733 matches found
XFree86 server overflow - exploit issues
While trying to exploit this overflow, I noticed that the problem lies in lovely strcpy call, which overwrites stack. Unfortunately, any 'offending' non-alphanumeric characters are replaced with '' somewhere before. Uh, most of people will say "it's impossible to write alphanumeric shellcode, so ...
CVE-2000-0285
Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter...
CVE-1999-0434
The CVE-1999-0434 entry documents a vulnerability in the XFree86 xfs command where a symlink attack enables local users to create files in restricted directories, potentially leading to privilege escalation or a denial of service. Connected sources corroborate the issue as a symlink-based file cr...
CVE-1999-0434
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service...
CVE-1999-0433
XFree86 startx is affected by a symlink attack allowing local users to create files in restricted directories, potentially gaining privileges or causing a denial of service. The provided documents do not specify affected versions or a fix; one PT Security entry notes no information about a newer ...
CVE-1999-0433
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service...
xfs.txt
Bug in xfs Lukasz Trabinski [email protected] Tue, 30 Mar 1999 00:14:34 +0200 Hello, I hope that's information will be useful for making new patch for XFree86. I found bug in xfs Packet XFree86-xfs-3.3.3.1-1 in RedHat 5.1 and probably in RedHat 5.2 updates, too Xfs is a font server for...
xfree86.suse.txt
Date: Sun, 28 Mar 1999 23:20:58 +0200 From: Marc Heuse To: [email protected] Subject: SuSE Security Announcement - XFree86 -----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: xf86-3.3.3-5 Date: Sun Mar 28 12:26:39 CEST 1999 Affected: unix operating systems using xfree86 A...
CVE-1999-0434
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service...
CVE-1999-0433
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service...
CVE-1999-1489
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument...
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/364/info superprobe is an program supplied with XFree86 that helps determine video hardware. It is shipped with Slackware Linux 3.1 and is installed setuid root. There is an exploitable strcpy buffer overflow in the TestChip function which allows for a...
Slackware Linux 3.1 - usrX11binSuperProbe Local Buffer Overflow
Slackware Linux 3.1 - usrX11binSuperProbe Local Buffer Overflow / source: https://www.securityfocus.com/bid/364/info superprobe is an program supplied with XFree86 that helps determine video hardware. It is shipped with Slackware Linux 3.1 and is installed setuid root. There is an exploitable...