Date: Fri, 30 May 1997 18:59:45 -0500 (CDT) From: Vlad Roubtsov <roubtsov@alecto.physics.uiuc.edu> To: security@FreeBSD.ORG Subject: Re: X libraries Message-ID: <Pine.SGI.3.91.970530185439.14188B-100000@alecto.physics.uiuc.edu> In-Reply-To: <199705301538.RAA08714@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 30 May 1997, Eivind Eklund wrote: > > There is presently at least one hole in the X11 libraries (a buffer >overflow) being passed around in hacker circles. This buffer overrun >makes it possible to exploit any setuid program for X11 (e.g. xterm) >user set to; xterm (and others) give root. > Somebody made a semi-systematic analysis of many X11 applications and identified several vulnerable programs (xterm included) about a year ago. The fact didn't draw much attention at the time... Vlad.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SGI.3.91.970530185439.14188B-100000>