PAM pam_xauth Module Unintended X Session Cookie Access Vulnerability

Bugtraq ID: 6753
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2002-1160
CVE-2002-1160
Remote: No
Local: Yes
Published: Feb 03 2003 12:00AM
Updated: Jul 11 2009 08:06PM
Credit: The discovery of this vulnerability has been credited to Bedatec Security H VC <overclocking_a_la_abuela@hotmail.com>.
Vulnerable: Redhat Linux 8.0
Redhat Linux 7.3
Redhat Linux 7.2
Redhat Linux 7.1
pam_xauth pam_xauth 0.75
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
+ Redhat Linux 8.0 i386
+ Redhat Linux 8.0
+ Redhat Linux 7.3 i386
+ Redhat Linux 7.3
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.2
+ Redhat Linux Advanced Work Station 2.1
+ Redhat Linux for iSeries 7.1
+ Redhat Linux for pSeries 7.1
+ Sun Linux 5.0.6
pam_xauth pam_xauth 0.74
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1
Not Vulnerable: Redhat Linux 7.0


 

Privacy Statement
Copyright 2010, SecurityFocus