FreeBSD Ports: Xorg-clients Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://bugs.xfree86.org/show_bug.cgi?id=1376 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124900 http://www.vuxml.org/freebsd/ff00f2ce-c54c-11d8-b708-00061bc2ad93.html

Insight

The following package is affected: xorg-clients CVE-2004-0419 XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.

Severity

Classification

CVE CVE-2004-0419

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: bind99
FreeBSD Ports: clamav
FreeBSD Ports: corkscrew
FreeBSD Ports: apache
FreeBSD Ports: chromium

FreeBSD Ports: xorg-clients

Take action and discover your vulnerabilities