xorg-x11 security update
Remote attackers could execute arbitrary commands as root
by assigning specially crafted hostnames to X11 clients via
XDMCP (CVE-2011-0465).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4306
Fixed bugs
bnc#674733
VUL-0: xorg-x11: remote/local root hole via rogue hostname
CVE#CVE-2011-0465
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
