Bugtraq mailing list archives
XFree86: xdm xdmcp code in wdm also
From: brusso () PHYS HAWAII EDU (Brian Russo)
Date: Tue, 20 Jun 2000 05:42:10 -1000
wdm (wings display manager) - http://www.tcscs.com/wdm/, is basically xdm with WINGs handling the graphical elements. The bulk of the core code is directly pulled from xdm, indeed the tarball of version 1.20 I pulled from the above URL, included xdm-3.3.2 code in a tarball - although the above URL mentioned : " wdm-1.20 -- Feb 29, 2000 ... corrected by replacing some xdm-3.3.2 code with xdm-3.3.6. I think all the xdm stuff definitely should be udpated [sic] to the latest version. " The included ChangeLog gives a bit more detail on this. regardless, in ./wdm-1.20/xdm/xdmcp.c we find the same code: static char buf[256]; XdmcpHeader header; ARRAY8 status; sprintf (buf, "Session %d failed for display %s: %s", sessionID, name, reason); Debug ("Send failed %d %s\n", sessionID, buf); due to this direct importation of xdm code, it stands to reason that _any_ bug in xdm core code, will probably directly affect wdm in the same way. Additionally, as it seems WDM releases are not regularly updated with xdm code, wdm may even be worse-off than a up-to-date version of xdm. I do not fully understand this vulnerability really, but I thought you should be aware of this, send flames/comments/corrections/et al. thanks - brian
Just a minor one this. Discovered during a 5 minute pass of "xdm". I subsequently discovered "kdm" has copied the xdm core xdmcp code. xdmcp.c, send_failed() [...] static char buf[256]; [...] sprintf (buf, "Session %d failed for display %s: %s", (int)sessionID, name, reason); Cheers Chris
-- +---------------------------------------------------------------+ | Brian Russo: Professional Slacker <brusso () phys hawaii edu> | University of Hawai'i at Manoa, Physics Dept. +------------------------+
Current thread:
- MS-040 'proof of concept' code, (continued)
- MS-040 'proof of concept' code Renaud Deraison (Jun 13)
- Re: local root on linux 2.2.15 Rogier Wolff (Jun 08)
- Re: local root on linux 2.2.15 Tollef Fog Heen (Jun 11)
- Re: local root on linux 2.2.15 Peter da Silva (Jun 15)
- Re: local root on linux 2.2.15 Firstname Lastname (Jun 15)
- Re: local root on linux 2.2.15 Robert Watson (Jun 18)
- Net Tools PKI server exploits Jim Stickley (Jun 19)
- XFree86: libICE DoS Chris Evans (Jun 19)
- XFree86: Various nasty libX11 holes Chris Evans (Jun 19)
- XFree86: xdm flaw; present in kdm Chris Evans (Jun 19)
- XFree86: xdm xdmcp code in wdm also Brian Russo (Jun 20)
- Re: XFree86: xdm xdmcp code in wdm also Jerome ALET (Jun 20)
- Re: local root on linux 2.2.15 Peter da Silva (Jun 15)
- Problems with "kon2" package Chris Evans (Jun 19)
- [TL-Security-Announce] Linux Kernel TLSA2000013-1 Roger Luethi (Jun 19)
- Re: [TL-Security-Announce] Linux Kernel TLSA2000013-1 Gregory Neil Shapiro (Jun 28)
- CERT Advisory CA-2000-12 Roman Drahtmueller (Jun 19)
- Re: local root on linux 2.2.15 Joseph Gooch (Jun 15)
- Conectiva Linux Security Announcement - ZOPE Sergio Bruder (Jun 16)