CVE-2006-5214 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-5214
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5214

Description: Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-364-1 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1 ST 1017015 SAID Secunia Advisory: SA22323 Secunia Advisory: SA22439 Secunia Advisory: SA22469 Secunia Advisory: SA22992 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1760 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804 BID 20400

Return to the previous page.