From owner-freebsd-security@FreeBSD.ORG Fri Feb 13 10:44:00 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF9CE16A4CE for ; Fri, 13 Feb 2004 10:44:00 -0800 (PST) Received: from mx2.trusecure.com (mx2.trusecure.com [208.251.192.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id BE39943D1F for ; Fri, 13 Feb 2004 10:44:00 -0800 (PST) (envelope-from jbarnes@trusecure.com) Received: by mx2.trusecure.com (Postfix, from userid 1006) id D20B9C920F; Fri, 13 Feb 2004 13:44:00 -0500 (EST) Received: from VAMAIL01.corp.trusecure.net (vamail01.corp.trusecure.net [172.19.1.52]) by mx2.trusecure.com (Postfix) with ESMTP id C2B7DC9206 for ; Fri, 13 Feb 2004 13:44:00 -0500 (EST) Received: from exchange01.mscore.trusecure.net (exchange01.corp.trusecure.net [172.19.1.50]) (8.12.10/maybe_its_not_even_really_Sendmail....) with ESMTP id i1DIhx5B001192 for ; Fri, 13 Feb 2004 13:43:59 -0500 (EST) Received: by exchange01.corp.trusecure.net with Internet Mail Service (5.5.2653.19) id <153AVJ7M>; Fri, 13 Feb 2004 13:44:00 -0500 Message-ID: From: "Barnes, John" To: "'freebsd-security@freebsd.org'" Date: Fri, 13 Feb 2004 13:43:59 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="ISO-8859-1" Subject: RE: XFree86 Font Information File Buffer Overflow X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Feb 2004 18:44:01 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I misread a '1' for an 'l' on the exploit. X blows up quite handily now. John - -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org]On Behalf Of Barnes, John Sent: Friday, February 13, 2004 9:25 AM To: 'freebsd-security@freebsd.org' Subject: XFree86 Font Information File Buffer Overflow Has anyone see this alert? http://www.securityfocus.com/archive/1/353352 It seems to work on Linux, but when I tried the proof of concept on 4.3.0,1 running 5.2 RELEASE, I couldn't get the X server to core dump or segmentation fault. So, it seems likely to me that FreeBSD is not vulnerable to this. Any other thoughts on this matter? John Barnes TruSecure -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQC0a75uhTuCp6UG8EQKR1QCfZ7yY/aLPpEwaTUzfkHTx/4XLMHwAn1ZS wcYsrNt8WybW2w5wY0I/YUvr =+Jwe -----END PGP SIGNATURE----- *********************************************************************** This message is intended only for the use of the intended recipient and may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error, please destroy all copies of this message and its attachments and notify us immediately. ***********************************************************************