Lucene search

MitreCVE-2000-0374

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0374

2000-10-1304:00:00

mitre

web.nvd.nist.gov

cve-2000-0374

kdm

caldera

mandrake linux

xdmcp

remote attack

information security

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.009

Percentile

82.5%

JSON

The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.

Affected configurations

Nvd

Node

calderaopenlinuxMatch2.2

calderaopenlinuxMatch2.3

VendorProductVersionCPE
calderaopenlinux2.2cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*
calderaopenlinux2.3cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
caldera	openlinux	2.2	cpe:2.3:o:caldera:openlinux:2.2:::::::*
caldera	openlinux	2.3	cpe:2.3:o:caldera:openlinux:2.3:::::::*

References

ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt

frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025

www.securityfocus.com/bid/1446

exchange.xforce.ibmcloud.com/vulnerabilities/4856

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.009

Percentile

82.5%

JSON

Related for CVE-2000-0374