Security Information / 1997 / Security Information -- superprobe

Debian Security Advisory

superprobe -- SuperProbe (of XFree86) contains a number of buffer overflows

Date Reported:

04 Mar 1997

Affected Packages:

xbase

Vulnerable:

No

Security database references:

No other external database security references currently available.

More information:

SuperProbe isn't installed with setuid root on Debian.

Original submitter of the report: <solar@ideal.ru>

SuperProbe is a program supplied with XFree86 (to determine the type of video hardware installed in the machine), and it is installed setuid root in many Linux distributions.

The overflow I'm exploiting is in the TestChip function [...]