CVE-2009-1573 Information
Share on:
Feb 14, 2021
cve
Description
xvfb-run 1.6.1 in Debian GNU/Linux Ubuntu Fedora 10 and possibly other operating systems place the magic cookie (MCOOKIE) on the command line which allows local users to gain privileges by listing the process and its arguments.
Reference
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526678 http://secunia.com/advisories/39834 http://www.openwall.com/lists/oss-security/2009/05/05/2 http://www.openwall.com/lists/oss-security/2009/05/05/4 http://www.securityfocus.com/bid/34828 http://www.ubuntu.com/usn/USN-939-1 http://www.vupen.com/english/advisories/2010/1185 https://exchange.xforce.ibmcloud.com/vulnerabilities/50348