[17226] in bugtraq
Re: another Xlib buffer overflow
daemon@ATHENA.MIT.EDU (Michal Zalewski)
Mon Oct 16 02:36:39 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.21.0010140104170.2108-100000@dione.ids.pl>
Date: Sat, 14 Oct 2000 01:04:39 +0200
Reply-To: Michal Zalewski <lcamtuf@DIONE.IDS.PL>
From: Michal Zalewski <lcamtuf@DIONE.IDS.PL>
X-To: "Jeffrey W. Baker" <jwbaker@acm.org>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0010131406440.31330-100000@heat.dci>
On Fri, 13 Oct 2000, Jeffrey W. Baker wrote:
> I tested this on XFree86 4.0.1 on Slackware Linux 7.1 with all
> security updates. Xterm, which is suid root on this system, does not
> crash using this technique.
Yup, 4.0.x seems to be patched, but there's no mention on the webpage...
_______________________________________________________
Michal Zalewski [lcamtuf@tpi.pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=
