FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xrdb -- root hole via rogue hostname

Affected packages
xrdb < 1.0.6_1

Details

VuXML ID 2eccb24f-61c0-11e0-b199-0015f2db7bde
Discovery 2011-04-05
Entry 2011-04-14

Matthias Hopf reports:

By crafting hostnames with shell escape characters, arbitrary commands can be executed in a root environment when a display manager reads in the resource database via xrdb.

These specially crafted hostnames can occur in two environments:

Systems are affected are: systems set their hostname via DHCP, and the used DHCP client allows setting of hostnames with illegal characters. And systems that allow remote logins via xdmcp.

References

CVE Name CVE-2011-0465
URL http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html