CVE-2000-0491

Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.

Score10.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2000-05-24 12:00:00.000-04
Last Modified2008-09-10 03:04:48.000-04

Vulnerable Software List

VendorProductVersions
Gnome Gdm 1.0
Caldera Openlinux
Suse Suse Linux 6.2, 6.4

References

SourceLink
CALDERACSSA-2000-013.0
BUGTRAQ20000521 "gdm" remote hole
BUGTRAQ20000607 Conectiva Linux Security Announcement - gdm
SUSE20000524 Security hole in gdm <= 2.0beta4-25
BID1233
BID1279
BID1370