CVE-2009-1573

N/A Unknown

Published: May 06, 2009 Modified: April 23, 2026

Description

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526678

Source: cve@mitre.org

Exploit Vendor Advisory

http://secunia.com/advisories/39834

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2009/05/05/2

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2009/05/05/4

Source: cve@mitre.org

http://www.securityfocus.com/bid/34828

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-939-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/1185

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/50348

Source: cve@mitre.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526678