XFree86 4.0 local buffer overflow
XFree86 4.0 local buffer overflow FreeBSD has released updated packages that detail a local buffer overflow in XFree86 version 4.0. The vulnerability lets a local attacker gain root privileges. Updated FreeBSD packages: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/x11/ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/x11/ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/x11/ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/x11/ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/x11/ Source: FreeBSD http://archives.neohapsis.com/archives/freebsd/2000-07/0037.html -- ----/ / _ Fred A. Miller ---/ / (_)__ __ ____ __ Systems Administrator --/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services -/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
XFree86 4.0 local buffer overflow
FreeBSD has released updated packages that detail a local buffer overflow in XFree86 version 4.0. The vulnerability lets a local attacker gain root privileges.
Updated FreeBSD packages:
I might be missing something here but what does FreeBSD have to do with SuSE Linux or Linux at all? FreeBSD is BSD UNIX not Linux. XFree86 has nothing to do with the FreeBSD team. M
Hello Mr. M, Let me jump in here for a moment. On Fri, 14 Jul 2000, Mr. M wrote:
XFree86 4.0 local buffer overflow
FreeBSD has released updated packages that detail a local buffer overflow in XFree86 version 4.0. The vulnerability lets a local attacker gain root privileges.
Updated FreeBSD packages:
I might be missing something here but what does FreeBSD have to do with SuSE Linux or Linux at all?
FreeBSD is BSD UNIX not Linux.
XFree86 has nothing to do with the FreeBSD team.
If I'm not mistaken, the same sources for XFree86 are compiled in Linux as in FreeBSD. So if the FreeBSD people are reporting a "local buffer overload" in XFree86 4.0, this may also affect people who are using the SuSE version of it. If so, they may be giving SuSE the jump on patching their version early, before the "exploits" come out, and giving *us* a heads up that there may be an updated version of XFree86 4.0 from SuSE, hopefully soon. If this is correct, I thank Fred A. Miller for telling us. Best regards, Ken Parker
devel@kparker.org wrote:
Hello Mr. M,
Let me jump in here for a moment.
On Fri, 14 Jul 2000, Mr. M wrote:
XFree86 4.0 local buffer overflow
FreeBSD has released updated packages that detail a local buffer overflow in XFree86 version 4.0. The vulnerability lets a local attacker gain root privileges.
Updated FreeBSD packages:
I might be missing something here but what does FreeBSD have to do with SuSE Linux or Linux at all?
FreeBSD is BSD UNIX not Linux.
XFree86 has nothing to do with the FreeBSD team.
If I'm not mistaken, the same sources for XFree86 are compiled in Linux as in FreeBSD. So if the FreeBSD people are reporting a "local buffer overload" in XFree86 4.0, this may also affect people who are using the SuSE version of it. If so, they may be giving SuSE the jump on patching their version early, before the "exploits" come out, and giving *us* a heads up that there may be an updated version of XFree86 4.0 from SuSE, hopefully soon.
If this is correct, I thank Fred A. Miller for telling us.
I reasoned that it's the same code base, and if so, then great. If not, sorry for the alert, but I didn't want to wait for confirmation. Fred -- ----/ / _ Fred A. Miller ---/ / (_)__ __ ____ __ Systems Administrator --/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services -/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
participants (3)
-
devel@master.kparker.org -
Fred A. Miller -
Mr. M