Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-4029HistoryJul 03, 2012 - 7:55 p.m.
CVE-2011-4029
2012-07-0319:55:00
Debian Security Bug Tracker
security-tracker.debian.org
15
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 11 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 10 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 999 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 13 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
Related
ubuntucve
ubuntucve
CVE-2011-4029
2011-10-18 00:00:00
CVE-2011-4613
2011-12-15 00:00:00
packetstorm
packetstorm
Xorg Permission Change
2011-10-27 00:00:00
prion
prion
Design/Logic Flaw
2012-07-03 19:55:00
cve
cve
CVE-2011-4029
2012-07-03 19:55:00
nessus
nessus
Oracle Solaris Third-Party Patch Update : xorg (cve_2011_4028_information_disclosure)
2015-01-19 00:00:00
openSUSE Security Update : xorg-x11-Xvnc (openSUSE-SU-2012:0227-1)
2014-06-13 00:00:00
Amazon Linux AMI : xorg-x11-server (ALAS-2012-104)
2013-09-04 00:00:00
suse
suse
xorg-x11-server (important)
2012-02-09 19:10:34
Security update for xorg-x11-server (important)
2011-12-02 08:08:16
openvas
openvas
SuSE Update for xorg-x11-server openSUSE-SU-2012:0227-1 (xorg-x11-server)
2012-08-02 00:00:00
Gentoo Security Advisory GLSA 201110-19 (xorg-server)
2012-02-12 00:00:00
Gentoo Security Advisory GLSA 201110-19 (xorg-server)
2012-02-12 00:00:00
centos
centos
xorg security update
2012-07-10 17:26:54
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2011-10-22 00:00:00
oraclelinux
oraclelinux
xorg-x11-server security and bug fix update
2012-06-27 00:00:00
exploitpack
exploitpack
X.Org xorg 1.4 1.11.2 - File Permission Change
2011-10-28 00:00:00
amazon
amazon
Low: xorg-x11-server
2012-07-05 16:24:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:42:01
redhat
redhat
(RHSA-2012:0939) Low: xorg-x11-server security and bug fix update
2012-06-20 00:00:00
seebug
seebug
Xorg 1.4 to 1.11.2 File Permission Change PoC
2014-07-01 00:00:00
freebsd
freebsd
Xorg server -- two vulnerabilities in X server lock handling code
2011-10-18 00:00:00
exploitdb
exploitdb
X.Org xorg 1.4 < 1.11.2 - File Permission Change
2011-10-28 00:00:00
securityvulns
securityvulns
[USN-1232-1] X.Org X server vulnerabilities
2011-10-20 00:00:00
X.Org multiple security vulnerabilities
2011-10-20 00:00:00
ubuntu
ubuntu
X.Org X server vulnerability
2011-10-20 00:00:00
X.Org X server vulnerabilities
2011-10-18 00:00:00
X.Org X server regression
2011-10-19 00:00:00
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for DEBIANCVE:CVE-2011-4029