29 matches found
MiracleLinux 7 : xdg-user-dirs-0.15-5.el7 (AXSA:2018-2892:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2892:01 advisory. xdg-user-dirs, gnome-session: Xsession creation of XDG user directories does not honor system umask policy CVE-2017-15131 Tenable has extracted the preceding...
EUVD-2000-1046
Malware in sbrugna...
EUVD-1999-1328
Malware in sbrugna...
EUVD-2005-0820
Malware in sbrugna...
EUVD-2006-5199
Malware in sbrugna...
MGASA-2018-0215 Updated xdg-user-dirs packages fix security vulnerability
Xsession creation of XDG user directories does not honour system umask policy CVE-2017-15131...
xdg security update
CentOS Errata and Security Advisory CESA-2018:0842 An update for xdg-user-dirs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Code injection
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux...
UBUNTU-CVE-2017-15131
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux...
CVE-2017-15131
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux...
XSession race conditions
Race conditions allows different user to see error messages...
DEBIAN-CVE-2006-5215
The Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file...
CVE-2006-5215
The Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file...
CVE-2006-5214
Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...
CVE-2006-5214
Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...
CVE-2006-5214
Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...
CVE-2006-5215
CVE-2006-5215 describes a local vulnerability in the Xsession script used by XDM across NetBSD, X.Org, and Solaris up to certain dates. The issue arises from a symlink attack on /tmp/xses-$USER, allowing a local user to overwrite arbitrary files or read another user’s Xsession errors file. Connec...
CVE-2006-5214
CVE-2006-5214 describes a race condition in the Xsession handling of X Display Manager environments affecting NetBSD, X.Org, and Solaris releases as listed; the root cause is a window between creating the user’s Xsession errors file and applying the chmod, which can let local users read other use...
CVE-2006-5214
Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...
CVE-2006-5214
Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...