CVE-2006-5214

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.

References

http://secunia.com/advisories/22323

http://secunia.com/advisories/22439

http://secunia.com/advisories/22469

http://secunia.com/advisories/22992

http://securitytracker.com/id?1017015

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1

http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm

http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804

http://www.securityfocus.com/bid/20400

http://www.ubuntu.com/usn/usn-364-1

http://www.vupen.com/english/advisories/2006/3962

https://bugs.freedesktop.org/show_bug.cgi?id=5897

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1760

Details

Source: MITRE

Published: 2006-10-10

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 1.2

Vector: AV:L/AC:H/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 1.9

Severity: LOW

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
27944Ubuntu 5.10 / 6.06 LTS : xinit vulnerability (USN-364-1)NessusUbuntu Local Security Checks
low
27714Fedora 7 : xorg-x11-xinit-1.0.2-21.fc7 (2007-1409)NessusFedora Local Security Checks
low
24410Solaris 9 (x86) : 124831-01NessusSolaris Local Security Checks
low
24407Solaris 9 (sparc) : 124830-01NessusSolaris Local Security Checks
low
23994Solaris 10 (sparc) : 124457-03 (deprecated)NessusSolaris Local Security Checks
low
23918Solaris 10 (x86) : 124458-03 (deprecated)NessusSolaris Local Security Checks
low
23447Solaris 8 (x86) : 111845-04NessusSolaris Local Security Checks
low
23335Solaris 8 (sparc) : 111844-04NessusSolaris Local Security Checks
low