[3126] in bugtraq
Re: Possible bufferoverflow condition in lpr, xterm and xload
daemon@ATHENA.MIT.EDU (Digital Dreamer)
Tue Aug 13 03:19:24 1996
Date: Tue, 13 Aug 1996 00:49:16 -0600
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Digital Dreamer <dreamer@garrison.inetcan.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <3210125C.4F202744@mymail.com>
On Tue, 13 Aug 1996, bloodmask wrote:
> Greetings,
[snip]
> xterm, xload, both segmented when supplied with -display commandline
> argument / enviroment variable above it's buffer size. Probably
> exploitable, although i haven't gotten around to veryfing this myself,
> I'd like to here comments concerning this suspicioun of mine.
The fact that it's in the -display variable, which isn't handled by
the program but rather the X toolkit it was compiled with, implies
that this could be a problem with all X programs using this particular
toolkit. I'm pretty sure Xterm is compiled with the Athena set, which
is (I beleive) the most common library, followed by Mosaic.
dreamer
