Summary
Detail | |||
---|---|---|---|
Vendor | Simone Rota | First view | 2009-05-22 |
Product | Slim Simple Login Manager | Last view | 2010-08-30 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.9 | 2010-08-30 | CVE-2010-2945 | The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp. |
2.1 | 2009-05-22 | CVE-2009-1756 | SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-200 | Information Exposure |
50% (1) | CWE-16 | Configuration |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
67309 | SLiM default_path PATH Environment Variable Inheritance Local Privilege Escal... |
54583 | SLiM xauth X Authority Cookie Local Disclosure |
OpenVAS Exploits
id | Description |
---|---|
2010-12-02 | Name : Fedora Update for slim FEDORA-2010-13843 File : nvt/gb_fedora_2010_13843_slim_fc14.nasl |
2010-09-10 | Name : Fedora Update for slim FEDORA-2010-13890 File : nvt/gb_fedora_2010_13890_slim_fc13.nasl |
2010-09-10 | Name : Fedora Update for slim FEDORA-2010-13897 File : nvt/gb_fedora_2010_13897_slim_fc12.nasl |
2010-08-21 | Name : FreeBSD Ports: slim File : nvt/freebsd_slim0.nasl |
2010-01-15 | Name : Fedora Update for slim FEDORA-2009-13551 File : nvt/gb_fedora_2009_13551_slim_fc11.nasl |
2010-01-15 | Name : Fedora Update for slim FEDORA-2009-13552 File : nvt/gb_fedora_2009_13552_slim_fc12.nasl |
2009-06-05 | Name : FreeBSD Ports: slim File : nvt/freebsd_slim.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-12-15 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO |
2010-09-09 | Name: The remote Fedora host is missing a security update. File: fedora_2010-13843.nasl - Type: ACT_GATHER_INFO |
2010-09-09 | Name: The remote Fedora host is missing a security update. File: fedora_2010-13890.nasl - Type: ACT_GATHER_INFO |
2010-09-09 | Name: The remote Fedora host is missing a security update. File: fedora_2010-13897.nasl - Type: ACT_GATHER_INFO |
2010-08-20 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_68c7187aabd211df9be60015587e2cc1.nasl - Type: ACT_GATHER_INFO |
2010-02-25 | Name: The remote Fedora host is missing a security update. File: fedora_2009-13551.nasl - Type: ACT_GATHER_INFO |
2010-02-25 | Name: The remote Fedora host is missing a security update. File: fedora_2009-13552.nasl - Type: ACT_GATHER_INFO |
2009-06-01 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_80f138844d4c11de88110030843d3802.nasl - Type: ACT_GATHER_INFO |