Oval Definition:oval:org.mitre.oval:def:2205
Revision Date:2007-09-27Version:16
Title:Security Vulnerability in X Display Manager (xdm(1)) Xsession Script
Description:The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-5215
Platform(s):Sun Solaris 10
Sun Solaris 8
Sun Solaris 9
Product(s):
Definition Synopsis
  • Solaris 8 (SPARC) meets Sun Alert 102652
  • Solaris 8 (SPARC) is installed
  • AND NOT Patch 111844-04 or later installed
  • OR Solaris 9 (SPARC) meets Sun Alert 102652
  • Solaris 9 (SPARC) is installed
  • AND NOT Patch 124830-01 or later installed
  • OR Solaris 10 (SPARC) meets Sun Alert 102652
  • Solaris 10 (SPARC) is installed
  • AND NOT Patch 124457-01 or later installed
  • OR Solaris 8 (x86) meets Sun Alert 102652
  • Solaris 8 (x86) is installed
  • AND NOT Patch 111845-04 or later installed
  • OR Solaris 9 (x86) meets Sun Alert 102652
  • Solaris 9 (x86) is installed
  • AND NOT Patch 124831-01 or later installed
  • OR Solaris 10 (x86) meets Sun Alert 102652
  • Solaris 10 (x86) is installed
  • AND NOT Patch 124458-01 or later installed
  • BACK