Solaris and Mandrake *nixed, but SuSE and Irix could also be affected A fifth of large corporate users could be vulnerable to a newly discovered security flaw that allows hackers to gain remote control of Unix boxes running Solaris and MandrakeSoft's Linux distro.. . .
Solaris and Mandrake *nixed, but SuSE and Irix could also be affected A fifth of large corporate users could be vulnerable to a newly discovered security flaw that allows hackers to gain remote control of Unix boxes running Solaris and MandrakeSoft's Linux distro.

The flaw was discovered by UK security consultancy ProCheckUp which released the details before official Cert verification, because a freely available hacker's scanner was found to be already searching for the hole. The problem centres on the default configuration of the X Display Manager Control Protocol (XDMCP), which allows remote access.

When this is enabled, hackers can gain access and are presented with a graphical list of users and usernames on that box. They only have to crack the password to take control.

The link for this article located at vnunet is no longer available.