Potential man-in-the-middle attack was found in SLiM (Simple Login Manager) due to improper processing of authorization information used in connection to the X server. A local attacker could use this flaw to hijack X session of the victim by overhearing of certain information, needed for proper extraction of authorization records. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306 http://bugs.gentoo.org/show_bug.cgi?id=270345 http://www.openwall.com/lists/oss-security/2009/05/18/2
CVE-2009-1756: SLiM Simple Login Manager 1.3.0 includes places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1756 http://www.openwall.com/lists/oss-security/2009/05/18/2 http://www.securityfocus.com/bid/35015 http://osvdb.org/54583 http://secunia.com/advisories/35132 http://xforce.iss.net/xforce/xfdb/50611
This issue affects the versions of the slim package, as shipped with Fedora releases of 10 and 11. Please fix.
I'm not interested in maintaining slim for Fedora 10 and 11 (it's an orphan), but if the debian patch applies cleanly I can try to add that to a testing package ? http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306#25 {CVE-2009-1756} http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306#35 (rand -> random)
slim-1.3.1-9.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/slim-1.3.1-9.fc12
slim-1.3.1-9.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/slim-1.3.1-9.fc11
slim-1.3.1-9.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
slim-1.3.1-9.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.