Vulnerability Development mailing list archives

RE: Vulnerability in X server

From: "Brown, Rodrick" <rbrown () doitt nyc gov>
Date: Thu, 11 Mar 2004 10:57:19 -0500

Why not post the source code to this binary or details with snippets
from the X source on where this bug exists that he is/did exploit(ing). 

:: Rodrick Brown 
:: UNIX SYSADMIN 
:: NYC.GOV 

-----Original Message-----
From: Marco Monicelli [mailto:marco.monicelli () marcegaglia com] 
Sent: Wednesday, March 10, 2004 5:12 AM
To: vuln-dev () securityfocus com
Subject: Vulnerability in X server





Hello there!

Anyone of you guys is aware of a local vulnerability for X server? I got
a
binary by a friend of mine claiming to be a local exploit for X servers
tested on several distros like Suse 9.0 and latest release of Slackware.

I'm not used to run binaries although this comes from a pretty trusted
friend who codes exploits.

It should drop a root shell and in case of failure it crashes X server
(this according to my friend).

I'd like to have your opinions and informations.

Thank you for support.

Marco Monicelli
MARCEGAGLIA SPA
Tel.  +39 0376 685369
Fax. +39 0376 685625
mail: marco.monicelli () marcegaglia com

Current thread:

Vulnerability in X server Marco Monicelli (Mar 10)
- RE: Vulnerability in X server Harshul Nayak (Mar 11)
- Re: Vulnerability in X server Peter Pentchev (Mar 11)
- <Possible follow-ups>
- RE: Vulnerability in X server Brown, Rodrick (Mar 11)