Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:073: XFree86 Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the XFree86 package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:073 (XFree86).
Steve Rumble discovered XDM in XFree86 opens a chooserFd TCP socket even when
DisplayManager.requestPort is 0, which could allow remote attackers to connect
to the port, in violation of the intended restrictions.
The updated packages are patched to correct the problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:073
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.