CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
EPSS
Percentile
28.8%
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user’s Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | xdm | < 1:1.0.5-1 | xdm_1:1.0.5-1_all.deb |
Debian | 11 | all | xdm | < 1:1.0.5-1 | xdm_1:1.0.5-1_all.deb |
Debian | 999 | all | xdm | < 1:1.0.5-1 | xdm_1:1.0.5-1_all.deb |
Debian | 13 | all | xdm | < 1:1.0.5-1 | xdm_1:1.0.5-1_all.deb |
Debian | 12 | all | xorg | < 1:7.1.0-13 | xorg_1:7.1.0-13_all.deb |
Debian | 11 | all | xorg | < 1:7.1.0-13 | xorg_1:7.1.0-13_all.deb |
Debian | 999 | all | xorg | < 1:7.1.0-13 | xorg_1:7.1.0-13_all.deb |
Debian | 13 | all | xorg | < 1:7.1.0-13 | xorg_1:7.1.0-13_all.deb |