Title: SCO OpenServer StartX Weak XHost Permissions Vulnerability
Severity: MODERATE
Description:
OpenServer is a Unix based operating system distributed by Santa Cruz Operations.
A problem in the access control used when the X Window System is started via the startx script makes it possible for local users to gain elevated privileges. The problem is in the script used to start X, giving local users access to the desktop.
Upon execution of the startx script, the X Window System is started. Access control via xhost is set to allow connections from the localhost.
It is possible for a local user to set their DISPLAY environment variable to that of the localhost, and execute commands as root. This can be accomplished using the tellxdt3 program.
Affected Products:
- SCO Open Server 5.0.0
- SCO Open Server 5.0.1
- SCO Open Server 5.0.2
- SCO Open Server 5.0.3
- SCO Open Server 5.0.4
- SCO Open Server 5.0.5
- SCO Open Server 5.0.6
- SCO Open Server 5.0.7
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
