Gentoo Linux Security Advisory GLSA 200710-11 - iDefense reported that the xfs init script does not correctly handle a race condition when setting permissions of a temporary file. Sean Larsson discovered an integer overflow vulnerability in the build_range() function possibly leading to a heap-based buffer overflow when handling QueryXBitmaps and QueryXExtents protocol requests. Sean Larsson also discovered an error in the swap_char2b() function possibly leading to a heap corruption when handling the same protocol requests. Versions less than 1.0.5 are affected.
511f463b3188bb6e41c1e0acef1a8578132acf147999f05fdb2f1f68b185056eDebian Security Advisory 1342-1 - It was discovered that a race condition in the init.d script of the X Font Server allows the modification of file permissions of arbitrary files if the local administrator can be tricked into restarting the X font server.
74f07a9a1e40524a44f01816569d7cd3125eb33ab433f9b3200ad7ccf0f74ee3iDefense Security Advisory 07.12.07 - Local exploitation of a race condition vulnerability in Red Hat Inc.'s Enterprise Linux init.d XFS script allows an attacker to elevate their privileges to root. iDefense has confirmed the existence of this vulnerability in Red Hat Enterprise Linux version 4, and Fedora Core 6. Other versions may also be affected.
2666c40511f0350e401c36cdc9f97d433ab4c36b57b8e529c7c0a2a02b5b980c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed