Mandrake X session Local Xauthority Bypass Vulnerability

The X11 startup script shipped with Mandrake 7.1 (/etc/X11/Xsession) contains a line, "xhost + localhost", which disables the Xauthority mechanism for localhost, allowing any users' clients to connect to the X server from the local machine. This can be dangerous on multi-user systems since the other users can perform X-related attacks (keyword logging, window watching, etc.). This may indirectly lead to an elevation of priveleges (if the attacker logs the user su'ing to root, for example) or other compromises (ie if authenticating on another host is logged).


Privacy Statement
Copyright 2010, SecurityFocus