3 matches found
Debian DSA-310-1 : xaos - improper setuid-root execution
XaoS, a program for displaying fractal images, is installed setuid root on certain architectures in order to use svgalib, which requires access to the video hardware. However, it is not designed for secure setuid execution, and can be exploited to gain root privileges. In these updated packages,...
DEBIAN-CVE-2003-0385
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option...
Xaos 3.0 - Language Option Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/7838/info It has been reported that Xaos is vulnerable to a boundary condition error in the command option processing. Because of this, an attacker may be able to gain elevated privileges, potentially compromising the integrity of the host. / / xaos =...