FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2eccb24f-61c0-11e0-b199-0015f2db7bde	xrdb -- root hole via rogue hostname Matthias Hopf reports: By crafting hostnames with shell escape characters, arbitrary commands can be executed in a root environment when a display manager reads in the resource database via xrdb. These specially crafted hostnames can occur in two environments: Systems are affected are: systems set their hostname via DHCP, and the used DHCP client allows setting of hostnames with illegal characters. And systems that allow remote logins via xdmcp. Discovery 2011-04-05 Entry 2011-04-14 xrdb < 1.0.6_1 CVE-2011-0465 http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html

VuXML ID

Description

2eccb24f-61c0-11e0-b199-0015f2db7bde

xrdb -- root hole via rogue hostname

Matthias Hopf reports:

By crafting hostnames with shell escape characters, arbitrary commands can be executed in a root environment when a display manager reads in the resource database via xrdb.

These specially crafted hostnames can occur in two environments:

Systems are affected are: systems set their hostname via DHCP, and the used DHCP client allows setting of hostnames with illegal characters. And systems that allow remote logins via xdmcp.

Discovery 2011-04-05
Entry 2011-04-14
xrdb

< 1.0.6_1

CVE-2011-0465
http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html