XFCE 3.5.1 Local Xauthority Bypass Vulnerability

XFce is a desktop environment for various UNIX systems. As shipped, version 3.5.1 of XFce contains the following line in the startup script /etc/X11/xfce/xinitrc:

xhost +$HOSTNAME

This can be dangerous on multi-user systems since the other users can perform X-related attacks (keyword logging, window watching, etc.). This may indirectly lead to an elevation of priveleges (if the attacker logs the user su'ing to root, for example) or other compromise (if authenticating on another host is logged).


Privacy Statement
Copyright 2010, SecurityFocus