RSS   Vulnerabilities for 'XFCE'   RSS

2000-12-11
 
CVE-2000-1060

CWE-Other
 

 
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.

 

 >>> Vendor: Xfree86 project 8 Products
Xfree86
X11r6
XLIB
XFCE
Xfree86 x server
XDM
Xfree86 x
Xfree86-misc


Copyright 2022, cxsecurity.com

 

Back to Top