Vulnerabilities > CVE-2001-1086 - Unspecified vulnerability in Xfree86 Project X11R6 3.3/3.3.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | XFree86 X11R6 3.3 XDM Session Cookie Guessing Vulnerability. CVE-2001-1086. Remote exploit for unix platform |
id | EDB-ID:20993 |
last seen | 2016-02-02 |
modified | 2001-06-24 |
published | 2001-06-24 |
reporter | ntf & sky |
source | https://www.exploit-db.com/download/20993/ |
title | XFree86 X11R6 3.3 XDM Session Cookie Guessing Vulnerability |