Re: Remote Root In Nvidia xserver Driver

To: debian-security@lists.debian.org
Subject: Re: Remote Root In Nvidia xserver Driver
From: "Sam Morris" <sam@robots.org.uk>
Date: Wed, 18 Oct 2006 10:42:05 +0000 (UTC)
Message-id: <[🔎] eh50dt$img$2@sea.gmane.org>
References: <[🔎] 200610180138.25404.nick@glimmer.demon.co.uk> <[🔎] 20061018011120.GA22568@cobalt0.panici.net> <[🔎] 20061018015349.GE5357@morgul.net>

On Tue, 17 Oct 2006 21:53:49 -0400, Noah Meyerhans wrote:
> However, as I read it,
> it sounds like you can only run arbitrary code if you are actually
> accessing the X server directly via a client.  While this client can be
> local or remote, nobody is going to allow unauthenticated remote clients
> to access their X server, so this might not be so bad...

I disagree. SSHing to a compromised host should not open the client
machine up to security vulnerabilities of this kind.

-- 
Sam Morris
http://robots.org.uk/

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078

Reply to:

Follow-Ups:
- Re: Remote Root In Nvidia xserver Driver
  - From: Dominic Hargreaves <dom@earth.li>

References:
- Remote Root In Nvidia xserver Driver
  - From: Nick Boyce <nick@glimmer.demon.co.uk>
- Re: Remote Root In Nvidia xserver Driver
  - From: paddy <paddy@panici.net>
- Re: Remote Root In Nvidia xserver Driver
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: Re: Remote Root In Nvidia xserver Driver
Next by Date: Re: Remote Root In Nvidia xserver Driver
Previous by thread: Re: Remote Root In Nvidia xserver Driver
Next by thread: Re: Remote Root In Nvidia xserver Driver
Index(es):
- Date
- Thread