Vulnerability Details CVE-2004-0419
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://bugs.xfree86.org/show_bug.cgi?id=1376
- http://secunia.com/advisories/12019
- http://securitytracker.com/id?1010306
- http://www.ciac.org/ciac/bulletins/p-001.shtml
- http://www.gentoo.org/security/en/glsa/glsa-200407-05.xml
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:073
- http://www.openbsd.org/errata.html#xdm
- http://www.redhat.com/support/errata/RHSA-2004-478.html
- http://www.securityfocus.com/bid/10423
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124900
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16264
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10161
- http://bugs.xfree86.org/show_bug.cgi?id=1376
- http://secunia.com/advisories/12019
- http://securitytracker.com/id?1010306
- http://www.ciac.org/ciac/bulletins/p-001.shtml
- http://www.gentoo.org/security/en/glsa/glsa-200407-05.xml
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:073
- http://www.openbsd.org/errata.html#xdm
- http://www.redhat.com/support/errata/RHSA-2004-478.html
- http://www.securityfocus.com/bid/10423
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124900
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16264
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10161