Lucene search
Gentoo FoundationMGASA-2014-0111HistoryMar 02, 2014 - 2:55 a.m.
Updated x2goserver package fixes security vulnerability
2014-03-0202:55:00
Gentoo Foundation
advisories.mageia.org
6
0.054 Low
EPSS
Percentile
93.1%
A vulnerability in x2goserver before 4.0.0.2 in the setgid wrapper x2gosqlitewrapper.c, which does not hardcode an internal path to x2gosqlitewrapper.pl, allowing a remote attacker to change that path. A remote attacker may be able to execute arbitrary code with the privileges of the user running the server process (CVE-2013-4376). A vulnerability in x2goserver before 4.0.0.8 in x2gocleansessions has also been fixed.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | x2goserver | < 4.0.1.13-1 | x2goserver-4.0.1.13-1.mga3 |
Related
securityvulns
securityvulns
[ MDVSA-2014:063 ] x2goserver
2014-03-18 00:00:00
x2goserver privilege escalation
2014-03-18 00:00:00
prion
prion
Path traversal
2013-12-09 16:36:00
cve
cve
CVE-2013-4376
2013-12-09 16:36:00
gentoo
gentoo
X2Go Server: Arbitrary code execution
2013-10-28 00:00:00
debiancve
debiancve
CVE-2013-4376
2013-12-09 16:36:00
nessus
nessus
GLSA-201310-19 : X2Go Server: Arbitrary code execution
2013-10-29 00:00:00
Mandriva Linux Security Advisory : x2goserver (MDVSA-2014:063)
2014-03-18 00:00:00
cvelist
cvelist
CVE-2013-4376
2013-12-09 11:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201310-19
2015-09-29 00:00:00
Mageia: Security Advisory (MGASA-2014-0111)
2022-01-28 00:00:00