VULHUB ™

When deleting X11 locks, the FreeBSD startup script does not check to determine if .X11-unix is a real directory. If the directory does not exist, it is possible for an attacker to create a symbolic link called .X11-unix. When the script runs, the contents of the directory pointed to by the link will be deleted.

When deleting X11 locks, the FreeBSD startup script does not check to determine if .X11-unix is a real directory. If the directory does not exist, it is possible for an attacker to create a symbolic link called .X11-unix. When the script runs, the contents of the directory pointed to by the link will be deleted.