User: Password:
|
|
Subscribe / Log in / New account

x2goserver: code execution

Package(s):x2goserver CVE #(s):CVE-2013-4376
Created:October 28, 2013 Updated:March 18, 2014
Description: From the Gentoo advisory:

A vulnerability in the setgid wrapper x2gosqlitewrapper.c does not hardcode an internal path to x2gosqlitewrapper.pl, allowing a remote attacker to change that path.

A remote attacker may be able to execute arbitrary code with the privileges of the user running the server process.

Alerts:
Mandriva MDVSA-2014:063 x2goserver 2014-03-17
Mageia MGASA-2014-0111 x2goserver 2014-03-01
Fedora FEDORA-2014-0168 x2goserver 2014-01-13
Fedora FEDORA-2014-0202 x2goserver 2014-01-13
Gentoo 201310-19 x2goserver 2013-10-28

(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds