|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
The X Window System contains a flaw that may allow a remote attacker to access arbitrary X sessions. The problem is that the system rand() function, used to generate MIT-MAGIC-COOKIE-1 keys when DES is not available, is weak on some systems. It is possible that the flaw may allow to obtain passwords and/or execute commands resulting in a loss of confidentiality and/or integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Authentication Management,
Information Disclosure
Impact:
Loss of Confidentiality,
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Technical |
The MIT-MAGIC-COOKIE-1 key is used to authenticate X sessions. If xdm has been built without the HasXdmAuth config option, the key generated by xdm may be predictable.
|
|
Solution |
Upgrade to X11 Release 6.1 and XFree86 version 3.1.2 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workarounds:
1. Compiling xdm with the HasXdmAuth option will eleminate the MIT-MAGIC-COOKIE-1 vulnerability
2. Limit the use of X connections using XDM-AUTHORIZATION-1 to trusted networks
|
|
Products |
|
X11
 |
Release 6 |
|
XFree86
|
1.x |
2.x |
3.0.x |
3.1.0 |
3.1.1 |
|
|
|
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
