New Search

Security Vulnerability in X Display Manager (xdm(1)) Xsession Script

oval:org.mitre.oval:def:1760

Race condition in the Xsession script as used by X Display Manager (xdm) in NetBSD before 20060212 X.Org before 20060225 and Solaris 8 through 10 before 20061006 causes a user's Xsession errors file to have weak permissions before a chmod is performed which allows local users to read Xsession errors files of other users.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 9
  • Sun Solaris 8
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2006-5214
Product(s):