VYPR

XDM

by Xfree86

CVEs (2)

  • CVE-2001-1086Jul 4, 2001
    risk 0.03cvss epss 0.03

    XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.

  • CVE-2004-0419Aug 18, 2004
    risk 0.00cvss epss 0.02

    XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.