funsec mailing list archives
DHS Audit Flags 'Critical' X11 Unix/Linux Bug
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 2 May 2006 21:12:56 GMT
Via eWeek. [snip] An open-source security audit program funded by the U.S. Department of Homeland Security has flagged a critical vulnerability in the X Window System which is used in Unix and Linux systems. Coverity, the San Franciso-based company managing the project under a $1.25 million grant, described the flaw as the "biggest security vulnerability" found in the X Window System code since 2000. [The vulnerability] could be exploited to allow local users to execute code with root privileges, giving them the ability to overwrite system files or initiate denial-of-service attacks. [snip] More: http://www.eweek.com/article2/0,1759,1956652,00.asp - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- DHS Audit Flags 'Critical' X11 Unix/Linux Bug Fergie (May 02)