Oval Definition:oval:org.mitre.oval:def:1436
Revision Date:2007-02-20Version:17
Title:Solaris CDE DTLogin XDMCP Parser Remote Double Free Vulnerability
Description:Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0368
Platform(s):Sun Solaris 7
Product(s):Common Desktop Environment
Definition Synopsis
  • Software section
  • File /usr/dt/bin/dtlogin exists
  • AND Solaris 7,8,or 9 installed
  • Solaris 8 Installed
  • OR Solaris 7 Installed
  • OR Solaris 9 Installed
  • AND Patch 108919-21 or later installed
  • AND Patch 112807-09 or later installed
  • AND Patch 107180-31 or later installed
  • AND Configuration section
  • dtlogin running
    • BACK