Showing 1 - 4 of 4

CVE-2017-2625

Status Candidate

Overview

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.

Related Files

Ubuntu Security Notice USN-5690-1: Posted Oct 20, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5690-1 - It was discovered that libXdmcp was generating weak session keys. A local attacker could possibly use this issue to perform a brute force attack and obtain another user's key.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2017-2625; SHA-256 | 04525f2c5bc115f00e3bf47d63c9edcfe9814717972bea61532b8c3cb8ef02ef; Download | Favorite | View

Red Hat Security Advisory 2017-1865-01: Posted Aug 1, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-1865-01 - The X11 libraries provide library routines that are used within all X Window applications. The following packages have been upgraded to a later upstream version: libX11, libXaw, libXdmcp, libXfixes, libXfont, libXi, libXpm, libXrandr, libXrender, libXt, libXtst, libXv, libXvMC, libXxf86vm, libdrm, libepoxy, libevdev, libfontenc, libvdpau, libwacom, libxcb, libxkbfile, mesa, mesa-private-llvm, xcb-proto, xkeyboard-config, xorg-x11-proto-devel.; tags | advisory; systems | linux, redhat; advisories | CVE-2016-10164, CVE-2017-2625, CVE-2017-2626; SHA-256 | 2454fbb7037ebbdc80b4a6947f9e13ee65e1806892b4a60080841fce649d6bdb; Download | Favorite | View

Gentoo Linux Security Advisory 201704-03: Posted Apr 11, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201704-3 - Multiple vulnerabilities have been found in X.Org server and libraries, the worse of which allowing local attackers to execute arbitrary code. Versions less than 1.19.2 are affected.; tags | advisory, arbitrary, local, vulnerability; systems | linux, gentoo; advisories | CVE-2016-5407, CVE-2016-7942, CVE-2016-7943, CVE-2016-7944, CVE-2016-7945, CVE-2016-7946, CVE-2016-7947, CVE-2016-7948, CVE-2016-7949, CVE-2016-7950, CVE-2016-7953, CVE-2017-2624, CVE-2017-2625, CVE-2017-2626; SHA-256 | b651dfb5c88b536bb774bed091405ef39ff35e25a8d671b35af02c5805d32f09; Download | Favorite | View

X.org Privilege Escalation / Use-After-Free / Weak Entropy: Posted Mar 1, 2017; Authored by Eric Sesterhenn; X.org suffers from privilege escalation, weak entropy, and use-after-free vulnerabilities.; tags | exploit, vulnerability; advisories | CVE-2017-2624, CVE-2017-2625, CVE-2017-2626; SHA-256 | f72f05abe9036269c3ae97121d5341b234d6db2cbe445c9d8643a82f22648e4d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 234 files
indoushka 93 files
Ubuntu 87 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,099)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,756)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,521)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,747)
UNIX (9,436)
UnixWare (187)
Windows (6,674)
Other

CVE-2017-2625

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems