Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: GLSA-200611-17 Normal: Fvwm Command Injection Threat

gentoo
Calendar Grey November 23, 2006
Dist Gentoo Esm H88
An issue present in fvwm-menu-directory could permit localized threat actors to run commands with higher privileges in the Gentoo Linux environment.
A flaw in fvwm-menu-directory may permit a local attacker to execute arbitrary commands with the privileges of another user.

Summary

Gentoo Linux Security Advisory GLSA 200611-17 https://security.gentoo.org/ Severity: Normal Title: fvwm: fvwm-menu-directory fvwm command injection Date: November 23, 2006 Bugs: #155078 ID: 200611-17

Synopsis ======= A flaw in fvwm-menu-directory may permit a local attacker to execute arbitrary commands with the privileges of another user.
Background ========= fvwm is a highly configurable virtual window manager for X11 desktops. fvwm-menu-directory allows fvwm users to browse directories from within fvwm.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 x11-wm/fvwm < 2.5.18-r1 >= 2.5.18-r1
========== Tavis Ormandy of the Gentoo Linux Security Audit Team di...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo user privilege escalation command injection normal fvwm

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo user privilege escalation command injection normal fvwm

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here