Nick Boyce wrote: > On 11/7/06, Raphael Marichez <[EMAIL PROTECTED]> wrote: > > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Gentoo Linux Security Advisory GLSA 200611-03 > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > http://security.gentoo.org/ > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > > > Severity: High > > Title: NVIDIA binary graphics driver: Privilege escalation > > vulnerability > > Date: November 07, 2006 > > Bugs: #151635 > > ID: 200611-03 > > > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > > > Synopsis > > ======== > > > > The NVIDIA binary graphics driver is vulnerable to a local privilege > > escalation > [snip] > > > An X client could trigger the buffer overflow with a maliciously > > crafted series of glyphs. A remote attacker could also entice a user to > > open a specially crafted web page, document or X client that will > > trigger the buffer overflow. > > um ... doesn't that make it a *remote* privilege escalation ?
Well, any file parsing bug could be considered a "remote" vulnerability if you consider the prospect of downloading a malicious file from the internet. I don't think that remote X clients are an issue; the last time I checked, the driver in question was only used for direct rendering, which requires a local X client, while indirect rendering uses the built-in software renderer. -- Glynn Clements <[EMAIL PROTECTED]>
