CVE-2009-1756

Metadata

CVE-2009-1756
2.1
bugs.debian.org, openwall.com, securityfocus.com, exchange.xforce.ibmcloud.com, redhat.com, redhat.com
2009-05-22
2017-08-17 06:09

Description

SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.

Related Vulnerabilities

platform vulnerability
CVE-2009-1756 slim
CVE-2009-1756