Vulnerabilities > CVE-2001-1086 - Unspecified vulnerability in Xfree86 Project X11R6 3.3/3.3.3

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
xfree86-project
exploit available
NVD
Published: 2001-07-04
Updated: 2024-11-20

Summary

XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.

Vulnerable Configurations

Part Description Count
Application
Xfree86_Project
2

Exploit-Db

descriptionXFree86 X11R6 3.3 XDM Session Cookie Guessing Vulnerability. CVE-2001-1086. Remote exploit for unix platform
idEDB-ID:20993
last seen2016-02-02
modified2001-06-24
published2001-06-24
reporterntf & sky
sourcehttps://www.exploit-db.com/download/20993/
titleXFree86 X11R6 3.3 XDM Session Cookie Guessing Vulnerability

References