Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-4028HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4028
2022-10-0316:15:14
Debian Security Bug Tracker
security-tracker.debian.org
13
x.org xserver
lockserver function
vulnerability
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 11 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 999 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
| Debian | 13 | all | xorg-server | < 2:1.11.1.901-2 | xorg-server_2:1.11.1.901-2_all.deb |
Related
nessus
nessus
Oracle Linux 5 : xorg-x11-server (ELSA-2012-0303)
2013-07-12 00:00:00
RHEL 5 : xorg-x11-server (RHSA-2012:0303)
2012-02-21 00:00:00
ubuntucve
ubuntucve
CVE-2011-4028
2011-10-18 00:00:00
openvas
openvas
RedHat Update for xorg-x11-server RHSA-2012:0303-03
2012-02-21 00:00:00
RedHat Update for xorg-x11-server RHSA-2012:0303-03
2012-02-21 00:00:00
Amazon Linux: Security Advisory (ALAS-2012-104)
2015-09-08 00:00:00
cve
cve
CVE-2011-4028
2022-10-03 16:15:14
redhat
redhat
(RHSA-2012:0303) Low: xorg-x11-server security and bug fix update
2012-02-21 00:00:00
(RHSA-2012:0939) Low: xorg-x11-server security and bug fix update
2012-06-20 00:00:00
veracode
veracode
Symlink Attack
2019-01-15 08:52:49
Denial Of Service (DoS)
2019-05-02 04:42:01
prion
prion
Code injection
2012-07-03 19:55:00
cvelist
cvelist
CVE-2011-4028
2022-10-03 16:15:14
nvd
nvd
CVE-2011-4028
2012-07-03 19:55:01
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2011-10-22 00:00:00
suse
suse
xorg-x11-server (important)
2012-02-09 19:10:34
Security update for xorg-x11-server (important)
2011-12-02 08:08:16
centos
centos
xorg security update
2012-07-10 17:26:54
freebsd
freebsd
Xorg server -- two vulnerabilities in X server lock handling code
2011-10-18 00:00:00
oraclelinux
oraclelinux
xorg-x11-server security and bug fix update
2012-06-27 00:00:00
xorg-x11-server security and bug fix update
2012-03-01 00:00:00
amazon
amazon
Low: xorg-x11-server
2012-07-05 16:24:00
ubuntu
ubuntu
X.Org X server regression
2011-10-19 00:00:00
X.Org X server vulnerability
2011-10-20 00:00:00
X.Org X server vulnerabilities
2011-10-18 00:00:00
securityvulns
securityvulns
[USN-1232-1] X.Org X server vulnerabilities
2011-10-20 00:00:00
X.Org multiple security vulnerabilities
2011-10-20 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: nx-libs-3.5.0.29-1.fc20
2015-03-26 21:29:40
[SECURITY] Fedora 22 Update: nx-libs-3.5.0.29-1.fc22
2015-03-21 04:53:26
[SECURITY] Fedora 21 Update: nx-libs-3.5.0.29-1.fc21
2015-03-26 21:51:39
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2011-4028