Bugtraq mailing list archives
Re: Possible bufferoverflow condition in lpr, xterm and xload
From: dreamer () garrison inetcan net (Digital Dreamer)
Date: Tue, 13 Aug 1996 00:49:16 -0600
On Tue, 13 Aug 1996, bloodmask wrote:
Greetings,
[snip]
xterm, xload, both segmented when supplied with -display commandline argument / enviroment variable above it's buffer size. Probably exploitable, although i haven't gotten around to veryfing this myself, I'd like to here comments concerning this suspicioun of mine.
The fact that it's in the -display variable, which isn't handled by the program but rather the X toolkit it was compiled with, implies that this could be a problem with all X programs using this particular toolkit. I'm pretty sure Xterm is compiled with the Athena set, which is (I beleive) the most common library, followed by Mosaic. dreamer
Current thread:
- Re: mail storm, (continued)
- Re: mail storm Arik Baratz (Aug 13)
- Re: mail storm Albert Lunde (Aug 12)
- Re: mail storm Igor Chudov @ home (Aug 12)
- Vulnrability in all known Linux distributions bloodmask (Aug 12)
- Re: Vulnrability in all known Linux distributions Steve Czetty (Aug 13)
- Re: Vulnrability in all known Linux distributions Alan Brown (Aug 13)
- Re: Vulnrability in all known Linux distributions Elliot Lee (Aug 13)
- Re: Vulnrability in all known Linux distributions Alan Cox (Aug 14)
- mount/umount realpath() buffer overflow David J. Meltzer (Aug 13)
- Possible bufferoverflow condition in lpr, xterm and xload bloodmask (Aug 12)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Digital Dreamer (Aug 12)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Casper Dik (Aug 13)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Mike Acar (Aug 13)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Elliot Lee (Aug 13)
- why suid mount (was Re: Possible bufferoverflow condition in lpr, Bryan Reece (Aug 13)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Christopher Masto (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Brian Tao (Aug 15)
- Re: Possible bufferoverflow condition in lpr, xterm and xload *Unknown* (Aug 17)
- Re: libresolv+ bug Theo Van Dinter (Aug 17)
- Re: libresolv+ bug Brian Mitchell (Aug 18)
- Re: libresolv+ bug Jon Lewis (Aug 18)