Local Privilege Escalation Vulnerability in xvfb-run on Multiple Linux Distributions
CVE-2009-1573

Currently unrated

Key Information:

Vendor

Debian
Status
Debian Linux
Fedora
Linux
Xvfb-run
Vendor
CVE Published:
6 May 2009

What is CVE-2009-1573?

The xvfb-run utility in version 1.6.1 for Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems contains a security flaw. This vulnerability arises when the magic cookie (MCOOKIE) is exposed on the command line, enabling local users to enumerate running processes along with their arguments. As a result, an unauthorized user could potentially exploit this access to escalate their privileges within the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2009/05/05/2
mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/05/05/4
mailing-listx_refsource_MLIST
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526678
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.