Package: xfree86 Severity: serious See http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities&flashstatus=false and existing exploit in http://www.securityfocus.com/archive/1/353493/2004-02-09/2004-02-15/0
the patch is available from ftp://ftp.xfree86.org/pub/XFree86/4.3.0/fixes/fontfile.diff Affected is both Woody and Sarge/Unstable. Description: Exploitation of a buffer overflow in The XFree86 Project Inc.'s XFree86 X Window System allows local attackers to gain root privileges. The problem specifically exists in the parsing of the 'font.alias' file. The X server (running as root) fails to check the length of user provided input. A malicious user may craft a malformed 'font.alias' file causing a buffer overflow upon parsing, eventually leading to the execution of arbitrary code. Successful exploitation requires that an attacker be able to execute commands in the X11 subsystem. This can be done either by having console access to the target or through a remote exploit against any X client program such as a web-browser, mail-reader or game. Successful exploitation yields root access. -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux g35 2.4.24-nfsacl-libata-drbd-up #1 Mon Jan 5 22:37:02 CET 2004 i686 Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8
