Bug 3813 - FileBufferOverflow
: FileBufferOverflow
Status: CLOSED WORKSFORME
: Sisyphus
(All bugs in Sisyphus/vnc-server)
: unstable
: all Linux
: P2 major
Assigned To:
:
:
:
:
:
  Show dependency tree
 
Reported: 2004-03-10 18:00 by
Modified: 2007-09-18 22:37 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2004-03-10 18:00:12
Subject:
Re: iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow
From:
Steffen Kluge <kluge@fujitsu.com.au>
Date:
Tue, 17 Feb 2004 11:45:31 +1100
To:
bugtraq@securityfocus.com

On Sat, 2004-02-14 at 19:58, Dr Andrew C Aitchison wrote:

>> I note that this code also ocurs in Xvnc,


The version of Xvnc I've tried behaves somewhat differently, though:

$ perl -e 'print "0" x 1024 . "A" x 96 . "\n"' > fonts.alias
$ Xvnc :10 -fp .
17/02/04 11:28:28 Xvnc version 3.3.3r2+tight1.2.4
17/02/04 11:28:28 Copyright (C) AT&T Laboratories Cambridge.
17/02/04 11:28:28 All Rights Reserved.
17/02/04 11:28:28 See http://www.uk.research.att.com/vnc for information
on VNC
17/02/04 11:28:28 Desktop name 'x11' (my.host:10)
17/02/04 11:28:28 Protocol version supported 3.3
17/02/04 11:28:28 Listening for VNC connections on TCP port 5910
failed to set default font path '.'
Fatal server error:
could not open default font 'fixed'

No signals are caught. Also, Xvnc doesn't need to be suid, and usually
isn't.

Cheers
Steffen.
------- Comment #1 From 2004-05-24 13:56:42 -------
.
------- Comment #2 From 2006-12-31 20:25:37 -------
re
------- Comment #3 From 2006-12-31 20:28:53 -------
Гм.  Вообще в чём проблема?
------- Comment #4 From 2006-12-31 20:29:13 -------
Для vnc-3.3.3r2-alt7 тест проходит точно так же, как для tightvnc в
процитированном письме; SUID тоже нет.
------- Comment #5 From 2007-01-05 12:40:20 -------
Да похоже это устарело