Coverity Catches Biggest X Window Security Hole Since 2000

Research Contract From US Department of Homeland Security Results in Rapid

Fix to 'Worst Case Scenario' Security Vulnerability in Critical Software


May 02, 2006, 01:00 ET from Coverity, Inc.

    SAN FRANCISCO, May 2 /PRNewswire/ -- Coverity, Inc., makers of the
 world's most advanced and scalable source code analysis solution, today
 announced that as a result of their contract with US Department of Homeland
 Security (DHS), the biggest X Window System security vulnerability of the
 last six years was identified and fixed.
     Using Coverity Prevent, developers tracked down a critical security
 vulnerability in the X Window System, a graphical interface used in
 millions of computers, including most UNIX and Linux systems. The X Window
 System also ships as an optional GUI with Macintosh computers from Apple.
     According to Daniel Stone, a release manager for the X.Org Foundation,
 the vulnerability was one of the most significant vulnerabilities
 discovered in recent memory, "something that we find once every three to
 six years and is very close to X's worst case scenarios in terms of
 security. Coverity exposed vulnerabilities in our code that likely wouldn't
 have been spotted with human eyes. Its attention to subtle detail
 throughout the entire codebase -- even parts you wouldn't normally examine
 manually -- makes it a very valuable tool in checking your codebase, and
 has been of definite benefit to X.Org."
     The vulnerability was found in versions X11R6.9.0 and X11R7.0.0 during
 a security analysis of 31 major open source projects that Coverity
 undertook as part of a DHS initiative. This pair of X Window System
 versions marked a major milestone when released in December of 2005, as
 they were the first major updates to the X Window System in more than a
 decade. After the X.Org development team received the results of the
 analysis, the vulnerability was fixed within a week. The security hole
 resulted from a missing parenthesis on a small piece of the program that
 checked the ID of the user. This flaw, caused by something as seemingly
 harmless as a missing closing parenthesis, allowed local users to execute
 code with root privileges, giving them the ability to overwrite system
 files or initiate denial of service attacks.
     "Coverity Prevent is designed to help computer programmers
 automatically detect and remove software defects such as security
 vulnerabilities as the software is being built," said Ben Chelf, CTO of
 Coverity. "We've implemented a system to analyze the X Window System on a
 continuous basis to help prevent new defects from entering into the
 project. In my experience, the X.Org team responded to defects extremely
 quickly to make their high quality software even better."
     About Coverity
     Coverity (, makers of the world's most advanced and
 scalable source code analysis solution for pinpointing software defects and
 security vulnerabilities, is a privately-held company headquartered in San
 Francisco. Coverity was founded in 2002 by leading Stanford University
 computer scientists whose four-year research project resulted in a
 breakthrough technique to address the costliest problem in the software
 industry. That research breakthrough allows developers to quickly and
 precisely eliminate software defects and security vulnerabilities in tens
 of millions of lines of new or legacy code. Today, Coverity's solution is
 used by more than 100 leading companies to significantly improve the
 quality and security of their software, including Juniper Networks,
 Symantec/VERITAS, McAfee, Synopsys, NASA, PalmOne, Sun Microsystems and
 Wind River.
     NOTE: Coverity is a registered trademark, and Coverity Extend and
 Coverity Prevent are trademarks of Coverity, Inc. All other company and
 product names are the property of their respective owners.
      Media Contacts
      Craig Oda
      Page One PR for Coverity
      +1-650-565-9800 x102
      Russ Wood
      Director, Corporate Marketing

SOURCE Coverity, Inc.