← voltar
CVE-2006-4447

CVE-2006-4447

EPSS 0.4%
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.freedesktop.org/archives/xorg/2006-June/016146.htmlhttp://mail.gnome.org/archives/beast/2006-December/msg00025.htmlhttp://secunia.com/advisories/21650http://secunia.com/advisories/21660http://secunia.com/advisories/21693http://secunia.com/advisories/22332http://secunia.com/advisories/25032http://secunia.com/advisories/25059http://security.gentoo.org/glsa/glsa-200608-25.xmlhttp://security.gentoo.org/glsa/glsa-200704-22.xmlhttp://www.debian.org/security/2006/dsa-1193http://www.kb.cert.org/vuls/id/300368