Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200402-02 High: XFree86 Buffer Overflow Attack

gentoo
Calendar Grey February 11, 2004
Dist Gentoo Esm H88
The discovery of a critical buffer overflow vulnerability in Gentoo's XFree86 grants local adversaries the potential to acquire elevated privileges.
Exploitation of a buffer overflow in the XFree86 Project Inc.'s XFree86 X Window System allows local attackers to gain root privileges.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200402-02
~                                            https://security.gentoo.org/

~  Severity: High
~     Title: XFree86 Font Information File Buffer Overflow
~      Date: February 11, 2004
~        ID: 200402-02


Synopsis
=======
Exploitation of a buffer overflow in the XFree86 Project Inc.'s XFree86
X Window System allows local attackers to gain root privileges.

Background
=========
XFree86 provides a client/server interface between display hardware
and the desktop environment while also providing both the windowing
infrastructure and a standardized API. XFree86 is platform
independent, network-transparent and extensible.

==========
Exploitation of a buffer overflow in the XFree86 Window System
discovered by iDefence [ 1 ] allows local attackers to gain root privileges.

The problem exists in the parsing of the 'font.alias' file. The X server
(running as root) fails to check...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory Gentoo high severity buffer overflow XFree86 local exploit root access

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo high severity buffer overflow XFree86 local exploit root access

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here