Re: Remote Root In Nvidia xserver Driver

To: debian-security@lists.debian.org
Subject: Re: Remote Root In Nvidia xserver Driver
From: "Sam Morris" <sam@robots.org.uk>
Date: Wed, 18 Oct 2006 01:28:48 +0000 (UTC)
Message-id: <[🔎] eh400g$img$1@sea.gmane.org>
References: <[🔎] 200610180138.25404.nick@glimmer.demon.co.uk>

On Wed, 18 Oct 2006 01:38:25 +0100, Nick Boyce wrote:

> Regarding the remote root hole in Nvidia's closed-source binary xserver driver 
> announced today by Rapid7 :
>   http://download2.rapid7.com/r7-0025/
> and being discussed all over the place :
>   http://it.slashdot.org/article.pl?sid=06/10/16/2038253
>   http://kerneltrap.org/node/7228
> it looks to me as though the hole is not present in the version of the driver 
> packaged for Sarge (1.0.7174).  The Rapid7 bulletin asserts the hole is 
> present in Linux driver versions 8762 and 8774 - and _probably_ earlier 
> versions.

[ ... ]

> Just for the sake of calm (my calm) can anyone else confirm this ?

The legacy nvidia graphics drivers should also be checked.

> Cheers
> Nick Boyce

-- 
Sam Morris
http://robots.org.uk/

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078

Reply to:

References:
- Remote Root In Nvidia xserver Driver
  - From: Nick Boyce <nick@glimmer.demon.co.uk>

Prev by Date: Re: Remote Root In Nvidia xserver Driver
Next by Date: Re: Remote Root In Nvidia xserver Driver
Previous by thread: Re: Remote Root In Nvidia xserver Driver
Next by thread: help: duplicate MAC address
Index(es):
- Date
- Thread