On Tue, Jan 17, 2006 at 02:37:52AM -0800, Steve Langasek wrote: > Is it confirmed that this stack smash bug is a security vulnerability? > Not all are...
I am not aware of any security issues with this stack smash. You can overwrite up to 10 chars of stack but I certainly don't know how I would use it in a security attack. You would need to overwrite the scorings file, which is installed as root, or to edit the user's ~/.xscorch/config file and point them at a custom scorings file. I don't know enough about the stack layout in that function to say for sure whether it could be used to execute custom code or not, though. > Well, I can't confirm this. Jacob, please consider the attached > patch, which fixes some quoting issues in configure.ac and > re-autoconfs the source. Confirmed to work in pbuilder here. If you > would care to prepare a -4 that includes these fixes, I'd be happy to > sponsor for you (as, I imagine, would Thomas). Funky, I thought we were using libxpm directly for a few things. I'll try to verify and get the -4 updated later today. Thanks, -Jacob -- Hail Ilpallazzo!
signature.asc
Description: Digital signature
