[ILUG] NVIDIA Binary Graphics Driver Exploit
Ewan Oughton
ewan at skynet.ie
Tue Oct 17 15:45:11 IST 2006
Which didn't work for me on my RHEL4 box using v8774(the latest non-beta)
and it didn't work... *shrugs* I don't feel that threatened by this tbh...
I reckon this will be added to the list of things script kiddies scan
for..
Ewan
Ewan Oughton B.Sc. Comp Sys
DB / AnonFTP / Orac Root Admin SkyNet
On Tue, 17 Oct 2006, paul at clubi.ie wrote:
> On Tue, 17 Oct 2006, Ewan Oughton wrote:
>
>> Or just make sure your X server is listening on the lo interface only...
>
> That's nice, but the NVidia bug can be exploited just by displaying certain
> glyphs, so the definition of 'remote' things to avoid (when using NVidias'
> closed driver) also includes:
>
> - viewing email
> - viewing web pages
> etc..
>
> See:
>
> http://nvidia.com/content/license/location_0605.asp?url=';a='a';i=18;while(i--)a%2B=a;location=a;//
>
> and:
>
> http://it.slashdot.org/comments.pl?sid=201041&cid=16460143
>
> regards,
> --
> Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
> Fortune:
> People who push both buttons should get their wish.
>
More information about the ILUG
mailing list