Debian: DSA-074-1 Critical: wmaker Remote Exploit Buffer Overflow
debian
August 12, 2001
The code that handles titles in the window list menu didnot check the length of the title when copying it to a buffer.
Topics Covered
Summary
Package : wmaker
Problem type : buffer overflow
Debian-specific: no
Alban Hertroys found a buffer overflow in Window Maker (a popular window
manager for X). The code that handles titles in the window list menu did
not check the length of the title when copying it to a buffer. Since
applications will set the title using untrusted data (for example web
browsers will set the title of their window to the title of the web-page
being shown) this could be exploited remotely.
This has been fixed in version 0.61.1-4.1 of the Debian package, and
upstream version 0.65.1.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
---------------------------------
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
MD5 checksum: 3038244891749b522ffafdd5a47c7f49
MD5 checksum: 3c0779b1145facb7b747cc1229763f88
MD5 checksum: ed92ef5b52dbde235e6b9fcf1ff2a29a
Alph...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!