RE: XFree86 Font Information File Buffer Overflow

From: Barnes, John (jbarnes_at_trusecure.com)
Date: 02/13/04

  • Next message: Anton Alin-Adrian: "Re: SYN Attacks - how i cant stop it" 
    To: "'freebsd-security@freebsd.org'" <freebsd-security@freebsd.org>
Date: Fri, 13 Feb 2004 13:43:59 -0500

     
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    I misread a '1' for an 'l' on the exploit. X blows up quite handily
    now.

    John

    - -----Original Message-----
    From: owner-freebsd-security@freebsd.org
    [mailto:owner-freebsd-security@freebsd.org]On Behalf Of Barnes, John
    Sent: Friday, February 13, 2004 9:25 AM
    To: 'freebsd-security@freebsd.org'
    Subject: XFree86 Font Information File Buffer Overflow

     

    Has anyone see this alert?

    http://www.securityfocus.com/archive/1/353352

    It seems to work on Linux, but when I tried the proof of concept on
    4.3.0,1 running 5.2 RELEASE, I couldn't get the X server to core dump
    or segmentation fault. So, it seems likely to me that FreeBSD is not
    vulnerable to this. Any other thoughts on this matter?

    John Barnes
    TruSecure

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.3

    iQA/AwUBQC0a75uhTuCp6UG8EQKR1QCfZ7yY/aLPpEwaTUzfkHTx/4XLMHwAn1ZS
    wcYsrNt8WybW2w5wY0I/YUvr
    =+Jwe
    -----END PGP SIGNATURE-----

    ***********************************************************************
    This message is intended only for the use of the intended recipient and
    may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you
    are not the intended recipient, you are hereby notified that any use,
    dissemination, disclosure or copying of this communication is strictly
    prohibited. If you have received this communication in error, please
    destroy all copies of this message and its attachments and notify us
    immediately.
    ***********************************************************************

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Anton Alin-Adrian: "Re: SYN Attacks - how i cant stop it"

    Relevant Pages

    • Re: Determining file attributes *before* OPEN
      ... RDJFCB with an X'13' EXLST entry will return the first few volume serial ... Behalf Of John McKown ... message is not the intended recipient or an authorized representative of the ... communication is strictly prohibited. ...
      (bit.listserv.ibm-main)
    • Re: Language Enviroment HLASM question.
      ... Behalf Of McKown, John ... message is not the intended recipient or an authorized representative of the ... communication is strictly prohibited. ... attachments from your system. ...
      (bit.listserv.ibm-main)
    • SUMMARY: sendmail routing
      ... then have that server send it to the corporate mail server. ... >john - another server in building one. ... This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal and or privileged information. ... Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. ...
      (SunManagers)
    • Re: SBS VPN using Dynamic Address
      ... >> Law Offices of John H. Rittley, ... >> entities other than the intended recipient is prohibited. ... >> By sending and receiving email, ...
      (microsoft.public.windows.server.sbs)
    • Re: on display LED - 40A00000
      ... --Justin Richard Bleistein ... AIX/TSM/Oracle Database Systems Administrator ... Mills, John T ... information by persons or entities other than the intended recipient is ...
      (AIX-L)