From rsoen@nigtevecht.xs4all.nl  Wed Dec 19 14:10:31 2001
Return-Path: <rsoen@nigtevecht.xs4all.nl>
Received: from smtpzilla5.xs4all.nl (smtpzilla5.xs4all.nl [194.109.127.141])
	by hub.freebsd.org (Postfix) with ESMTP id 54DB137B405
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 19 Dec 2001 14:10:30 -0800 (PST)
Received: from groover (node-c-3a37.a2000.nl [62.194.58.55])
	by smtpzilla5.xs4all.nl (8.12.0/8.12.0) with SMTP id fBJMAEdp066034;
	Wed, 19 Dec 2001 23:10:14 +0100 (CET)
Message-Id: <000401c188d9$ecaf8090$01fa10ac@groover>
Date: Wed, 19 Dec 2001 23:10:05 +0100
From: "xs4all" <rsoen@nigtevecht.xs4all.nl>
To: "Jake" <bugtraq@10k.org>, <corecode@corecode.ath.cx>
Cc: <FreeBSD-gnats-submit@freebsd.org>, <bugtraq@securityfocus.com>,
	<robkli-8@student.luth.se>, <timecop@japan.co.jp>,
	<vuln-watch@vulnwatch.org>
Subject: Re: wmcube-gdk is vulnerable to a local exploit 
References: <Pine.GSO.4.42.0112191152140.9256-100000@matrix.10k.org>

>Number:         33019
>Category:       ports
>Synopsis:       Re: wmcube-gdk is vulnerable to a local exploit
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    gnats-admin
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Dec 19 14:20:00 PST 2001
>Closed-Date:    Mon Dec 24 11:16:40 PST 2001
>Last-Modified:  Wed Oct 26 05:11:33 GMT 2005
>Originator:     
>Release:        
>Organization:
>Environment:
>Description:
 unsubscribe
 
 ----- Original Message -----
 From: "Jake" <bugtraq@10k.org>
 To: <corecode@corecode.ath.cx>
 Cc: <FreeBSD-gnats-submit@freebsd.org>; <bugtraq@securityfocus.com>;
 <robkli-8@student.luth.se>; <timecop@japan.co.jp>;
 <vuln-watch@vulnwatch.org>
 Sent: Wednesday, December 19, 2001 6:04 PM
 Subject: Re: wmcube-gdk is vulnerable to a local exploit
 
 
 >
 > The program X3 (http://www.10k.org/jake/soft.html), a wmcube clone for
 > Mac OS X is not susceptible to these issue as the entire codebase was
 > complete rewritten in Objective-C:
 >
 > 1) object file parsing is done carefully using the NSString/NSScanner
 >    objects.
 >
 > 2) system load doesn't rely on /proc and is instead measured using
 >    mach's host_processor_info() call.
 >
 > jake
 >
 >
 >
 >
 >
 >
 
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: dd 
State-Changed-When: Mon Dec 24 11:16:40 PST 2001 
State-Changed-Why:  
not a new pr 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=33019 
>Unformatted:
