Vulnerabilities > CVE-2005-0023 - Unspecified vulnerability in Gnome Libvte4 and Libzvt2

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

gnome

exploit available

NVD

Published: 2005-10-05

Updated: 2017-07-11

Summary

gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.

Vulnerable Configurations

Part	Description	Count
Application	Gnome Gnome Libvte4 * Gnome Libzvt2 1.4.2.19	2

Exploit-Db

description	Gnome-PTY-Helper UTMP Hostname Spoofing Vulnerability. CVE-2005-0023. Local exploit for linux platform
id	EDB-ID:26321
last seen	2016-02-03
modified	2005-10-03
published	2005-10-03
reporter	Paul Szabo
source	https://www.exploit-db.com/download/26321/
title	Gnome-PTY-Helper UTMP Hostname Spoofing Vulnerability

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330907
http://bugzilla.gnome.org/show_bug.cgi?id=317312
http://marc.info/?l=bugtraq&m=112879572407250&w=2
http://secunia.com/advisories/17023
http://www.securityfocus.com/bid/15004
http://www.vupen.com/english/advisories/2005/1931
https://exchange.xforce.ibmcloud.com/vulnerabilities/22496