[6804] in bugtraq
quickie fix to xdm port problem
daemon@ATHENA.MIT.EDU (id est)
Tue May 19 12:17:23 1998
Date: Tue, 19 May 1998 08:16:46 -0600
Reply-To: id est <mrn@SHAW.WAVE.CA>
From: id est <mrn@SHAW.WAVE.CA>
To: BUGTRAQ@NETSPACE.ORG
When "xdm" starts up, it creates a random high-numbered port
that is apparently vulnerable to buffer overruns. The following
is an extremely stone-knives-and-bearskins hack to deal with
this problem, useful for those of us who just run X on a single
machine and don't use "chooser".
Get the source for "xdm" and comment out the line
chooserFd = socket (AF_INET, SOCK_STREAM, 0);
in the file "socket.c". Build and install. That's it.
This closes that particular hole, abeit crudely. xdm starts
up, seems to run normally, and does not create that random high-
numbered port.
Works for me under RedHat 4.2 (Linux 2.0.33), your mileage may vary.
