Gentoo Logo

XFree86, X.org: XDM ignores requestPort setting

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200407-05 / xdm
Release Date July 05, 2004
Latest Revision July 05, 2004: 01
Impact low
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
x11-base/xfree <= 4.3.0-r5 >= 4.3.0-r6 All supported architectures
x11-base/xorg-x11 <= 6.7.0 >= 6.7.0-r1 All supported architectures

Related bugreports: #53226

Synopsis

XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.

2.  Impact Information

Background

The X Display Manager (XDM) is a program which provides a graphical login prompt to users on the console or on remote X terminals. It has largely been superseded by programs such as GDM and KDM.

Description

XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. Remote clients can use this port to connect to XDM and request a login window, thus allowing access to the system.

Impact

Authorized users may be able to login remotely to a machine running XDM, even if this option is disabled in XDM's configuration. Please note that an attacker must have a preexisting account on the machine in order to exploit this vulnerability.

3.  Resolution Information

Workaround

There is no known workaround at this time. All users should upgrade to the latest available version of X.

Resolution

If you are using XFree86, you should run the following:

Code Listing 3.1: Resolution

# emerge sync
# emerge -pv ">=x11-base/xfree-4.3.0-r6"
# emerge ">=x11-base/xfree-4.3.0-r6"

If you are using X.org's X11 server, you should run the following:

Code Listing 3.2: Resolution

# emerge sync
# emerge -pv ">=x11-base/xorg-x11-6.7.0-r1"
# emerge ">=x11-base/xorg-x11-6.7.0-r1"

4.  References



Print

Page updated July 05, 2004

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.