lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Nov 2006 11:16:41 +0000 From: Glynn Clements <glynn@...ements.plus.com> To: "Nick Boyce" <nick.boyce@...il.com> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk, security-alerts@...uxsecurity.com Subject: Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Nick Boyce wrote: > On 11/7/06, Raphael Marichez <falco@...too.org> wrote: > > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Gentoo Linux Security Advisory GLSA 200611-03 > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > http://security.gentoo.org/ > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > > > Severity: High > > Title: NVIDIA binary graphics driver: Privilege escalation > > vulnerability > > Date: November 07, 2006 > > Bugs: #151635 > > ID: 200611-03 > > > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > > > Synopsis > > ======== > > > > The NVIDIA binary graphics driver is vulnerable to a local privilege > > escalation > [snip] > > > An X client could trigger the buffer overflow with a maliciously > > crafted series of glyphs. A remote attacker could also entice a user to > > open a specially crafted web page, document or X client that will > > trigger the buffer overflow. > > um ... doesn't that make it a *remote* privilege escalation ? Well, any file parsing bug could be considered a "remote" vulnerability if you consider the prospect of downloading a malicious file from the internet. I don't think that remote X clients are an issue; the last time I checked, the driver in question was only used for direct rendering, which requires a local X client, while indirect rendering uses the built-in software renderer. -- Glynn Clements <glynn@...ements.plus.com>
Powered by blists - more mailing lists