Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1071

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-1071
Last Modified 05 Sep 2008 04:22:34
Published 11 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1071

Summary

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.

Vulnerable Systems

Application

  • Netscape Iplanet Ical 2.1


References

ATSTAKE - A100900-1

BID - 1767

XF - ical-xhost-gain-privileges

OSVDB - 7213


Last Updated: 27 May 2016 10:36:00