JVN/CVE Demo: Cveinfos

CVE

Id: 48377
CVE No.: CVE-2011-0465
Status: Candidate
Description: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Phase: Assigned (20110114)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
525318	48377	CVE-2011-0465	MLIST:[xorg-announce] 20110405 X.Org security advisory: root hole via rogue hostname	View
525319	48377	CVE-2011-0465	URL:http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html	View
525320	48377	CVE-2011-0465	MLIST:[xorg-announce] 20110405 xrdb 1.0.9	View
525321	48377	CVE-2011-0465	URL:http://lists.freedesktop.org/archives/xorg-announce/2011-April/001635.html	View
525322	48377	CVE-2011-0465	CONFIRM:http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56	View
525323	48377	CVE-2011-0465	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=680196	View
525324	48377	CVE-2011-0465	DEBIAN:DSA-2213	View
525325	48377	CVE-2011-0465	URL:http://www.debian.org/security/2011/dsa-2213	View
525326	48377	CVE-2011-0465	FEDORA:FEDORA-2011-4871	View
525327	48377	CVE-2011-0465	URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057928.html	View
525328	48377	CVE-2011-0465	MANDRIVA:MDVSA-2011:076	View
525329	48377	CVE-2011-0465	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2011:076	View
525330	48377	CVE-2011-0465	REDHAT:RHSA-2011:0432	View
525331	48377	CVE-2011-0465	URL:http://www.redhat.com/support/errata/RHSA-2011-0432.html	View
525332	48377	CVE-2011-0465	REDHAT:RHSA-2011:0433	View
525333	48377	CVE-2011-0465	URL:http://www.redhat.com/support/errata/RHSA-2011-0433.html	View
525334	48377	CVE-2011-0465	SLACKWARE:SSA:2011-096-01	View
525335	48377	CVE-2011-0465	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.465748	View
525336	48377	CVE-2011-0465	SUSE:SUSE-SA:2011:016	View
525337	48377	CVE-2011-0465	URL:http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00002.html	View
525338	48377	CVE-2011-0465	SUSE:openSUSE-SU-2011:0298	View
525339	48377	CVE-2011-0465	URL:https://lwn.net/Articles/437150/	View
525340	48377	CVE-2011-0465	UBUNTU:USN-1107-1	View
525341	48377	CVE-2011-0465	URL:http://www.ubuntu.com/usn/USN-1107-1	View
525342	48377	CVE-2011-0465	BID:47189	View
525343	48377	CVE-2011-0465	URL:http://www.securityfocus.com/bid/47189	View
525344	48377	CVE-2011-0465	SECTRACK:1025317	View
525345	48377	CVE-2011-0465	URL:http://www.securitytracker.com/id?1025317	View
525346	48377	CVE-2011-0465	SECUNIA:44040	View
525347	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44040	View
525348	48377	CVE-2011-0465	SECUNIA:44010	View
525349	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44010	View
525350	48377	CVE-2011-0465	SECUNIA:44012	View
525351	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44012	View
525352	48377	CVE-2011-0465	SECUNIA:44082	View
525353	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44082	View
525354	48377	CVE-2011-0465	SECUNIA:44122	View
525355	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44122	View
525356	48377	CVE-2011-0465	SECUNIA:44123	View
525357	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44123	View
525358	48377	CVE-2011-0465	SECUNIA:44193	View
525359	48377	CVE-2011-0465	URL:http://secunia.com/advisories/44193	View
525360	48377	CVE-2011-0465	VUPEN:ADV-2011-0880	View
525361	48377	CVE-2011-0465	URL:http://www.vupen.com/english/advisories/2011/0880	View
525362	48377	CVE-2011-0465	VUPEN:ADV-2011-0889	View
525363	48377	CVE-2011-0465	URL:http://www.vupen.com/english/advisories/2011/0889	View
525364	48377	CVE-2011-0465	VUPEN:ADV-2011-0906	View
525365	48377	CVE-2011-0465	URL:http://www.vupen.com/english/advisories/2011/0906	View
525366	48377	CVE-2011-0465	VUPEN:ADV-2011-0929	View
525367	48377	CVE-2011-0465	URL:http://www.vupen.com/english/advisories/2011/0929	View
525368	48377	CVE-2011-0465	VUPEN:ADV-2011-0966	View
525369	48377	CVE-2011-0465	URL:http://www.vupen.com/english/advisories/2011/0966	View
525370	48377	CVE-2011-0465	VUPEN:ADV-2011-0975	View
525371	48377	CVE-2011-0465	URL:http://www.vupen.com/english/advisories/2011/0975	View
525372	48377	CVE-2011-0465	XF:xorg11-xrdb-command-execution(66585)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
32593	JVNDB-2011-002833	Google Chrome および Chrome OS におけるサービス運用妨害 (DoS) の脆弱性	Google Chrome および Chrome OS は、extensions notification を適切に処理しないため、サービス運用妨害 (アプリケーションクラッシュ) 状態となる脆弱性が存在します。	CVE-2011-0470	48377	5		http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002833.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.34 MB
View render complete	2.83 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.24
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	538.71
Event: Controller.beforeRender	4.32
» Processing toolbar data	4.24
Rendering View	16.34
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	15.33
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.56
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.11
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/48377
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/48377
Remote Port	46549
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.146
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.9.132.44
Http Via	1.1 squid-proxy-5b5d847c96-fzjlx (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.146
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.146
Unique Id	aRtv0lqQZ-gb0nPshwvWnAAAAfQ
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.146
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.146
Redirect Unique Id	aRtv0lqQZ-gb0nPshwvWnAAAAfQ
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.146
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.146
Redirect Redirect Unique Id	aRtv0lqQZ-gb0nPshwvWnAAAAfQ
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1763405778.6307
Request Time	1763405778

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files