DHS Audit Flags 'Critical' X11 Unix/Linux Bug

["Fergie" <fergdawg () netzero net>]

Via eWeek.

[snip]

An open-source security audit program funded by the U.S. Department of Homeland Security has flagged a critical 
vulnerability in the X Window System which is used in Unix and Linux systems.

Coverity, the San Franciso-based company managing the project under a $1.25 million grant, described the flaw as the 
"biggest security vulnerability" found in the X Window System code since 2000.

[The vulnerability] could be exploited to allow local users to execute code with root privileges, giving them the 
ability to overwrite system files or initiate denial-of-service attacks.

[snip]

More:
http://www.eweek.com/article2/0,1759,1956652,00.asp

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.