Vulnerabilities > CVE-2000-0374 - Unspecified vulnerability in Caldera Openlinux 2.2/2.3

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

caldera

critical

NVD

Published: 1999-08-22

Updated: 2017-10-10

Summary

The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.

Vulnerable Configurations

Part	Description	Count
OS	Caldera Caldera Openlinux 2.2 Caldera Openlinux 2.3	2

References

ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025
http://www.securityfocus.com/bid/1446
https://exchange.xforce.ibmcloud.com/vulnerabilities/4856