[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: *Serious* security problem with nVidia binary driver



On 10/16/06, Andy Green <andy warmcat com> wrote:
Lonni J Friedman wrote:

> This bug was fixed in NVIDIA's 1.0-9625 driver release (last month):
> http://www.nzone.com/object/nzone_downloads_rel70betadriver.html

This isn't what the advisory says:

  Published:  Oct 16, 2006
    Revision:   1.0
    http://www.rapid7.com/advisories/R7-0025.jsp
...
    KNOWN FIXED:
     o None
...
    As of the publication date, the latest NVIDIA binary driver is still
    vulnerable.

Maybe they discount the version you linked to because it calls itself a
beta.

I just verified that their exploit works in 1.0-8774 and doesn't work
in 1.0-9625.  Also, there's a 1.0-9626 driver out which isn't a beta
(that was released last week).


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]