Oval Definition:oval:org.mitre.oval:def:1760
Revision Date:2007-09-27Version:16
Title:Security Vulnerability in X Display Manager (xdm(1)) Xsession Script
Description:Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-5214
Platform(s):Sun Solaris 10
Sun Solaris 8
Sun Solaris 9
Product(s):
Definition Synopsis
  • Solaris 8 (SPARC) meets Sun Alert 102652
  • Solaris 8 (SPARC) is installed
  • AND NOT Patch 111844-04 or later installed
  • OR Solaris 9 (SPARC) meets Sun Alert 102652
  • Solaris 9 (SPARC) is installed
  • AND NOT Patch 124830-01 or later installed
  • OR Solaris 10 (SPARC) meets Sun Alert 102652
  • Solaris 10 (SPARC) is installed
  • AND NOT Patch 124457-01 or later installed
  • OR Solaris 8 (x86) meets Sun Alert 102652
  • Solaris 8 (x86) is installed
  • AND NOT Patch 111845-04 or later installed
  • OR Solaris 9 (x86) meets Sun Alert 102652
  • Solaris 9 (x86) is installed
  • AND NOT Patch 124831-01 or later installed
  • OR Solaris 10 (x86) meets Sun Alert 102652
  • Solaris 10 (x86) is installed
  • AND NOT Patch 124458-01 or later installed
    • BACK