X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-08-30T01:00:00
Updated: 2006-09-07T09:00:00
Reserved: 2006-08-29T00:00:00
Link: CVE-2006-4447
JSON object: View
NVD Information
Status : Modified
Published: 2006-08-30T01:04:00.000
Modified: 2011-03-08T02:40:58.173
Link: CVE-2006-4447
JSON object: View
Redhat Information
No data.
CWE