Vulnerability in Gentoo Linux
CVE-2004-0419
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
EPSS: 0.025 (82.5th percentile) — read the EPSS interpretation.
Affected products
- Gentoo Linux — versions 1.4
- Xfree86_project Xdm — versions cvs
- X.org X11r6 — versions 6.7.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_MANDRAKE, Vendor Advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO, Vendor Advisory)
- cve@mitre.org (government-resource, x_refsource_CIAC, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)