CVE-2003-0548

Description

The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.

Affected products

• GNOME / gdm2.4.1.4 – 2.4.1.4
• GNOME / gdm2.4.1 – 2.4.1
• GNOME / gdm2.4.1.1 – 2.4.1.1
• GNOME / gdm2.4.1.2 – 2.4.1.2
• GNOME / gdm2.2.0 – 2.2.0
• GNOME / gdm2.4.1.3 – 2.4.1.3
• GNOME / gdm2.4.1.5 – 2.4.1.5
• GNOME / gdm2.4.1.6 – 2.4.1.6
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / kdebase2.2.3.1.20 – 2.2.3.1.20
• RedHat / kdebase2.0_beta2.45 – 2.0_beta2.45
• RedHat / kdebase2.0_beta2.45 – 2.0_beta2.45
• RedHat / kdebase2.2.3.1.20 – 2.2.3.1.20
• RedHat / kdebase2.2.3.1.22 – 2.2.3.1.22
• RedHat / kdebase2.4.0.7.13 – 2.4.0.7.13
• RedHat / kdebase2.4.1.3.5 – 2.4.1.3.5
• RedHat / linux_advanced_workstation2.1 – 2.1

References

• MISChttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729
• MISChttp://www.redhat.com/support/errata/RHSA-2003-258.html
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A113
• MISChttp://www.redhat.com/support/errata/RHSA-2003-259.html
• MISChttp://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html