Bug 91134 - CAN-2002-0164+ XFree86 vulnerabilities
CAN-2002-0164+ XFree86 vulnerabilities
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: XFree86 (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Mike A. Harris
David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 2003-05-19 04:31 EDT by Mark J. Cox (Product Security)
Modified: 2007-11-30 17:06 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-07-09 06:46:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2003-05-19 04:31:53 EDT
There are a number of vulnerabilities that affect the version of XFree86
supplied with Enterprise Linux.  An update, RHSA-2003:065, is being worked on
and packages available for QA this week.

        A vulnerability in the MIT-SHM extension of the X server allows
        local users to read and write arbitrary shared memory, to
        cause a denial of service or gain privileges.  Fixed, but it was an    
        incomplete fix - for the case where the X server is started
        from xdm which was not handled.  A more complete patch was
        made available.

        XDM restrictions bypassed by non existent directory

        It is fixed in the upstream 4.2.0 tarball

        xterm contains escape sequence to report current window title.

        Possible to lock up xterm with corrupt DEC UDK sequence, Thomas
        Dickey says it affects all versions, my initial analysis was
Comment 1 Mark J. Cox (Product Security) 2003-07-09 06:46:44 EDT
These were fixed by 

Note You need to log in before you can comment on or make changes to this bug.