Bugtraq mailing list archives
Re: another Xlib buffer overflow
From: Michal Zalewski <lcamtuf () DIONE IDS PL>
Date: Sat, 14 Oct 2000 01:04:39 +0200
On Fri, 13 Oct 2000, Jeffrey W. Baker wrote:
I tested this on XFree86 4.0.1 on Slackware Linux 7.1 with all security updates. Xterm, which is suid root on this system, does not crash using this technique.
Yup, 4.0.x seems to be patched, but there's no mention on the webpage... _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- another Xlib buffer overflow Michal Zalewski (Oct 13)
- Re: another Xlib buffer overflow Matthieu Herrb (Oct 15)
- Re: another Xlib buffer overflow Kris Kennaway (Oct 16)
- Re: another Xlib buffer overflow Chris Evans (Oct 25)
- Re: another Xlib buffer overflow Cy Schubert - ITSD Open Systems Group (Oct 16)
- Re: another Xlib buffer overflow Kris Kennaway (Oct 16)
- <Possible follow-ups>
- Re: another Xlib buffer overflow Robert van der Meulen (Oct 15)
- Re: another Xlib buffer overflow Michal Zalewski (Oct 15)
- Re: another Xlib buffer overflow Matthieu Herrb (Oct 15)