The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp.

The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010)

    Vulnerabilities have been discovered in the packages listed below.
      Please review the CVE identifiers in the Reference section for details.
      Insight       Perl Tk Module       Source-Navigator       Tk       Partimage       Mlmmj       acl       Xinit       gzip       ncompress       liblzw       splashutils       GNU M4       KDE Display Manager       GTK+       KGet       dvipng       Beanstalk       Policy Mount       pam_krb5       GNU gv       LFTP       Uzbl       Slim       Bitdefender Console       iputils       DVBStreamer   Impact :

    A context-dependent attacker may be able to gain escalated privileges,       execute arbitrary code, cause Denial of Service, obtain sensitive       information, or otherwise bypass security restrictions.
  Workaround :

    There are no known workarounds at this time.

update_slim_wmlist RE fix

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

SLiM assigns logged on users a PATH in which the current working directory ('./') is included. This PATH can allow unintentional code execution through planted binaries and has therefore been fixed SLiM version 1.3.2.

ID	Name	Product	Family	Severity
79961	GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010	Nessus	Gentoo Local Security Checks	critical
49160	Fedora 12 : slim-1.3.2-2.fc12 (2010-13897)	Nessus	Fedora Local Security Checks	medium
49159	Fedora 13 : slim-1.3.2-2.fc13 (2010-13890)	Nessus	Fedora Local Security Checks	medium
49158	Fedora 14 : slim-1.3.2-2.fc14 (2010-13843)	Nessus	Fedora Local Security Checks	medium
48380	FreeBSD : slim -- insecure PATH assignment (68c7187a-abd2-11df-9be6-0015587e2cc1)	Nessus	FreeBSD Local Security Checks	medium

Detections

Analytics

CVE-2010-2945

high

Tenable Plugins

critical

medium

medium

medium

medium