CVE-2009-1756

Description

SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.

Affected packages (1)

• Debian/slimfrom 0, < 1.3.1-2

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1756