Vulnerability Name:

CVE-2007-5958 (CCN-39769)

Assigned:2007-11-14
Published:2008-01-17
Updated:2018-10-15
Summary:X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
1.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: CONFIRM
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=204362

Source: MITRE
Type: CNA
CVE-2007-5958

Source: CCN
Type: Apple Web site
About Security Update 2008-002

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=307562

Source: CCN
Type: HP Security Bulletin HPSBUX02381 SSRT080083 rev.1
HP-UX Running Xserver, Remote Execution of Arbitrary Code

Source: HP
Type: UNKNOWN
SSRT080083

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-03-18

Source: CCN
Type: X.Org Mailing List, Thu Jan 17 06:05:34 PST 2008
X.Org security advisory: multiple vulnerabilities in the X server

Source: MLIST
Type: UNKNOWN
[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:003

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:008

Source: CCN
Type: RHSA-2008-0029
Important: XFree86 security update

Source: CCN
Type: RHSA-2008-0030
Important: xorg-x11 security update

Source: CCN
Type: RHSA-2008-0031
Important: xorg-x11-server security update

Source: SECUNIA
Type: UNKNOWN
28273

Source: CCN
Type: SA28532
X.org X11 Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28532

Source: SECUNIA
Type: UNKNOWN
28535

Source: SECUNIA
Type: UNKNOWN
28536

Source: SECUNIA
Type: UNKNOWN
28539

Source: SECUNIA
Type: UNKNOWN
28540

Source: SECUNIA
Type: UNKNOWN
28542

Source: SECUNIA
Type: UNKNOWN
28543

Source: CCN
Type: SA28550
Sun Solaris X Window System and X Server Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28550

Source: SECUNIA
Type: UNKNOWN
28584

Source: SECUNIA
Type: UNKNOWN
28592

Source: SECUNIA
Type: UNKNOWN
28616

Source: SECUNIA
Type: UNKNOWN
28718

Source: SECUNIA
Type: UNKNOWN
28843

Source: CCN
Type: SA28885
NX Server X11 Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28885

Source: CCN
Type: SA28997
Avaya CMS Solaris X Window System Information Disclosure

Source: SECUNIA
Type: UNKNOWN
28997

Source: CCN
Type: SA29420
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29420

Source: SECUNIA
Type: UNKNOWN
29622

Source: SECUNIA
Type: UNKNOWN
29707

Source: CCN
Type: SA30161
Gentoo ltsp Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
30161

Source: CCN
Type: SA32545
HP-UX Xserver Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32545

Source: GENTOO
Type: UNKNOWN
GLSA-200801-09

Source: GENTOO
Type: UNKNOWN
GLSA-200804-05

Source: CCN
Type: SECTRACK ID: 1019232
X Server Bugs in XFree86, Xinput, TOG-CUP, MIT-SHM, and EVI Extensions Let Local Users Gain Root Privileges

Source: SECTRACK
Type: UNKNOWN
1019232

Source: SUNALERT
Type: Patch
103205

Source: SUNALERT
Type: UNKNOWN
230901

Source: CCN
Type: Sun Alert ID: 230901
Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories

Source: CCN
Type: ASA-2008-035
XFree86 security update (RHSA-2008-0029)

Source: CCN
Type: ASA-2008-036
xorg-x11 security update (RHSA-2008-0030)

Source: CCN
Type: ASA-2008-037
Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories (Sun 103205)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm

Source: CCN
Type: ASA-2008-084
Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories (Sun 230901)

Source: CCN
Type: ASA-2008-431
HPSBUX02381 SSRT080083 rev.1 - HP-UX Running Xserver Remote Execution of Arbitrary Code

Source: DEBIAN
Type: UNKNOWN
DSA-1466

Source: DEBIAN
Type: DSA-1466
xorg-server -- several vulnerabilities

Source: CCN
Type: GLSA-200801-09
X.Org X server and Xfont library: Multiple vulnerabilities

Source: CCN
Type: GLSA-200805-07
Linux Terminal Server Project: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200805-07

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:021

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:022

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:023

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:025

Source: OPENBSD
Type: UNKNOWN
[4.1] 20080208 012: SECURITY FIX: February 8, 2008

Source: OPENBSD
Type: UNKNOWN
[4.2] 20080208 006: SECURITY FIX: February 8, 2008

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0029

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0030

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0031

Source: BUGTRAQ
Type: UNKNOWN
20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs

Source: BID
Type: Patch
27336

Source: CCN
Type: BID-27336
RETIRED: X.Org X Server Local Privilege Escalation and Information Disclosure Vulnerabilities

Source: BID
Type: UNKNOWN
27356

Source: CCN
Type: BID-27356
X.Org X 'Server X:1 -sp' Command Information Disclosure Vulnerability

Source: CCN
Type: USN-571-1
X.org vulnerabilities

Source: CCN
Type: USN-571-2
X.org regression

Source: VUPEN
Type: UNKNOWN
ADV-2008-0179

Source: VUPEN
Type: UNKNOWN
ADV-2008-0184

Source: VUPEN
Type: UNKNOWN
ADV-2008-0497

Source: VUPEN
Type: UNKNOWN
ADV-2008-0924

Source: VUPEN
Type: UNKNOWN
ADV-2008-3000

Source: CCN
Type: X.Org Foundation Web site
X.Org Wiki - Home

Source: XF
Type: UNKNOWN
xorg-xsp-information-disclosure(39769)

Source: XF
Type: UNKNOWN
xorg-xsp-information-disclosure(39769)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1970

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10991

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5393

Source: UBUNTU
Type: UNKNOWN
USN-571-1

Source: EXPLOIT-DB
Type: UNKNOWN
5152

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-0760

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-0831

Source: SUSE
Type: SUSE-SA:2008:003
Xorg Security Problems

Source: SUSE
Type: SUSE-SR:2008:008
SUSE Security Summary Advisory

Vulnerable Configuration:Configuration 1:
  • cpe:/a:x.org:xserver:*:*:*:*:*:*:*:* (Version <= 1.4)

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:x:x.org_x11:7.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:8::x86:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20075958
    V
    CVE-2007-5958
    2015-11-16
    oval:org.mitre.oval:def:19559
    V
    HP-UX Running Xserver, Remote Execution of Arbitrary Code
    2015-04-20
    oval:org.mitre.oval:def:17702
    P
    USN-571-2 -- xorg-server regression
    2014-06-30
    oval:org.mitre.oval:def:17768
    P
    USN-571-1 -- libxfont, xorg-server vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:8106
    P
    DSA-1466 xfree86 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:20244
    P
    DSA-1466-2 libxfont xfree86 xorg-server - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22333
    P
    ELSA-2008:0031: xorg-x11-server security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:10991
    V
    X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
    2013-04-29
    oval:org.mitre.oval:def:5393
    V
    Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories
    2008-03-24
    oval:com.redhat.rhsa:def:20080029
    P
    RHSA-2008:0029: XFree86 security update (Important)
    2008-03-20
    oval:com.redhat.rhsa:def:20080030
    P
    RHSA-2008:0030: xorg-x11 security update (Important)
    2008-03-20
    oval:com.redhat.rhsa:def:20080031
    P
    RHSA-2008:0031: xorg-x11-server security update (Important)
    2008-03-20
    oval:org.debian:def:1466
    V
    several vulnerabilities
    2008-01-21
    BACK
    x.org xserver *
    x x.org x11 7.3
    sun solaris 8
    gentoo linux *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 9.0
    hp hp-ux b.11.11
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    sun solaris 8
    sun solaris 9
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    novell open enterprise server *
    sun solaris 10
    sun solaris 10
    redhat linux advanced workstation 2.1
    canonical ubuntu 6.06
    novell suse linux enterprise server 10 sp2
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2007.1
    redhat enterprise linux 4.6.z ga
    redhat enterprise linux 4.6.z ga
    apple mac os x 10.4.11
    apple mac os x server 10.4.11
    apple mac os x 10.5.2
    apple mac os x server 10.5.2
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    sun solaris 9