Vulnerabilities > CVE-2006-5397 - Unspecified vulnerability in X.Org Libx11 1.0.2/1.0.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN x-org
nessus
Summary
The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family | Mandriva Local Security Checks |
NASL id | MANDRAKE_MDKSA-2006-199.NASL |
description | The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. Updated packages have been patched to correct this issue. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24584 |
published | 2007-02-18 |
reporter | This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/24584 |
title | Mandrake Linux Security Advisory : libx11 (MDKSA-2006:199) |
code |
|
Statements
contributor | Mark J Cox |
lastmodified | 2007-03-14 |
organization | Red Hat |
statement | Not vulnerable. These issues did not affect the versions of libX11 as shipped with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. |
References
- https://bugs.freedesktop.org/show_bug.cgi?id=8699
- http://secunia.com/advisories/22642
- http://www.securityfocus.com/bid/20845
- http://secunia.com/advisories/22749
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:199
- http://www.vupen.com/english/advisories/2006/4289
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29956
- http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git%3Ba=commit%3Bh=686bb8b35acf6cecae80fe89b2b5853f5816ce19