PAM pam_xauth Module Unintended X Session Cookie Access Vulnerability

Bugtraq ID: 6753
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2002-1160
CVE-2002-1160
Remote: No
Local: Yes
Published: Feb 03 2003 12:00AM
Updated: Jul 11 2009 08:06PM
Credit: The discovery of this vulnerability has been credited to Bedatec Security H VC <overclocking_a_la_abuela@hotmail.com>.
Vulnerable: RedHat Linux 8.0
RedHat Linux 7.3
RedHat Linux 7.2
RedHat Linux 7.1
pam_xauth pam_xauth 0.75
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux Advanced Work Station 2.1
+ RedHat Linux for iSeries 7.1
+ RedHat Linux for pSeries 7.1
+ Sun Linux 5.0.6
pam_xauth pam_xauth 0.74
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1
Not Vulnerable: RedHat Linux 7.0


 

Privacy Statement
Copyright 2010, SecurityFocus