XFree86 Xserver Denial of Service Vulnerability
BID:1235
Info
XFree86 Xserver Denial of Service Vulnerability
| Bugtraq ID: | 1235 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 18 2000 12:00AM |
| Updated: | May 18 2000 12:00AM |
| Credit: | This vulnerability was posted to the Bugtraq mailing list on May 18, 2000 by Chris Evans <[email protected]> |
| Vulnerable: |
XFree86 X11R6 4.0 XFree86 X11R6 3.3.6 XFree86 X11R6 3.3.5 |
| Not Vulnerable: | |
Discussion
XFree86 Xserver Denial of Service Vulnerability
A denial of service exists in XFree86 3.3.5, 3.3.6 and 4.0. A remote user can send a malformed packet to the TCP listening port, 6000, which will cause the X server to be unresponsive for some period of time. During this time, the keyboard will not respond to user input, and in some cases, the mouse will also not respond. During this time period, the X server will utilize 100% of the CPU, and can only be repaired by being signaled. This vulnerability exists only in servers compiled with the XCSECURITY #define set. This can be verified by running the following:
strings /path/to/XF86_SVGA | grep "XC-QUERY-SECURITY-1"
To quote the Bugtraq post, by Chris Evans <[email protected]>:
"Observe xc/programs/Xserver/os/secauth.c, AuthCheckSitePolicy():
// dataP is user supplied data from the network
char *policy = *dataP;
int nPolicies;
...
// Oh dear, we can set nPolicies to -1
nPolicies = *policy++;
while (nPolicies) {
// Do some stuff in a loop
...
nPolicies--;
}
So, the counter "nPolicies", if seeded with -1, will decrement towards
about minus 2 billion, then wrap to become positive 2 billion, and head
towards its final destination of 0."
A denial of service exists in XFree86 3.3.5, 3.3.6 and 4.0. A remote user can send a malformed packet to the TCP listening port, 6000, which will cause the X server to be unresponsive for some period of time. During this time, the keyboard will not respond to user input, and in some cases, the mouse will also not respond. During this time period, the X server will utilize 100% of the CPU, and can only be repaired by being signaled. This vulnerability exists only in servers compiled with the XCSECURITY #define set. This can be verified by running the following:
strings /path/to/XF86_SVGA | grep "XC-QUERY-SECURITY-1"
To quote the Bugtraq post, by Chris Evans <[email protected]>:
"Observe xc/programs/Xserver/os/secauth.c, AuthCheckSitePolicy():
// dataP is user supplied data from the network
char *policy = *dataP;
int nPolicies;
...
// Oh dear, we can set nPolicies to -1
nPolicies = *policy++;
while (nPolicies) {
// Do some stuff in a loop
...
nPolicies--;
}
So, the counter "nPolicies", if seeded with -1, will decrement towards
about minus 2 billion, then wrap to become positive 2 billion, and head
towards its final destination of 0."
Exploit / POC
XFree86 Xserver Denial of Service Vulnerability
Chris Evans <[email protected]> posted an exploit to Bugtraq for this vulnerability.
Chris Evans <[email protected]> posted an exploit to Bugtraq for this vulnerability.
Solution / Fix
XFree86 Xserver Denial of Service Vulnerability
Solution:
Solution submitted by Fred Silva <[email protected]>:
Run the X server with the option "-nolisten tcp" set. This option causes the X server to not listen connections from any client. To use this option, simply add it to serverargs variable in the /usr/X11/bin/startx script.
FreeBSD has released fixes for this vulnerability.
XFree86 X11R6 3.3.6
Solution:
Solution submitted by Fred Silva <[email protected]>:
Run the X server with the option "-nolisten tcp" set. This option causes the X server to not listen connections from any client. To use this option, simply add it to serverargs variable in the /usr/X11/bin/startx script.
FreeBSD has released fixes for this vulnerability.
XFree86 X11R6 3.3.6
-
Debian 2.2 all rstart_3.3.6-11potato32_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/rstart _3.3.6-11potato32_all.deb -
Debian 2.2 all xbase_3.3.6-11potato32_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/xbase_ 3.3.6-11potato32_all.deb -
Debian 2.2 all xfree86-common_3.3.6-11potato32_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/xfree8 6-common_3.3.6-11potato32_all.deb -
Debian 2.2 alpha rstartd_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/rsta rtd_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha twm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/twm_ 3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xbase-clients_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xbas e-clients_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xdm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xdm_ 3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xext_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xext _3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xf86setup_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xf86 setup_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xfs_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xfs_ 3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xlib6g-dev_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib 6g-dev_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xlib6g-static_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib 6g-static_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xlib6g_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib 6g_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xmh_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xmh_ 3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xnest_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xnes t_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xproxy_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xpro xy_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xprt_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xprt _3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-3dlabs_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-3dlabs_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-common_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-common_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-fbdev_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-fbdev_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-i128_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-i128_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-mach64_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-mach64_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-mono_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-mono_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-p9000_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-p9000_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-s3v_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-s3v_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-svga_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-svga_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-tga_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-tga_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xserver-vga16_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xser ver-vga16_3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xsm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xsm_ 3.3.6-11potato32_alpha.deb -
Debian 2.2 alpha xterm_3.3.6-11potato32_alpha.de
http://security.debian.org/dists/stable/updates/main/binary-alpha/xter m_3.3.6-11potato32_alpha.de -
Debian 2.2 alpha xvfb_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xvfb _3.3.6-11potato32_alpha.deb -
Debian 2.2 arm rstartd_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/rstart d_3.3.6-11potato32_arm.deb -
Debian 2.2 arm twm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/twm_3. 3.6-11potato32_arm.deb -
Debian 2.2 arm xbase-clients_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xbase- clients_3.3.6-11potato32_arm.deb -
Debian 2.2 arm xdm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xdm_3. 3.6-11potato32_arm.deb -
Debian 2.2 arm xext_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xext_3 .3.6-11potato32_arm.deb -
Debian 2.2 arm xfs_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xfs_3. 3.6-11potato32_arm.deb -
Debian 2.2 arm xlib6g-dev_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g -dev_3.3.6-11potato32_arm.deb -
Debian 2.2 arm xlib6g-static_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g -static_3.3.6-11potato32_arm.deb -
Debian 2.2 arm xlib6g_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g _3.3.6-11potato32_arm.deb -
Debian 2.2 arm xmh_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xmh_3. 3.6-11potato32_arm.deb -
Debian 2.2 arm xnest_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xnest_ 3.3.6-11potato32_arm.deb -
Debian 2.2 arm xproxy_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xproxy _3.3.6-11potato32_arm.deb -
Debian 2.2 arm xprt_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xprt_3 .3.6-11potato32_arm.deb -
Debian 2.2 arm xserver-common_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserve r-common_3.3.6-11potato32_arm.deb -
Debian 2.2 arm xserver-fbdev_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserve r-fbdev_3.3.6-11potato32_arm.deb -
Debian 2.2 arm xsm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xsm_3. 3.6-11potato32_arm.deb -
Debian 2.2 arm xterm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xterm_ 3.3.6-11potato32_arm.deb -
Debian 2.2 arm xvfb_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xvfb_3 .3.6-11potato32_arm.deb -
Debian 2.2 i386 rstartd_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/rstar td_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 twm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/twm_3 .3.6-11potato32_i386.deb -
Debian 2.2 i386 xbase-clients_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xbase -clients_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xdm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xdm_3 .3.6-11potato32_i386.deb -
Debian 2.2 i386 xext_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xext_ 3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xf86setup_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xf86s etup_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xfs_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xfs_3 .3.6-11potato32_i386.deb -
Debian 2.2 i386 xlib6-altdev_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6 -altdev_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xlib6_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6 _3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xlib6g-dev_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6 g-dev_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xlib6g-static_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6 g-static_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xlib6g_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6 g_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xmh_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xmh_3 .3.6-11potato32_i386.deb -
Debian 2.2 i386 xnest_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xnest _3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xproxy_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xprox y_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xprt_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xprt_ 3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-3dlabs_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-3dlabs_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-8514_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-8514_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-agx_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-agx_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-common_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-common_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-fbdev_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-fbdev_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-i128_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-i128_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-mach32_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-mach32_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-mach64_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-mach64_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-mach8_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-mach8_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-mono_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-mono_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-p9000_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-p9000_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-s3_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-s3_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-s3v_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-s3v_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-svga_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-svga_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-vga16_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-vga16_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xserver-w32_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserv er-w32_3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xsm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xsm_3 .3.6-11potato32_i386.deb -
Debian 2.2 i386 xterm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xterm _3.3.6-11potato32_i386.deb -
Debian 2.2 i386 xvfb_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xvfb_ 3.3.6-11potato32_i386.deb -
Debian 2.2 ppc rstartd_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/rs tartd_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc twm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/tw m_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xbase-clients_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xb ase-clients_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xdm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xd m_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xext_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xe xt_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xfs_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xf s_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xlib6g-dev_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xl ib6g-dev_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xlib6g-static_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xl ib6g-static_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xlib6g_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xl ib6g_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xmh_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xm h_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xnest_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xn est_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xproxy_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xp roxy_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xprt_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xp rt_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xserver-common_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xs erver-common_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xserver-fbdev_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xs erver-fbdev_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xsm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xs m_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xterm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xt erm_3.3.6-11potato32_powerpc.deb -
Debian 2.2 ppc xvfb_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xv fb_3.3.6-11potato32_powerpc.deb -
Debian 2.2 sparc rstartd_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/rsta rtd_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc twm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/twm_ 3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xbase-clients_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xbas e-clients_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xdm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xdm_ 3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xext_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xext _3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xfs_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xfs_ 3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xlib6g-dev_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib 6g-dev_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xlib6g-static_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib 6g-static_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xlib6g_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib 6g_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xmh_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xmh_ 3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xnest_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xnes t_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xproxy_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xpro xy_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xprt_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xprt _3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-3dlabs_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-3dlabs_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-common_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-common_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-fbdev_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-fbdev_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-mach64_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-mach64_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-xsun-mono_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-xsun-mono_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-xsun_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-xsun_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xserver-xsun24_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xser ver-xsun24_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xsm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xsm_ 3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xterm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xter m_3.3.6-11potato32_sparc.deb -
Debian 2.2 sparc xvfb_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xvfb _3.3.6-11potato32_sparc.deb -
FreeBSD 3.x XFree86-4.0.2_5.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/x11/XFr ee86-4.0.2_5.tgz -
FreeBSD 4.x XFree86-4.0.2_5.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/x11/XFr ee86-4.0.2_5.tgz -
FreeBSD 5.x XFree86-4.0.2_5.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/x11/XF ree86-4.0.2_5.tgz -
Red Hat 6.2 alpha XFree86-100dpi-fonts-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-100dpi-fonts-3.3.6-29 .alpha.rpm -
Red Hat 6.2 alpha XFree86-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-3.3.6-29.alpha.rpm -
Red Hat 6.2 alpha XFree86-3DLabs-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-3DLabs-3.3.6-29.alpha .rpm -
Red Hat 6.2 alpha XFree86-75dpi-fonts-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-75dpi-fonts-3.3.6-29. alpha.rpm -
Red Hat 6.2 alpha XFree86-cyrillic-fonts-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-cyrillic-fonts-3.3.6- 29.alpha.rpm -
Red Hat 6.2 alpha XFree86-devel-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-devel-3.3.6-29.alpha. rpm -
Red Hat 6.2 alpha XFree86-doc-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-doc-3.3.6-29.alpha.rp m -
Red Hat 6.2 alpha XFree86-FBDev-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-FBDev-3.3.6-29.alpha. rpm -
Red Hat 6.2 alpha XFree86-libs-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-libs-3.3.6-29.alpha.r pm -
Red Hat 6.2 alpha XFree86-Mach64-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-Mach64-3.3.6-29.alpha .rpm -
Red Hat 6.2 alpha XFree86-Mono-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-Mono-3.3.6-29.alpha.r pm -
Red Hat 6.2 alpha XFree86-P9000-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-P9000-3.3.6-29.alpha. rpm -
Red Hat 6.2 alpha XFree86-S3-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-S3-3.3.6-29.alpha.rpm -
Red Hat 6.2 alpha XFree86-S3V-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-S3V-3.3.6-29.alpha.rp m -
Red Hat 6.2 alpha XFree86-SVGA-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-SVGA-3.3.6-29.alpha.r pm -
Red Hat 6.2 alpha XFree86-TGA-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-TGA-3.3.6-29.alpha.rp m -
Red Hat 6.2 alpha XFree86-xfs-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-xfs-3.3.6-29.alpha.rp m -
Red Hat 6.2 alpha XFree86-Xnest-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-Xnest-3.3.6-29.alpha. rpm -
Red Hat 6.2 alpha XFree86-Xvfb-3.3.6-29.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/XFree86-Xvfb-3.3.6-29.alpha.r pm -
Red Hat 6.2 i386 XFree86-100dpi-fonts-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-100dpi-fonts-3.3.6-29. i386.rpm -
Red Hat 6.2 i386 XFree86-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-3DLabs-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-3DLabs-3.3.6-29.i386.r pm -
Red Hat 6.2 i386 XFree86-75dpi-fonts-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-75dpi-fonts-3.3.6-29.i 386.rpm -
Red Hat 6.2 i386 XFree86-8514-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-8514-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-AGX-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-AGX-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-cyrillic-fonts-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-cyrillic-fonts-3.3.6-2 9.i386.rpm -
Red Hat 6.2 i386 XFree86-devel-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-devel-3.3.6-29.i386.rp m -
Red Hat 6.2 i386 XFree86-doc-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-doc-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-FBDev-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-FBDev-3.3.6-29.i386.rp m -
Red Hat 6.2 i386 XFree86-I128-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-I128-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-libs-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-libs-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-Mach32-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-Mach32-3.3.6-29.i386.r pm -
Red Hat 6.2 i386 XFree86-Mach64-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-Mach64-3.3.6-29.i386.r pm -
Red Hat 6.2 i386 XFree86-Mach8-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-Mach8-3.3.6-29.i386.rp m -
Red Hat 6.2 i386 XFree86-Mono-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-Mono-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-P9000-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-P9000-3.3.6-29.i386.rp m -
Red Hat 6.2 i386 XFree86-S3-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-S3-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-S3V-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-S3V-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-SVGA-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-SVGA-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-VGA16-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-VGA16-3.3.6-29.i386.rp m -
Red Hat 6.2 i386 XFree86-W32-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-W32-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-XF86Setup-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-XF86Setup-3.3.6-29.i38 6.rpm -
Red Hat 6.2 i386 XFree86-xfs-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-xfs-3.3.6-29.i386.rpm -
Red Hat 6.2 i386 XFree86-Xnest-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-Xnest-3.3.6-29.i386.rp m -
Red Hat 6.2 i386 XFree86-Xvfb-3.3.6-29.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/XFree86-Xvfb-3.3.6-29.i386.rpm -
Red Hat 6.2 sparc XFree86-100dpi-fonts-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-100dpi-fonts-3.3.6-29 .sparc.rpm -
Red Hat 6.2 sparc XFree86-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-3.3.6-29.sparc.rpm -
Red Hat 6.2 sparc XFree86-3DLabs-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-3DLabs-3.3.6-29.sparc .rpm -
Red Hat 6.2 sparc XFree86-75dpi-fonts-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-75dpi-fonts-3.3.6-29. sparc.rpm -
Red Hat 6.2 sparc XFree86-cyrillic-fonts-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-cyrillic-fonts-3.3.6- 29.sparc.rpm -
Red Hat 6.2 sparc XFree86-devel-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-devel-3.3.6-29.sparc. rpm -
Red Hat 6.2 sparc XFree86-doc-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-doc-3.3.6-29.sparc.rp m -
Red Hat 6.2 sparc XFree86-FBDev-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-FBDev-3.3.6-29.sparc. rpm -
Red Hat 6.2 sparc XFree86-libs-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-libs-3.3.6-29.sparc.r pm -
Red Hat 6.2 sparc XFree86-Mach64-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-Mach64-3.3.6-29.sparc .rpm -
Red Hat 6.2 sparc XFree86-Sun-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-Sun-3.3.6-29.sparc.rp m -
Red Hat 6.2 sparc XFree86-Sun24-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-Sun24-3.3.6-29.sparc. rpm -
Red Hat 6.2 sparc XFree86-SunMono-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-SunMono-3.3.6-29.spar c.rpm -
Red Hat 6.2 sparc XFree86-VGA16-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-VGA16-3.3.6-29.sparc. rpm -
Red Hat 6.2 sparc XFree86-xfs-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-xfs-3.3.6-29.sparc.rp m -
Red Hat 6.2 sparc XFree86-Xnest-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-Xnest-3.3.6-29.sparc. rpm -
Red Hat 6.2 sparc XFree86-Xvfb-3.3.6-29.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/XFree86-Xvfb-3.3.6-29.sparc.r pm
References
XFree86 Xserver Denial of Service Vulnerability
References:
References: