CVE-2005-0023

GNOME libzvt2/libvte4 - Info Disclosure

Title source: llm

Description

gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Paul Szabo · clocallinux

https://www.exploit-db.com/exploits/26321

View Code ZIP pw:eip

References (7)

[Mailing List] http://marc.info/?l=bugtraq&m=112879572407250&w=2

[Exploit] http://www.securityfocus.com/bid/15004

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/22496

[Vendor Advisory] http://secunia.com/advisories/17023

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/1931

[Exploit] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330907

[Issue Tracking] http://bugzilla.gnome.org/show_bug.cgi?id=317312

Scores

EPSS 0.0024

EPSS Percentile 47.4%

Details

Status published

Products (2)

gnome/libvte4

gnome/libzvt2 1.4.2.19

Published Oct 05, 2005

Tracked Since Feb 18, 2026