Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp
records
Loïc Minier
lool at dooz.org
Fri Sep 30 11:57:58 UTC 2005
tags 329156 + upstream security
forwarded 329156 http://bugzilla.gnome.org/show_bug.cgi?id=317312
clone 329156 -1
reassign -1 libvte4
thanks
[ THIS IS A RESEND, PREVIOUS MAIL WAS LOST. ]
Hi,
On Tue, Sep 20, 2005, Paul Szabo wrote:
> gnome-pty-helper can be made to write utmp/wtmp records with arbitrary
> DISPLAY (host) settings. I am not sure if it can be tricked into erasing
> existing records.
This vulnerability is identified as CAN-2005-0023. The upstream
developers of vte have been notified of the bug at:
<http://bugzilla.gnome.org/show_bug.cgi?id=317312>
Bye,
--
Loïc Minier <lool at dooz.org>
More information about the Pkg-gnome-maintainers
mailing list