xorg-x11-server security and bug fix update

1.20.11-17 - Fix xvfb-run script with --listen-tcp Resolves: rhbz2172116 1.20.11-16 - CVE-2023-0494 2166973 1.20.11-15 - Follow-up fix for CVE-2022-46340 2151776 1.20.11-14 - CVE fix for: CVE-2022-4283 2151801, CVE-2022-46340 2151776, CVE-2022-46341 2151781, CVE-2022-46342 2151788, CVE-2022-46343...

SUSE CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

RubyGems 'thumbshooter'远程命令执行漏洞

BUGTRAQ ID: 58706 RubyGems thumbshooter可以通过webkit和qt4创建thumbshots网站。 thumbshooter因未对用户输入进行充分检查而致使存在命令执行漏洞，攻击者成功利用后可在受影响应用中执行任意命令。 0 rubygems thumbshooter 厂商补丁： rubygems -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://rubygems.org/gems/thumbshooter 1012 command "xvfb-run -a...

Ubuntu Update for xorg-server vulnerabilities USN-939-1

Ubuntu Update for Linux kernel vulnerabilities USN-939-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9391.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for xorg-server vulnerabilities USN-939-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.04 LTS / 9.04 / 9.10 : xorg-server vulnerabilities (USN-939-1)

Loic Minier discovered that xvfb-run did not correctly keep the X.org session cookie private. A local attacker could gain access to any local sessions started by xvfb-run. Ubuntu 9.10 was not affected. CVE-2009-1573 It was discovered that the X.org server did not correctly handle certain...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

DEBIAN-CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

Command injection

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

CVE-2009-1573

What is affected. xvfb-run 1.6.1 (Debian/Ubuntu/Fedora and possibly other OSes) has the flaw. The root cause described in the CVE context is that the X11 magic cookie (MCOOKIE) is exposed on the command line, which can be discovered by local users. Impact. Local privilege escalation by listing th...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...