The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 11.10 |
||
debian debian linux |
||
ubuntu linux |
||
x.org x server - |
||
canonical ubuntu linux 10.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 11.04 |