Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1692

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-1692
Last Modified 26 Feb 2009 01:51:38
Published 07 Apr 2008 02:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1692

Summary

Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

Vulnerable Systems

Application

  • Eterm 0.9.4


References

BID - 28512

MANDRIVA - MDVSA-2008:222

GENTOO - GLSA-200805-03

SECUNIA - 29577

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127


Last Updated: 27 May 2016 10:47:38