XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
Name | Vendor | Start Version | End Version |
---|---|---|---|
X11r6 | X.org | 6.7.0 (including) | 6.7.0 (including) |
Xdm | Xfree86_project | cvs (including) | cvs (including) |
Red Hat Enterprise Linux 3 | RedHat | XFree86-0:4.3.0-69.EL | * |
Xorg | Ubuntu | dapper | * |
Xorg | Ubuntu | devel | * |
Xorg | Ubuntu | edgy | * |
Xorg | Ubuntu | feisty | * |