XFree86 보안버그 수정
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1056553200
업데이트 : 2003.06.26
Xterm, provided as part of the XFree86 packages, provides an escape
sequence for reporting the current window title. This escape sequence
essentially takes the current title and places it directly on the command
line. An attacker can craft an escape sequence that sets the victim's Xterm
window title to an arbitrary command, and then reports it to the command
line. Since it is not possible to embed a carriage return into the window
title, the attacker would then have to convince the victim to press Enter
for the shell to process the title as a command, although the attacker
could craft other escape sequences that might convince the victim to do so.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0063 to this issue.
It is possible to lock up versions of Xterm by sending an invalid DEC
UDK escape sequence. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0071 to this issue.
The xdm display manager, with the authComplain variable set to false,
allows arbitrary attackers to connect to the X server if the xdm auth
directory does not exist. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-1510 to this issue.
These erratum packages also contain an updated fix for CAN-2002-0164, a
vulnerability in the MIT-SHM extension of the X server that allows local
users to read and write arbitrary shared memory. The original fix did not
cover the case where the X server is started from xdm.
The X server was setting the /dev/dri directory permissions incorrectly,
which resulted in the directory being world writable. It now sets the
directory permissions to a safe value. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2001-1409 to