CVE-2011-0465
CVE-2011-0465
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057928.htmlhttp://lists.freedesktop.org/archives/xorg-announce/2011-April/001635.htmlhttp://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00002.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=680196http://secunia.com/advisories/44010http://secunia.com/advisories/44012http://secunia.com/advisories/44040http://secunia.com/advisories/44082http://secunia.com/advisories/44122http://secunia.com/advisories/44123