Unrated severityNVD Advisory· Published Dec 11, 2000· Updated Jun 16, 2026
CVE-2000-1060
CVE-2000-1060
Description
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.