Vulnerability Description
x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
CVSS Score
9.0
HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| X2Go | X2Go Server | <= 4.0.0.7 |
Related Weaknesses (CWE)
References
- http://permalink.gmane.org/gmane.linux.terminal-server.x2go.announce/83Vendor Advisory
- http://security.gentoo.org/glsa/glsa-201405-26.xml
- http://www.openwall.com/lists/oss-security/2014/05/18/1
- http://www.openwall.com/lists/oss-security/2014/05/19/4
- http://www.securityfocus.com/bid/65001
- http://permalink.gmane.org/gmane.linux.terminal-server.x2go.announce/83Vendor Advisory
- http://security.gentoo.org/glsa/glsa-201405-26.xml
- http://www.openwall.com/lists/oss-security/2014/05/18/1
- http://www.openwall.com/lists/oss-security/2014/05/19/4
- http://www.securityfocus.com/bid/65001
FAQ
What is CVE-2013-7383?
CVE-2013-7383 is a vulnerability with a CVSS score of 9.0 (HIGH). x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
How severe is CVE-2013-7383?
CVE-2013-7383 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-7383?
Check the references section above for vendor advisories and patch information. Affected products include: X2Go X2Go Server.