Bugtraq mailing list archives

Re: another Xlib buffer overflow

From: Michal Zalewski <lcamtuf () DIONE IDS PL>
Date: Sat, 14 Oct 2000 01:04:39 +0200

On Fri, 13 Oct 2000, Jeffrey W. Baker wrote:

I tested this on XFree86 4.0.1 on Slackware Linux 7.1 with all
security updates.  Xterm, which is suid root on this system, does not
crash using this technique.


Yup, 4.0.x seems to be patched, but there's no mention on the webpage...

_______________________________________________________
Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=

Current thread:

another Xlib buffer overflow Michal Zalewski (Oct 13)
- Re: another Xlib buffer overflow Matthieu Herrb (Oct 15)
  - Re: another Xlib buffer overflow Kris Kennaway (Oct 16)
    - Re: another Xlib buffer overflow Chris Evans (Oct 25)
  - Re: another Xlib buffer overflow Cy Schubert - ITSD Open Systems Group (Oct 16)
- <Possible follow-ups>
- Re: another Xlib buffer overflow Robert van der Meulen (Oct 15)
- Re: another Xlib buffer overflow Michal Zalewski (Oct 15)