Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA 200407-05 Low: XDM TCP Socket Access Control Issue

gentoo
Calendar Grey July 5, 2004
Dist Gentoo Esm H88
The requestPort option in XDM may expose Gentoo systems to unauthorized remote access. It's essential to update promptly to reduce vulnerabilities.
XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200407-05
                                            https://security.gentoo.org/

  Severity: Low
     Title: XFree86, X.org: XDM ignores requestPort setting
      Date: July 05, 2004
      Bugs: #53226
        ID: 200407-05


Synopsis
=======
XDM will open TCP sockets for its chooser, even if the
DisplayManager.requestPort setting is set to 0. This may allow
authorized users to access a machine remotely via X, even if the
administrator has configured XDM to refuse such connections.

Background
=========
The X Display Manager (XDM) is a program which provides a graphical
login prompt to users on the console or on remote X terminals. It has
largely been superseded by programs such as GDM and KDM.

...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory access control low severity configuration issue Gentoo Linux XDM TCP sockets

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory access control low severity configuration issue Gentoo Linux XDM TCP sockets

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here