Family: Debian Local Security Checks --> Category: infos
[DSA074] DSA-074-1 wmaker Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Alban Hertroys found a buffer overflow in Window Maker (a popular window
manager for X). The code that handles titles in the window list menu did
not check the length of the title when copying it to a buffer. Since
applications will set the title using data that can't be trusted (for
example, most web browsers will include the title of the web page being
shown in the title of their window), this could be exploited remotely.
This has been fixed in version 0.61.1-4.1 of the Debian package, and
upstream version 0.65.1. We recommend that you update your Window
Maker package immediately.
Solution : http://www.debian.org/security/2001/dsa-074
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.