Hi,

XFree86 versions 3.3.5 and 3.3.6 have been found to contain a buffer overflow in the xkbmap command-line switch. An attacker can execute arbitrary code as root, since XFree86 runs either with setuid permissions, or via a wrapper that is setuid.

please note SuSE Linux is not exploitable. The Xwrapper which comes with SuSE 6.4 is suid but checks the arguments and prevents this attack. The X Servers are not suid. Therefore: no problem. BUT if you have installed XFree86 4.0 (SuSE 6.4 installs 3.3.6) you are vulnerable. Check it out by executing the following command: "rpm -q xf86" Greets, Marc -- Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C