[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] local root exploit in X (RedHat 9)

To: linux-security@sfu.ca
Subject: Re: [linux-security] local root exploit in X (RedHat 9)
From: Martin Siegert <siegert@sfu.ca>
Date: Sat, 14 Feb 2004 17:06:23 -0800
In-Reply-To: <20040214042132.GA8163@stikine.ucs.sfu.ca>
References: <20040214042132.GA8163@stikine.ucs.sfu.ca>
User-Agent: Mutt/1.4.1i

On Fri, Feb 13, 2004 at 08:21:32PM -0800, Martin Siegert wrote:
> Topic
> =====
> local root exploit in X due to buffer overflows
> 
> Problem Description
> ===================
> XFree86 is an implementation of the X Window System, providing the core
> graphical user interface and video drivers.
> 
> Two buffer overflows were discovered in the parsing of the 'font.alias'
> file. A local attacker could exploit this vulnerability by creating a
> carefully-crafted file and gaining root privileges.
>   
> Additional flaws exists in the reading of font files.
> 
> Affected Versions
> =================
> XFree86 versions 4.1.0 - 4.3.0
> 
> Solution
> ========
> Upgrade to XFree86-4.3.99.903 (release candidate) or patched version
> for your distribution

RedHat 9
--------
rpm -Fvh XFree86-4.3.0-2.90.55.i386.rpm
         XFree86-100dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-14-100dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-14-75dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-15-100dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-15-75dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-2-100dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-2-75dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-9-100dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-ISO8859-9-75dpi-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-Mesa-libGL-4.3.0-2.90.55.i386.rpm \
         XFree86-Xnest-4.3.0-2.90.55.i386.rpm \
         XFree86-Xvfb-4.3.0-2.90.55.i386.rpm \
         XFree86-base-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-cyrillic-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-devel-4.3.0-2.90.55.i386.rpm \
         XFree86-doc-4.3.0-2.90.55.i386.rpm \
         XFree86-font-utils-4.3.0-2.90.55.i386.rpm \
         XFree86-libs-4.3.0-2.90.55.i386.rpm \
         XFree86-libs-data-4.3.0-2.90.55.i386.rpm \
         XFree86-sdk-4.3.0-2.90.55.i386.rpm \
         XFree86-syriac-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-tools-4.3.0-2.90.55.i386.rpm \
         XFree86-truetype-fonts-4.3.0-2.90.55.i386.rpm \
         XFree86-twm-4.3.0-2.90.55.i386.rpm \
         XFree86-xauth-4.3.0-2.90.55.i386.rpm \
         XFree86-xdm-4.3.0-2.90.55.i386.rpm \
         XFree86-xfs-4.3.0-2.90.55.i386.rpm

References:
- [linux-security] local root exploit in X
  - From: Martin Siegert <siegert@sfu.ca>
- [linux-security] local root exploit in X
  - From: Martin Siegert <siegert@sfu.ca>

Prev by Date: [linux-security] local root exploit in X
Next by Date: [linux-security] remote vulnerability in mutt
Prev by thread: [linux-security] local root exploit in X
Next by thread: [linux-security] remote exploits in gaim
Index(es):
- Date
- Thread