Description
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
Affected products
- caldera / openlinux
- GNOME / gdm1.0 – 1.0
- SUSE / suse_linux6.2 – 6.2
- SUSE / suse_linux6.4 – 6.4
References
- MISChttp://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html
- MISChttp://www.securityfocus.com/bid/1279
- MISChttp://www.securityfocus.com/bid/1370
- MISChttp://www.securityfocus.com/bid/1233
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/suse_security_announce_49.html
- MISCftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt
- MISChttp://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html