XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
Software | From | Fixed in |
---|---|---|
gentoo / linux | 1.4 | 1.4.x |
xfree86_project / xdm | cvs | cvs.x |
x.org / x11r6 | 6.7.0 | 6.7.0.x |