Lucene search

FreeBSD80F13884-4D4C-11DE-8811-0030843D3802

HistoryMay 20, 2009 - 12:00 a.m.

slim -- local disclosure of X authority magic cookie

2009-05-2000:00:00

vuxml.freebsd.org

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Secunia reports:

A security issue has been reported in SLiM, which can be
exploited by malicious, local users to disclose sensitive
information.
The security issue is caused due to the application
generating the X authority file by passing the X authority
cookie via the command line to “xauth”. This can be exploited
to disclose the X authority cookie by consulting the process
list and e.g. gain access the user’s display.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchslim< 1.3.1_3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	slim	< 1.3.1_3	UNKNOWN

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for 80F13884-4D4C-11DE-8811-0030843D3802