Re: ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd)

From: Florian Weimer (Weimerat_private-Stuttgart.DE)
Date: Tue Nov 26 2002 - 07:00:10 PST

Next message: vALDEUxat_private: "Security Patch for PortailPHP 0.99"

Previous message: D. J. Bernstein: "Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND"
In reply to: Dave Ahmad: "ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dave Ahmad <daat_private> quotes ISS:

> Solaris fs.auto Remote Compromise Vulnerability

This is more or less the standard font server of the X Window System.

> ISS X-Force has discovered a vulnerability in the Sun Microsystems
> implementation of the "X Window Font Service", or "XFS".

It appears as if this issue has already been addressed by Keith
Packard in 1999:

http://cvsweb.xfree86.org/cvsweb/xc/programs/xfs/difs/dispatch.c.diff?r1=3.6&r2=3.7

This patch has been part of XFree86 since version 3.3.6 at least.
X.Org releases beginning with X11 R6.5.1 have applied this patch as
well.

More recently, a null pointer check has been added to the XFree86
sources, probably to cope with some DoS issues.

-- 
Florian Weimer 	                  Weimerat_private-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898

Next message: vALDEUxat_private: "Security Patch for PortailPHP 0.99"
Previous message: D. J. Bernstein: "Re: CAIS-ALERT: Vulnerability in the sending requests control of BIND"
In reply to: Dave Ahmad: "ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Nov 30 2002 - 12:08:37 PST