Vulnerability Development mailing list archives
Re: Vulnerability in X server
From: Peter Pentchev <roam () ringlet net>
Date: Thu, 11 Mar 2004 10:46:33 +0200
On Wed, Mar 10, 2004 at 11:11:30AM +0100, Marco Monicelli wrote:
Hello there! Anyone of you guys is aware of a local vulnerability for X server? I got a binary by a friend of mine claiming to be a local exploit for X servers tested on several distros like Suse 9.0 and latest release of Slackware. I'm not used to run binaries although this comes from a pretty trusted friend who codes exploits. It should drop a root shell and in case of failure it crashes X server (this according to my friend). I'd like to have your opinions and informations.
It sounds like the recent XFree86 font handling problems; among others: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0730 G'luck, Peter -- Peter Pentchev roam () ringlet net roam () sbnd net roam () FreeBSD org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If you think this sentence is confusing, then change one pig.
Attachment:
_bin
Description:
Current thread:
- Vulnerability in X server Marco Monicelli (Mar 10)
- RE: Vulnerability in X server Harshul Nayak (Mar 11)
- Re: Vulnerability in X server Peter Pentchev (Mar 11)
- <Possible follow-ups>
- RE: Vulnerability in X server Brown, Rodrick (Mar 11)