CVE-2011-0465
Published: 6 April 2011
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Priority
Status
Package | Release | Status |
---|---|---|
x11-xserver-utils Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
hardy |
Released
(7.3+2ubuntu0.1)
|
|
karmic |
Released
(7.4+2ubuntu3.1)
|
|
lucid |
Released
(7.5+1ubuntu2.1)
|
|
maverick |
Released
(7.5+2ubuntu1.1)
|
|
Patches: upstream: http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56 |