Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1142HistoryApr 07, 2008 - 5:44 p.m.
CVE-2008-1142
2008-04-0717:44:00
Debian Security Bug Tracker
security-tracker.debian.org
8
EPSS
0
Percentile
10.1%
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | rxvt | < 1:2.7.10-7 | rxvt_1:2.7.10-7_all.deb |
Related
nessus
nessus
openSUSE Security Update : rxvt-unicode (rxvt-unicode-163)
2009-07-21 00:00:00
Mandriva Linux Security Advisory : rxvt (MDVSA-2008:161)
2009-04-23 00:00:00
openSUSE 10 Security Update : rxvt-unicode (rxvt-unicode-5541)
2008-08-24 00:00:00
prion
prion
Code injection
2008-04-07 17:44:00
openvas
openvas
Mandriva Update for rxvt MDVSA-2008:161 (rxvt)
2009-04-09 00:00:00
Mandriva Update for rxvt MDVSA-2008:161 (rxvt)
2009-04-09 00:00:00
cvelist
cvelist
CVE-2008-1142
2008-04-07 17:00:00
nvd
nvd
CVE-2008-1142
2008-04-07 17:44:00
cve
cve
CVE-2008-1142
2008-04-07 17:44:00
ubuntucve
ubuntucve
CVE-2008-1142
2008-04-07 00:00:00
securityvulns
securityvulns
[ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation
2008-05-08 00:00:00
Multiple terminal clients X sessions hijack
2008-05-08 00:00:00
gentoo
gentoo
Multiple X11 terminals: Local privilege escalation
2008-05-07 00:00:00
osv
osv
rxvt-unicode-9.22-1.1 on GA media
2024-06-15 00:00:00
seebug
seebug
rxvt终端X11显示任意代码执行漏洞
2008-08-11 00:00:00