Mandriva Update For Rxvt MDVSA-2008:161 (rxvt) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections (CVE-2008-1142). The updated packages have been patched to correct this issue.

Affected

rxvt on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-1142
CVSS Base Score: 3.7
AV:L/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandriva Update for vino MDVSA-2011:087 (vino)
Mandriva Update for rxvt MDVSA-2008:161 (rxvt)
Mandriva Update for evolution MDKSA-2007:107 (evolution)
Mandriva Update for gd MDVSA-2008:038 (gd)
Mandriva Update for timezone MDVA-2010:006 (timezone)

Take action and discover your vulnerabilities