XFree86 Font Information File Buffer Overflow
Barnes, John
jbarnes at trusecure.com
Fri Feb 13 06:25:03 PST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Has anyone see this alert?
http://www.securityfocus.com/archive/1/353352
It seems to work on Linux, but when I tried the proof of concept on
4.3.0,1 running 5.2 RELEASE, I couldn't get the X server to core dump
or segmentation fault. So, it seems likely to me that FreeBSD is not
vulnerable to this. Any other thoughts on this matter?
John Barnes
TruSecure
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBQCzePZuhTuCp6UG8EQJ9IACg3lY365GZicwVXTRtK26bnrVGcMYAoMjp
vwPcKAfyyjeUu5R6HbjHxbKn
=jW3K
-----END PGP SIGNATURE-----
***********************************************************************
This message is intended only for the use of the intended recipient and
may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you
are not the intended recipient, you are hereby notified that any use,
dissemination, disclosure or copying of this communication is strictly
prohibited. If you have received this communication in error, please
destroy all copies of this message and its attachments and notify us
immediately.
***********************************************************************
More information about the freebsd-security
mailing list