Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Gentoo: GLSA-200611-17 Normal: Fvwm Command Injection Threat

gentoo
Calendar Grey November 23, 2006
Dist Gentoo Esm H88
An issue present in fvwm-menu-directory could permit localized threat actors to run commands with higher privileges in the Gentoo Linux environment.
A flaw in fvwm-menu-directory may permit a local attacker to execute arbitrary commands with the privileges of another user.

Summary

Gentoo Linux Security Advisory GLSA 200611-17 https://security.gentoo.org/ Severity: Normal Title: fvwm: fvwm-menu-directory fvwm command injection Date: November 23, 2006 Bugs: #155078 ID: 200611-17

Synopsis ======= A flaw in fvwm-menu-directory may permit a local attacker to execute arbitrary commands with the privileges of another user.
Background ========= fvwm is a highly configurable virtual window manager for X11 desktops. fvwm-menu-directory allows fvwm users to browse directories from within fvwm.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 x11-wm/fvwm < 2.5.18-r1 >= 2.5.18-r1
========== Tavis Ormandy of the Gentoo Linux Security Audit Team di...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround