Multiple Vendor XDMCP Default Access Control Vulnerability

Solution:
Mandrake suggets the following lines in /etc/X11/xdm/Xaccess be commented out:

* #any host can get a login window
* CHOOSER BROADCAST #any indirect host can get a chooser

See the Caldera advisory under the Credit tab for a solution.



 

Privacy Statement
Copyright 2010, SecurityFocus