FreeBSD Ports: Xrdb Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html http://www.vuxml.org/freebsd/2eccb24f-61c0-11e0-b199-0015f2db7bde.html

Insight

The following package is affected: xrdb CVE-2011-0465 xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.

Severity

Classification

CVE CVE-2011-0465
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FreeBSD Ports: clamav
django -- multiple vulnerabilities
FreeBSD Ports: amarok
FreeBSD Ports: bugzilla, ja-bugzilla
FreeBSD Ports: chromium

FreeBSD Ports: xrdb

Take action and discover your vulnerabilities