Computer Security
[EN] securityvulns.ru no-pyccku


Multiple terminal clients X sessions hijack
Published:08.05.2008
Source:
SecurityVulns ID:8976
Type:local
Threat Level:
5/10
Description:Terminal always opens :0 display if DISPLAY is not set.
Affected:ETERM : eterm 0.9
 RXVT : rxvt 2.7
 ATERM : aterm 1.0
 MRXVT : mrxvt 0.5
 MULTIATERM : multi-aterm 0.2
 RXVT : rxvt-unicode 9.02
CVE:CVE-2008-1692 (Eterm 0.9.4 opens an xterm on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.)
 CVE-2008-1142
Original documentdocumentGENTOO, [ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation (08.05.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod