FreeBSD : xrdb -- root hole via rogue hostname (2eccb24f-61c0-11e0-b199-0015f2db7bde)
High Nessus Plugin ID 53439
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMatthias Hopf reports :
By crafting hostnames with shell escape characters, arbitrary commands can be executed in a root environment when a display manager reads in the resource database via xrdb.
These specially crafted hostnames can occur in two environments :
Systems are affected are: systems set their hostname via DHCP, and the used DHCP client allows setting of hostnames with illegal characters.
And systems that allow remote logins via xdmcp.
SolutionUpdate the affected package.