Bug 10897 - X11 font server vulnerability
Summary: X11 font server vulnerability
Keywords:
Status: CLOSED DUPLICATE of bug 10877
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: aboot
Version: 6.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Cristian Gafton
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-04-18 18:33 UTC by smedina
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2000-04-18 19:27:29 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2001:071 0 high SHIPPED_LIVE : New updated XFree86 packages available 2001-05-24 04:00:00 UTC

Description smedina 2000-04-18 18:33:26 UTC 
The purpose of this email is twofold: 1) to inform you of a reported
vulnerability by a third party, not myself,  involving one of your
products, and 2) to obtain confirmation/clarification and knowledge of any
measures taken to address this in the event it is viable.

Below is the report (snipped):

--- Begin report ---

A denial of service exists in the X11 font server shipped with RedHat
Linux 6.x. Due to improper input validation, it is possible for any user
to crash the X fontserver. This will prevent the X server from functioning
properly

--- End report ---


An explanation of my query - I work for Infrastructure Defense, Inc.,
which provides private publications to fortune 500 companies about
information/computer security trends, vulnerabilities, etc. I strive to
contact the appropriate parties whenever there is a question as to the
veracity of a post, claim, other. Hence, my email to you.

I hope to hear from you soon.


Servio Medina - smedina
Information Security Analyst
www.idefense.com
Comment 1 Bill Nottingham 2000-04-18 19:27:59 UTC 
*** This bug has been marked as a duplicate of 10877 ***
Note You need to log in before you can comment on or make changes to this bug.