nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freenx | freenx | 0.2.1 |
| freenx | freenx | 0.2.2 |
| freenx | freenx | 0.2.6 |
| freenx | freenx | 0.2.3 |
| freenx | freenx | 0.2.7 |
| freenx | freenx | 0.2.4 |
| freenx | freenx | 0.2.0 |
| freenx | freenx | 0.2.5 |