Welcome To Security.Fx-Vista.Com

Computer Security Information

Home

Window Maker Buffer Overflow

<< Back

 

COMMAND
    Window Maker
SYSTEMS AFFECTED
    Window Maker
PROBLEM
    Alban Hertroys found a buffer overflow in Window Maker (a  popular
    window  manager  for  X).   The  code  that  handles titles in the
    window  list  menu  did  not  check  the  length of the title when
    copying it  to a  buffer.   Since applications  will set the title
    using untrusted data (for example web browsers will set the  title
    of their  window to  the title  of the  web-page being shown) this
    could be exploited remotely.
SOLUTION
    This has been fixed in  version 0.61.1-4.1 of the Debian  package,
    and upstream version 0.65.1:
http://security.debian.org/dists/stable/updates/main/source/wmaker_0.61.1-4.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/wmaker_0.61.1-4.1.dsc
http://security.debian.org/dists/stable/updates/main/source/wmaker_0.61.1.orig.tar.gz
http://security.debian.org/dists/stable/updates/main/binary-alpha/libdockapp-dev_0.61.1-4.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libwings-dev_0.61.1-4.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libwmaker0-dev_0.61.1-4.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libwraster1-dev_0.61.1-4.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libwraster1_0.61.1-4.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/wmaker_0.61.1-4.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libdockapp-dev_0.61.1-4.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libwings-dev_0.61.1-4.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libwmaker0-dev_0.61.1-4.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libwraster1-dev_0.61.1-4.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libwraster1_0.61.1-4.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/wmaker_0.61.1-4.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libdockapp-dev_0.61.1-4.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libwings-dev_0.61.1-4.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libwmaker0-dev_0.61.1-4.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libwraster1-dev_0.61.1-4.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libwraster1_0.61.1-4.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/wmaker_0.61.1-4.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libdockapp-dev_0.61.1-4.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libwings-dev_0.61.1-4.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libwmaker0-dev_0.61.1-4.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libwraster1-dev_0.61.1-4.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libwraster1_0.61.1-4.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/wmaker_0.61.1-4.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libdockapp-dev_0.61.1-4.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libwings-dev_0.61.1-4.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libwmaker0-dev_0.61.1-4.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libwraster1-dev_0.61.1-4.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libwraster1_0.61.1-4.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/wmaker_0.61.1-4.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libdockapp-dev_0.61.1-4.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libwings-dev_0.61.1-4.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libwmaker0-dev_0.61.1-4.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libwraster1-dev_0.61.1-4.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libwraster1_0.61.1-4.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/wmaker_0.61.1-4.1_sparc.deb
 
    For Conectiva Linux:
 
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/WindowMaker-0.60.0-8U40_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/WindowMaker-0.60.0-8U40_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/WindowMaker-0.60.0-8U40_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/WindowMaker-0.60.0-8U40_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/./4.1/i386/WindowMaker-0.60.0-10U41_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/./4.1/SRPMS/WindowMaker-0.60.0-10U41_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/WindowMaker-0.61.1-3U42_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/WindowMaker-0.61.1-3U42_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/WindowMaker-0.61.1-7U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/WindowMaker-0.61.1-7U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/WindowMaker-0.62.1-6U_51_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/WindowMaker-0.62.1-6U_51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/WindowMaker-devel-0.62.1-6U_51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/WindowMaker-0.62.1-13U60_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/WindowMaker-0.62.1-13U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/WindowMaker-devel-0.62.1-13U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/WindowMaker-0.65.1-2U70_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-0.65.1-2U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-doc-0.65.1-2U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-devel-static-0.65.1-2U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-devel-0.65.1-2U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/WindowMaker-0.61.1-7U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/WindowMaker-0.61.1-7U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/WindowMaker-0.61.1-7U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/WindowMaker-0.61.1-7U50_1cl.i386.rpm

Credits
-- UnKnown --

<< Back

 

Copyright ©2008 www.Security.Fx-Vista.Com | All rights reserved