Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 2 Oct 2002 18:27:12 -0300
From: "Ademar de Souza Reis Jr." <>
Subject: XFree86 MIT-SHM vulnerability

Hello everyone.

I didn't see fixes for the MIT-SHM vulnerability from any vendor besides
the Caldera update for XFree86-4.1.2 from March:

The point is that, as far as I can understand, even that fix is not
complete, as stated in the XFree86 security page:

* The MIT-SHM update in 4.2.1 is incomplete as the case where the X
  server is started from xdm was not handled. A more complete fix from
  the XFree86 trunk has been committed to the xf-4_2-branch branch.
  A source patch against 4.2.1 is available on the XFree86 FTP site.

So, any vendor planning a (new) release for this vulnerability?
Or maybe someone released something and I'm blind?

Anyway, the new patch mentioned definetely fails to apply in 4.0.3.
I didn't investigate it and if someone is working on it, please tell me
(otherwise I'll do it by myself :-).

Still talking about XFree86, I didn't see advisories/fixes from all vendors
(except SuSE, IIRC) for the xlib i18n local vulnerability... Any special
reason for this delay?

I don't know if it's just my feeling, but looks like everyone is "afraid" of
updating XFree86 :-). The MIT-SHM and the xlib i18n vulns sound very dangerous
to me, and I remember an old issue about using large fonts to cause
a serious DoS (mozilla was a vector for the attack - it's fixed already -, but
I tested it using other browsers as well) which is still unfixed.

Any comments?


Ademar de Souza Reis Jr. <>


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the xvendor mailing list charter.