NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux

Vulnerable SUID script in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts 21 September 2011 NGS Secure has discovered a High risk vulnerability in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts. Impact:...

Re: NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux

Research@NGSSecure [email protected] wrote: Vulnerable SUID script in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts 21 September 2011 NGS Secure has discovered a High risk vulnerability in nomachine NX Server for Linux 3.5.0-4 Advanced and...

NX: User-assisted execution of arbitrary code

Background NoMachine's NX establishes remote connections to X11 desktops over small bandwidth links. NX and NX Node are the compression core libraries, whereas NX is used by FreeNX and NX Node by the binary-only NX servers. Description Multiple integer overflow and buffer overflow vulnerabilities...

NX 2.1: User-assisted execution of arbitrary code

Background NoMachine's NX establishes remote connections to X11 desktops over small bandwidth links. NX and NX Node are the compression core libraries, whereas NX is used by FreeNX and NX Node by the binary-only NX servers. Description Chris Evans reported an integer overflow within the FreeType...

NoMachine NX Server privilege escalation

nxconfigure.sh doesn't check invoking user, allowing configuration file modification...

Denial of service

nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service...

CVE-2007-0625

nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service...

CVE-2007-0625

nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service...

CVE-2007-0625

NoMachine NX Server (prior to version 2.1.0-18) is affected by CVE-2007-0625. The vulnerability lies in nxconfigure.sh, which does not validate the invoking user, allowing local users to modify server configuration keys in /usr/NX/etc/server.cfg. This can lead to an unspecified denial of service....