| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: olaf.hahn at qsc.de (Olaf Hahn) Subject: Buffer overflow in XFree86 At Feb-10-2004 iDefense has released a Security Advisory regarding to an buffer overflow in XFree86. http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities&flashstatus=false According to this advisory affected versions are 4.1.0 to 4.3.0 and there?s an description how to reproduce the buffer overflow. I?ve tried this (on a system running SuSe 8.2 and XFree86 version 4.2.0) but nothing happens unless a message appears >Fatal server error: >Server is already active for display 0 > If this server is no longer running, remove /tmp/.X0-lock > and start again. >When reporting a problem related to a server crash, please send >the full server output, not just the last messages. >Please report problems to http://www.suse.de/feedback. Can somebody reproduce this buffer overflow and under which conditions ? -- Mit freundlichen Gr?ssen Olaf Hahn Datennetzdienste/Security QSC AG Mathias-Br?ggen-Str. 55 50829 K?ln Phone: +49 221 6698-443 Fax: +49 221 6698-409 E-Mail: olaf.hahn@....de Internet: http://www.qsc.de ************************************ Paranoid zu sein heisst nicht, dass nicht doch jemand hinter einem steht ************************************
Powered by blists - more mailing lists