VYPR

Xdm

by Xorg

CVEs (4)

  • CVE-2013-2179Dec 27, 2013
    risk 0.00cvss epss 0.02

    X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by attempting to log into…

  • CVE-2006-5215Oct 10, 2006
    risk 0.00cvss epss 0.00

    The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a…

  • CVE-2006-4447Aug 30, 2006
    risk 0.00cvss epss 0.00

    X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by…

  • CVE-2004-0419Aug 18, 2004
    risk 0.00cvss epss 0.02

    XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.