Vulnerability Development mailing list archives

RE: Vulnerability in X server

From: "Harshul Nayak" <harshul.nayak () patni com>
Date: Thu, 11 Mar 2004 16:29:56 +0530


Hi marco,
are you talking about the XFree86 Font Information File Buffer Overflow ?
check out the refered URL
http://idefense.com/application/poi/display?id=72&type=vulnerabilities&flash
status=true

-regs
Harshul Nayak
-----Original Message-----
From: Marco Monicelli [mailto:marco.monicelli () marcegaglia com]
Sent: Wednesday, March 10, 2004 3:42 PM
To: vuln-dev () securityfocus com
Subject: Vulnerability in X server






Hello there!

Anyone of you guys is aware of a local vulnerability for X server? I got a
binary by a friend of mine claiming to be a local exploit for X servers
tested on several distros like Suse 9.0 and latest release of Slackware.

I'm not used to run binaries although this comes from a pretty trusted
friend who codes exploits.

It should drop a root shell and in case of failure it crashes X server
(this according to my friend).

I'd like to have your opinions and informations.

Thank you for support.

Marco Monicelli
MARCEGAGLIA SPA
Tel.  +39 0376 685369
Fax. +39 0376 685625
mail: marco.monicelli () marcegaglia com

Current thread:

Vulnerability in X server Marco Monicelli (Mar 10)
- RE: Vulnerability in X server Harshul Nayak (Mar 11)
- Re: Vulnerability in X server Peter Pentchev (Mar 11)
- <Possible follow-ups>
- RE: Vulnerability in X server Brown, Rodrick (Mar 11)