http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities&flashstatus=false
According to this advisory affected versions are 4.1.0 to 4.3.0 and there�s an description how to reproduce the buffer overflow.
I�ve tried this (on a system running SuSe 8.2 and XFree86 version 4.2.0) but nothing happens unless a message appears
>Fatal server error: >Server is already active for display 0 > If this server is no longer running, remove /tmp/.X0-lock > and start again.
>When reporting a problem related to a server crash, please send >the full server output, not just the last messages. >Please report problems to http://www.suse.de/feedback.
Can somebody reproduce this buffer overflow and under which conditions ?
--
Mit freundlichen Gr�ssen
Olaf Hahn Datennetzdienste/Security QSC AG
Mathias-Br�ggen-Str. 55 50829 K�ln Phone: +49 221 6698-443 Fax: +49 221 6698-409 E-Mail: [EMAIL PROTECTED]
Internet: http://www.qsc.de
************************************
Paranoid zu sein heisst nicht, dass nicht doch jemand hinter einem steht
************************************
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
