CVE-2001-0955
https://notcve.org/view.php?id=CVE-2001-0955
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. • http://cvsweb.xfree86.org/cvsweb/xc/programs/Xserver/fb/fbglyph.c http://marc.info/?l=bugtraq&m=100776624224549&w=2 http://marc.info/?l=bugtraq&m=100784290015880&w=2 http://marc.info/?l=vuln-dev&m=100118958310463&w=2 http://www.securityfocus.com/bid/3657 http://www.securityfocus.com/bid/3663 http://www.xfree86.org/4.2.0/RELNOTES2.html#2 http://www.xfree86.org/security https://exchange.xforce.ibmcloud.com/vulnerabilities/7673 https://exchange.xforce.ibmcloud. •
CVE-2001-1179
https://notcve.org/view.php?id=CVE-2001-1179
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. • http://www.securityfocus.com/archive/1/197498 •
CVE-2001-1178 – XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-1178
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. • https://www.exploit-db.com/exploits/21010 http://archives.neohapsis.com/archives/bugtraq/2001-07/0234.html http://www.securityfocus.com/bid/3030 https://exchange.xforce.ibmcloud.com/vulnerabilities/6853 •
CVE-2001-1086 – XFree86 X11R6 3.3 XDM - Session Cookie Guessing
https://notcve.org/view.php?id=CVE-2001-1086
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. • https://www.exploit-db.com/exploits/20993 http://online.securityfocus.com/archive/1/195008 http://www.securityfocus.com/archive/1/194907 http://www.securityfocus.com/bid/2985 https://exchange.xforce.ibmcloud.com/vulnerabilities/6808 •
CVE-2000-0976 – XFree86 3.3.5/3.3.6 - Xlib Display Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0976
Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter. • https://www.exploit-db.com/exploits/20294 ftp://patches.sgi.com/support/free/security/advisories/20020502-01-I http://archives.neohapsis.com/archives/bugtraq/2000-10/0211.html http://www.iss.net/security_center/static/5751.php http://www.securityfocus.com/bid/1805 •