XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
References
Configurations
History
20 Nov 2024, 23:48
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.xfree86.org/show_bug.cgi?id=1376 - | |
References | () http://secunia.com/advisories/12019 - | |
References | () http://securitytracker.com/id?1010306 - | |
References | () http://www.ciac.org/ciac/bulletins/p-001.shtml - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200407-05.xml - Vendor Advisory | |
References | () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:073 - Patch, Vendor Advisory | |
References | () http://www.openbsd.org/errata.html#xdm - | |
References | () http://www.redhat.com/support/errata/RHSA-2004-478.html - | |
References | () http://www.securityfocus.com/bid/10423 - Patch, Vendor Advisory | |
References | () https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124900 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16264 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10161 - |
Information
Published : 2004-08-18 04:00
Updated : 2024-11-20 23:48
NVD link : CVE-2004-0419
Mitre link : CVE-2004-0419
CVE.ORG link : CVE-2004-0419
JSON object : View
Products Affected
xfree86_project
- xdm
gentoo
- linux
x.org
- x11r6
CWE