Mandriva Linux Security Advisory : xrdb (MDVSA-2011:076)
High Nessus Plugin ID 53524
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA vulnerability has been found and corrected in xrdb :
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message (CVE-2011-0465).
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
The updated packages have been patched to correct this issue.
SolutionUpdate the affected xrdb package.