checksum:    75800 68b42f5bc69b44097af2928e23546870
      Size/MD5 checksum:   148194 677e85b7fa4b3874fa7a401d5492c2da
      Size/MD5 checksum:    60780 983496c0411d625d9c7e3a782970a815
      Size/MD5 checksum:  1376048 4ea2b6d751b4ea0808790dbb4296c5ba
      Size/MD5 checksum:   168716 268c4d6bb75c2fd22b06583cb43b803e
      Size/MD5 checksum:   256928 aef1bf9f14b14234abe4b62a0ff09e6e
      Size/MD5 checksum:    80208 d89911d959eab08e9a68c4965b738a21
      Size/MD5 checksum:   519844 b01890186ebfc85b2b5a7c07a86ff117
      Size/MD5 checksum:   336020 1b1024e7ab7eb7cf9d64e96b8fb0bb99
      Size/MD5 checksum:   864882 8b644d3bce3b1dd430006eb2641ef8e9
      Size/MD5 checksum:  1183500 0b0296c722a8576b07f71514e63956b3
      Size/MD5 checksum:  2580358 9528465b798c468006cb6227489c9910
      Size/MD5 checksum:  2647386 96103aa6bbc412604c47447847804e4a
      Size/MD5 checksum:    73080 e3b316b5dcd5f334dd0248b044402f1e
      Size/MD5 checksum:   122880 311599dae65f863c44c057ec203f206b
      Size/MD5 checksum:  1235186 995c790c57a7148968c1907816b28283
      Size/MD5 checksum:  1006606 888cf55a4c872b7154e30d0190e7ebb7
      Size/MD5 checksum:   219920 a1131ea7a5e06f033a70d139aa18c163
      Size/MD5 checksum:  3537458 51cfd5bc6b6cae3dd27b7d9346d59d92
      Size/MD5 checksum:   478988 5b14aeab23e5662fda34bffd7e890901
      Size/MD5 checksum:   551532 4f118e8d0baf26a0399eea2db8303033
      Size/MD5 checksum:  1325800 c3af64031010d8dec0e115465518bc7b

  Big endian MIPS architecture:
      Size/MD5 checksum:   153638 66405f98924f92fcf566d10e779c63aa
      Size/MD5 checksum:   277706 462ede1bc306472456b576339d19ca51
      Size/MD5 checksum:   174398 975845d759cb24492bdf95e0c29ad202
      Size/MD5 checksum:   576632 b26bd788d2a0e9189bb65ee542be494e
      Size/MD5 checksum:   183036 19bec51d726ab739350e79fb85ce62ac
      Size/MD5 checksum:   551496 430de088bc20dd12ee52bc067e58e91e
      Size/MD5 checksum:   350642 d4f00d59abfff985e8f5d5d70c37a5aa
      Size/MD5 checksum:   233674 ebc8343913751d71e4f9da4afa7639a8
      Size/MD5 checksum:   691592 3404641aa1d19756d1500dc3b1d0692d
      Size/MD5 checksum:   350510 6839aa9294d7f7b0608528ddf3ed47ac
      Size/MD5 checksum:    78118 8ef0fbd766ff40a172d3549477af7892
      Size/MD5 checksum:   168532 11e1dd60707669497661a0cb4b4e402c
      Size/MD5 checksum:    60776 2fbbce42e0d14cac770397cfa9eddbca
      Size/MD5 checksum:  1653996 b8bb7cf3e4ad4de903a2ceb70ef091f4
      Size/MD5 checksum:   177590 f2bae22058521367e352236daef18472
      Size/MD5 checksum:   338566 fb20bfc4df6de99649b6d5aeb7e37ebf
      Size/MD5 checksum:    83656 88cde0611c09f58db3b970f75972f822
      Size/MD5 checksum:   634110 e485983d556900e77af044a651946bd9
      Size/MD5 checksum:   358312 77a14987be8bec62e6b36c9f79ed1cba
      Size/MD5 checksum:  1078094 80a21cfac5149f3c071639423eb94d65
      Size/MD5 checksum:  1311048 530848be42b664750acc80dfe2da248a
      Size/MD5 checksum:  3739426 b6e597d00ad4a90764099597fd85de9a
      Size/MD5 checksum:  3126700 3b3d1be87ae9c535dea66321de0e4e92
      Size/MD5 checksum:    78986 47a5bc6819297ece8215fddb44d153a1
      Size/MD5 checksum:   141304 a5e902136724936fe487ba05b5c1de5d
      Size/MD5 checksum:  1775822 40d28185696ff86ba941c87e9572880a
      Size/MD5 checksum:  1441100 a8ad366a56b9cd617755b6b954b89df3
      Size/MD5 checksum:   219836 60161a2093ff0208b896022a49a78e00
      Size/MD5 checksum:  3386558 55bc6f4446a3cc1f578b63af77c63656
      Size/MD5 checksum:   506750 537432eb6858ad8f778de12f6e133106
      Size/MD5 checksum:   662760 0ee9c23ee3abc0cde11e5f99488b5a1c
      Size/MD5 checksum:  1911160 04e19f4ab43bba8cfa0ccde1445c4400

  Little endian MIPS architecture:
      Size/MD5 checksum:   153188 23358e487a97204bd6f3ea9a03a57d00
      Size/MD5 checksum:   277060 b5c55d78065c0ee5dc06acc66173cec1
      Size/MD5 checksum:   172914 baab26539fb18c6dd9523e376fba4367
      Size/MD5 checksum:   559766 b346b5929ea9c9054a605393e5d054f0
      Size/MD5 checksum:   181428 31b6a1c1a17b71af1ae5ae9d79dccd04
      Size/MD5 checksum:   536376 68610e2dc48b638e7a0dbcbb0de64946
      Size/MD5 checksum:   349742 0dd81a3cf6de494b6f5ee4ed3be75878
      Size/MD5 checksum:   231422 e736cbe4ace1e3a8463b9c61ec268520
      Size/MD5 checksum:   669560 9287855728cc6d5c34b66ecac727b7d5
      Size/MD5 checksum:   349642 e9f2c6055e02fb12f17a7c238344adab
      Size/MD5 checksum:    78076 c3240c82f462f83549d31a8bc82296a6
      Size/MD5 checksum:   168016 4a235996615973e4320ab1c5063a1bc4
      Size/MD5 checksum:    60780 30734b2394a7723fa7814092be542323
      Size/MD5 checksum:  1650476 70edcf13e9f5282e38c7c94d2d1c4c7d
      Size/MD5 checksum:   177434 c110d4005a7bd64eb84a050fb8795f17
      Size/MD5 checksum:   337992 3b506f40daa419bfdabc8df965bdd87c
      Size/MD5 checksum:    83708 b0f4742ac10abba824a89552d5e9012e
      Size/MD5 checksum:   624818 61a5d61d51a22ce0a8da5834cfa419d1
      Size/MD5 checksum:   354598 b3066fdf2ec1384fe40a6ee704fb77b1
      Size/MD5 checksum:  1044896 300ab76d7a5ddb8eaa5ea7f5f1f78da9
      Size/MD5 checksum:  1306196 d4d298d74a826b8e18aecf13a607d1f5
      Size/MD5 checksum:  3615368 67c9b5e20be189e59ce6e93d25b357d3
      Size/MD5 checksum:  3115084 6b2957d50196ca98f908e09bdb0dad64
      Size/MD5 checksum:    78918 dd5b7d215dae7dee70fd3963866eb676
      Size/MD5 checksum:   141186 83753b1b826a359d98f7add6987eea0e
      Size/MD5 checksum:  1774024 8d2aa41c4806d022c611d822313b629f
      Size/MD5 checksum:  1440042 d7dd4def2ecc947506a0b3a0cc2c2af7
      Size/MD5 checksum:   219824 3d3853368e67c59f00352d7d5d662885
      Size/MD5 checksum:  3384498 0b0521327accb5616999f3f0f3e28a40
      Size/MD5 checksum:   506236 a0d962e21b1e829cd32b50d6c6d0df9e
      Size/MD5 checksum:   662716 1b394ad63f4b1ee4f8b5669f005bce40
      Size/MD5 checksum:  1907304 84150d82e1bf30900f301a904c3f89e6

  PowerPC architecture:
      Size/MD5 checksum:   141796 af90af3a2500549ea49db4c37ef2adf5
      Size/MD5 checksum:   260446 ceed56b48d4d6492a64a6cd7c37ae276
      Size/MD5 checksum:   188316 c4c1c910e9b3112a18fccbab90a6a2bf
      Size/MD5 checksum:   446414 9db98e2ac4fc03e5c391202db13bc46f
      Size/MD5 checksum:   179294 f1a3945302d420228e2e7c698db150c8
      Size/MD5 checksum:   356586 b23fbf21e340abf25566c5481c1f16cd
      Size/MD5 checksum:   331430 d669dc6f8e53a3b6b9f862b5de215206
      Size/MD5 checksum:   232846 01fef63045dd0fdde21d83d442063e54
      Size/MD5 checksum:   469786 7d4fe3c9c2b59ed926689e377589f47f
      Size/MD5 checksum:   331324 fcf6b59428396fe12617145c7cab8d54
      Size/MD5 checksum:    77294 3033a37fd98e592e62d30c01c4bca1ce
      Size/MD5 checksum:   160798 5c183573c5bdd58a4680cd08a0134d42
      Size/MD5 checksum:    60778 7b30cc081451c313416c05aeaceb49a1
      Size/MD5 checksum:  1610386 2f538224a5d2c2b8abc85472fabe7503
      Size/MD5 checksum:   172842 272e2801c48aaf6df6383fffb5e84e7b
      Size/MD5 checksum:   305112 05e836a6b0b3aac0b1179147a7023831
      Size/MD5 checksum:    82752 b951e5341c71bb5c672297a37e202a5b
      Size/MD5 checksum:   606670 956f3cf1cd553ee806ed847743310a73
      Size/MD5 checksum:  2449340 bca04be6532637d532c66e99526958bd
      Size/MD5 checksum:   924186 b88fa95980ea7a54d217715f5211e1e0
      Size/MD5 checksum:   623772 e0b4a6762321c2eed4c2e7996fdb16db
      Size/MD5 checksum:   530752 f8111012d6d6468f0c743b5479db347e
      Size/MD5 checksum:  1087868 4f20d1518e8b038450f4b555a6a21053
      Size/MD5 checksum:  1302184 1ad8cc8bfe36f5d6c1e1e48d92280e8b
      Size/MD5 checksum:  2707278 1fd789e9784edd186cc9af6fabdb5704
      Size/MD5 checksum:  2986912 6837ef8b9437322d15bcaef8de788a6a
      Size/MD5 checksum:    76996 4a27ba1878c5e7436f4fd92c945f7788
      Size/MD5 checksum:   132848 adf7dc911251a9dc0af27ec3ce4430a9
      Size/MD5 checksum:  1580506 8b95b74ce9c85156f3479f0a8d7bdc90
      Size/MD5 checksum:  1275266 72280b530bcd39039a3cd003fae3608b
      Size/MD5 checksum:   219930 9bec3df46aff165a2fffa7f9372b98f1
      Size/MD5 checksum:  4618484 3b4f5e1ac998f83a7c3c49240080834d
      Size/MD5 checksum:   493550 d21ee455bf4d0075f2fbd02580e65ebd
      Size/MD5 checksum:   604678 5de81d5c524cb914636e394b861c78cb
      Size/MD5 checksum:  1708920 2593f34e7b84af776cbb0df03c3fb19f

  IBM S/390 architecture:
      Size/MD5 checksum:   140128 48f4a101fcc1325360c6cc86e55232bb
      Size/MD5 checksum:   235412 ec07843ee7a6f77cb3996b7a59d019b7
      Size/MD5 checksum:   177128 92e89f23ee18c7a18cea6ec63681f84c
      Size/MD5 checksum:   447890 2407bd3d72b1bdf49d458d85834323f2
      Size/MD5 checksum:   184212 93ee402ba994015a44993717e33c5eec
      Size/MD5 checksum:   368996 f5a42d9fe67d0c942ffd54567308299d
      Size/MD5 checksum:   309048 50aa6bf2110201424f9f270aa75b8af2
      Size/MD5 checksum:   235390 4c14ea0452ef5d806ecbd7d44439fcaf
      Size/MD5 checksum:   481038 599990c51efb244ede3e735148077439
      Size/MD5 checksum:   308940 a6378c412f0fde1d7ea568dab482c8b6
      Size/MD5 checksum:    77460 b57383bc1dc27db937f624d0afd5911c
      Size/MD5 checksum:   164280 072eeda862a9e0d67e786e0be3f1c9f6
      Size/MD5 checksum:    60780 a3f267f65da26941e45fa6326fbb9447
      Size/MD5 checksum:  1255966 fc336bdef49ead0c6c3aeced52c5d209
      Size/MD5 checksum:   175124 073d23cad3252813b202f4c350a6c253
      Size/MD5 checksum:   293180 60123b9596fcf3fd6cb79317c2e3145d
      Size/MD5 checksum:    82942 3bf40f7ea11d7122ec773b17e8e1472a
      Size/MD5 checksum:   551266 33af227fac1172641e5d12511ba35b4c
      Size/MD5 checksum:   361176 5f079d5f32a21b85ab6b625160c63692
      Size/MD5 checksum:   912738 67834a111793d515fa76ac5f44e38721
      Size/MD5 checksum:  1198082 239909f2a473e7501cd86356246c2fad
      Size/MD5 checksum:  2491546 065fe45e5266121087c8363eece41d16
      Size/MD5 checksum:  2624588 561cad4351cd242de3b711fa01179473
      Size/MD5 checksum:    75790 ddfd3f713744616a2dbd22a1543d644e
      Size/MD5 checksum:   128840 a33aa2ca7164377ded6a8b50ca97f410
      Size/MD5 checksum:  1180956 67a7cb3d364db7333e478abea214070a
      Size/MD5 checksum:   871872 04e3fb89a699870a1af2a898df8ba49a
      Size/MD5 checksum:   220430 a04c3aae1e3e0ec808375dee0872cbe6
      Size/MD5 checksum:   493048 2bdc2ad35fba58472365a4f092b368f8
      Size/MD5 checksum:   580804 df41edbe7f73f26f4bb0a9cc5270ab2a
      Size/MD5 checksum:  1293352 b490a042af5d1051d9c583e80f4211ec

  Sun Sparc architecture:
      Size/MD5 checksum:   140378 bd8bda8ce650ff87c26e75ada377340c
      Size/MD5 checksum:   247594 111a347d61a042b62e2e89e3a205a8c1
      Size/MD5 checksum:   183176 5c2f778dbf4e42d3ae839d042e6a1d44
      Size/MD5 checksum:   444936 db3322822d71b536e24ca75f3357e9a0
      Size/MD5 checksum:   172688 9001f8fb430e69470ae5c06ef65b464c
      Size/MD5 checksum:   348056 192ebaabaae7db99469a000eaf41ab5d
      Size/MD5 checksum:   309242 3d119b0f967b6a4348657344036749be
      Size/MD5 checksum:   221994 ea63a2d4808202eaae09843bc474eae2
      Size/MD5 checksum:   454344 dc13d3d5341cb75ab22d98309d8a578b
      Size/MD5 checksum:   309132 ed77105ebf5868f9041ff04c695fa698
      Size/MD5 checksum:    79350 161dfe56b5d9bea9f3317f46e73750a2
      Size/MD5 checksum:   163608 f2395bbbc59b70a0d7df9114e6d6d0d4
      Size/MD5 checksum:    60774 9eb5560aaea26668c7a8a3fce75bad49
      Size/MD5 checksum:  1711242 5c6475b48c1484f280ead457b265f2f8
      Size/MD5 checksum:   173976 6f28d7a073947431f99e50759e9c3ab8
      Size/MD5 checksum:   302812 9d920d5ea4befe3d6536955102aabe81
      Size/MD5 checksum:    84486 87c32b741e168543790c9b8c896a5da4
      Size/MD5 checksum:   587026 64692ee1e4ab9179360ae928918be36e
      Size/MD5 checksum:   886260 d0bcb8ab20de80551b9b0bced12a59c4
      Size/MD5 checksum:   908722 913a5f46d13b8dbe3474023e1cd87597
      Size/MD5 checksum:   613126 a187e6204295d497749100ad7e00555f
      Size/MD5 checksum:   553858 b1505e69c2926249dbe17fefb97a676e
      Size/MD5 checksum:  1104336 3647dc7bb023506ddd4164de28fd4c13
      Size/MD5 checksum:  1264410 505fdb26219a936f08aaf10586b2b584
      Size/MD5 checksum:  2653100 5866a75280a481c8f2197ada90ccfefb
      Size/MD5 checksum:  2868252 3a8e99459d0e754aa98f2883422b56bf
      Size/MD5 checksum:    75974 8537c43a1a92c192a646e376586230e6
      Size/MD5 checksum:   130958 b5a286c5d1dfd6761059e0a9bd11ba3f
      Size/MD5 checksum:  1537212 1ae7c4d15fd8fe9005f73a5fc4d654ce
      Size/MD5 checksum:  1203408 b9ade6f1e627945111e465c24ded5cf8
      Size/MD5 checksum:   223176 5bfe3cbcae502dede6eece4585f2105e
      Size/MD5 checksum:  4050972 6982d011edb393917edb5ae0358028d1
      Size/MD5 checksum:   491996 612324aa9ba665375d392181504f9f32
      Size/MD5 checksum:   645374 5ec3f050f5fe35de988c05d4affd288e
      Size/MD5 checksum:  1649734 7abf01c75ffd816e1d60bddbd3cf47c5

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>

Version: GnuPG v1.2.5 (GNU/Linux)



- 漏洞信息

X11 libXpm Unspecified Multiple Overflows
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-11-17 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, the X.Org Foundation has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

LibXPM Multiple Unspecified Vulnerabilities
Unknown 11694
Yes Yes
2004-11-17 12:00:00 2008-07-02 07:30:00
Discovery of these vulnerabilities is credited to Thomas Biege of the SuSE Security-Team.

- 受影响的程序版本

XFree86 X11R6 4.3 .0
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Red Hat Fedora Core1
+ RedHat Linux 9.0 i386
+ Slackware Linux 9.1
+ Slackware Linux 9.0
+ Slackware Linux -current
+ Turbolinux Turbolinux Desktop 10.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
XFree86 X11R6 4.2.1 Errata
XFree86 X11R6 4.2.1
+ Immunix Immunix OS 7.3
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ RedHat Linux 7.3
+ Slackware Linux 8.1
XFree86 X11R6 4.2 .0
+ Conectiva Linux Enterprise Edition 1.0
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Workstation 8.0
XFree86 X11R6 4.1 .0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 7.0
XFree86 X11R6 4.1 -12
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
XFree86 X11R6 4.1 -11
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
XFree86 X11R6 4.0.3
+ RedHat Linux 7.1
XFree86 X11R6 4.0.2 -11
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
XFree86 X11R6 4.0.1
+ RedHat Linux 7.0
XFree86 X11R6 4.0
XFree86 X11R6 3.3.6
+ Debian Linux 2.2
+ Red Hat Linux 6.2
XFree86 X11R6 3.3.5
- RedHat Linux 6.1 i386
XFree86 X11R6 3.3.4
XFree86 X11R6 3.3.3
XFree86 X11R6 3.3.2
+ Mandriva Linux Mandrake 8.0
XFree86 X11R6 3.3 X11R6 6.8.1 X11R6 6.8 X11R6 6.7 .0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ SCO Unixware 7.1.4
+ SCO Unixware 7.1.3 up
+ SCO Unixware 7.1.3
+ SCO Unixware 7.1.1
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Home
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SGI ProPack 3.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
RedHat Network Satellite (for RHEL 4) 4.2
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Red Hat Network Satellite Server 4.2
Red Hat Network Satellite (for RHEL 3) 4.2
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Open Group Open Motif 2.2.2 -205
+ Sun Solaris 9_x86
+ Sun Solaris 9
+ Sun Solaris 8_x86
+ Sun Solaris 8_sparc
+ Sun Solaris 7.0_x86
+ Sun Solaris 7.0
Open Group Open Motif 1.2
Lesstif Lesstif 0.93.96
Lesstif Lesstif 0.93.94
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Lesstif Lesstif 0.93.91
Lesstif Lesstif 0.93.40
Lesstif Lesstif 0.93.36
Lesstif Lesstif 0.93.34
Lesstif Lesstif 0.93.18
Lesstif Lesstif 0.93.12
Lesstif Lesstif 0.93
HP Tru64 5.1 B-3
HP Tru64 5.1 B-2 PK4
HP Tru64 5.1 A PK
HP Tru64 4.0 G PK4
HP Tru64 4.0 F PK8
Gentoo Linux
Avaya Network Routing
Avaya Integrated Management
Open Group Open Motif 2.2.4 -0.1
Open Group Open Motif 2.2.3
+ Gentoo Linux
Lesstif Lesstif 0.94

- 不受影响的程序版本

Open Group Open Motif 2.2.4 -0.1
Open Group Open Motif 2.2.3
+ Gentoo Linux
Lesstif Lesstif 0.94

- 漏洞讨论

The libXpm library is reported prone to multiple vulnerabilities. These issues may be triggered when handling malformed XPM images. The following issues are reported:

- integer-overflow vulnerabilities
- out-of-bounds memory access vulnerabilities
- a shell command-execution vulnerability
- a path-traversal vulnerability
- endless-loop vulnerabilities.

The details regarding each of these issues were not specified at the time of writing; this BID will be updated as more details regarding these vulnerabilities become available.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: &lt;;.

- 解决方案

Please see the referenced advisories for more information.

Red Hat Fedora Core2

Red Hat Fedora Core3

Lesstif Lesstif 0.93

Lesstif Lesstif 0.93.12

Lesstif Lesstif 0.93.18

Lesstif Lesstif 0.93.34

Lesstif Lesstif 0.93.36

Lesstif Lesstif 0.93.40

Lesstif Lesstif 0.93.91

Lesstif Lesstif 0.93.94

Lesstif Lesstif 0.93.96

Open Group Open Motif 2.2.2 -205

SGI ProPack 3.0

HP Tru64 4.0 F PK8

HP Tru64 4.0 G PK4

XFree86 X11R6 4.1 .0