Vulnerability Note VU#911505
pam_xauth may insecurely forward "X MIT-Magic-Cookies" to new sessions
A vulnerability exists in pam_xauth that may allow a local attacker to gain access to an administrator's X session.
pam_xauth is used to forward xauth keys (or cookies) between users. From the pam_xauth man page:
Without pam_xauth, when xauth is enabled and a user uses the su command to
A local attacker may be able to gain access to an administrator's X session.
Apply a patch from your vendor.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|MandrakeSoft||Affected||04 May 2003||05 May 2003|
|Openwall GNU/*/Linux||Affected||04 May 2003||07 May 2003|
|Red Hat Inc.||Affected||-||07 May 2003|
|Apple Computer Inc.||Not Affected||04 May 2003||07 May 2003|
|Debian||Not Affected||04 May 2003||05 May 2003|
|Foundry Networks Inc.||Not Affected||04 May 2003||07 May 2003|
|Fujitsu||Not Affected||04 May 2003||17 Jun 2003|
|Hitachi||Not Affected||04 May 2003||07 May 2003|
|IBM||Not Affected||04 May 2003||07 May 2003|
|Ingrian Networks||Not Affected||04 May 2003||07 May 2003|
|NetScreen||Not Affected||04 May 2003||07 May 2003|
|Xerox Corporation||Not Affected||04 May 2003||30 May 2003|
|3Com||Unknown||04 May 2003||05 May 2003|
|Alcatel||Unknown||04 May 2003||05 May 2003|
|AT&T||Unknown||04 May 2003||05 May 2003|
CVSS Metrics (Learn More)
This vulnerability was discovered by Andreas Beck.
This document was written by Ian A Finlay.
- CVE IDs: CAN-2002-1160
- Date Public: 03 Feb 2003
- Date First Published: 04 May 2003
- Date Last Updated: 17 Jun 2003
- Severity Metric: 12.94
- Document Revision: 11
If you have feedback, comments, or additional information about this vulnerability, please send us email.