Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0374

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0374
Last Modified 10 Sep 2008 03:04:14
Published 22 Aug 1999 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0374

Summary

The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.

Vulnerable Systems

Operating System

  • Caldera Openlinux 2.2

  • Caldera Openlinux 2.3


References

XF - xdmcp-kdm-default-configuration(4856)

BID - 1446

MANDRAKE - MDKSA-2002:025

CALDERA - CSSA-1999-021.0


Last Updated: 27 May 2016 10:35:41