(Vendor Issues Fix) Re: XFree86 Buffer Overflow May Cause Denial of Service Conditions
|
|
SecurityTracker Alert ID: 1003345 |
|
SecurityTracker URL: http://securitytracker.com/id/1003345
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Updated: Jan 24 2002
|
Original Entry Date: Jan 24 2002
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 4.1.0
|
Description:
A buffer overflow vulnerability was reported in XFree86 that may be exploitable by certain applications.
A user reports that K Desktop can be made to crash the X Server. A local user can use the Konqueror web browser with a long input in a search box. When the search is submitted, the X Server will crash. However, the vulnerability lies in XFree86 and not the KDE utilities. The vulnerability is reportedly in the file /xf86/xc/programs/Xserver/fb/fbglyph.c.
|
Impact:
A local user can crash the X server. Other applications that use XFree86 may provide alternate exploit paths.
|
Solution:
The vendor has released a fixed version (4.1.0), available at:
http://www.xfree86.org/#download
|
Vendor URL: www.xfree86.org/security/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Sun, 20 Jan 2002 10:41:25 -0500
Subject: XFree86 security fixes
|
>From XFree86 web site:
Recent XFree86 security fixes
This is a summary of security related fixes in the successive XFree86
releases:
4.2.0:
Close a hole where anyone can connect to the X server if the
xdm auth dir doesn't exist.
Don't let a non-root user halt the machine by having X send
SIGUSR1 to the init(8) process.
Fix a buffer overflow in glyph clipping for large origin.
|
|
