RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Rxvt-unicode | Marc_lehmann | 3.4 (including) | 3.4 (including) |
| Rxvt-unicode | Marc_lehmann | 3.5 (including) | 3.5 (including) |
References
- http://cvs.schmorp.de/browse/rxvt-unicode/Changes?view=markup
- http://secunia.com/advisories/12299
- http://www.osvdb.org/8710
- http://www.securityfocus.com/bid/10959
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17000
- http://cvs.schmorp.de/browse/rxvt-unicode/Changes?view=markup
- http://secunia.com/advisories/12299
- http://www.osvdb.org/8710
- http://www.securityfocus.com/bid/10959
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17000