oss-sec mailing list archives
Re: CVE id request: slim
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 21 May 2009 20:24:24 -0400 (EDT)
====================================================== Name: CVE-2009-1756 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1756 Reference: MLIST:[oss-security] 20090518 CVE id request: slim Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/18/2 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306 Reference: BID:35015 Reference: URL:http://www.securityfocus.com/bid/35015 Reference: OSVDB:54583 Reference: URL:http://osvdb.org/54583 Reference: SECUNIA:35132 Reference: URL:http://secunia.com/advisories/35132 Reference: XF:slim-xauthority-info-disclosure(50611) Reference: URL:http://xforce.iss.net/xforce/xfdb/50611 SLiM Simple Login Manager 1.3.0 includes places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.
Current thread:
- CVE id request: slim Nico Golde (May 18)
- Re: CVE id request: slim Steven M. Christey (May 21)
- Re: CVE id request: slim Eygene Ryabinkin (May 21)
- Re: CVE id request: slim Steven M. Christey (May 22)
- Re: CVE id request: slim Eygene Ryabinkin (May 21)
- Re: CVE id request: slim Steven M. Christey (May 21)