CVE-2006-4447 xtrans

Metadata

high
7.2
xtrans
CVE-2006-4447
2017-06-18 07:03
CVE-2006-4447 xorg-server
CVE-2006-4447 libx11
CVE-2006-4447 xterm
CVE-2006-4447 xdm
CVE-2006-4447
2017-06-16 18:46
2017-04-01 19:11
2017-01-05 20:16

Description

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster xtrans 1.0.0-6
jessie xtrans 1.0.0-6
sid xtrans 1.0.0-6
stretch xtrans 1.0.0-6
wheezy xtrans 1.0.0-6