CVE-2000-1060

2000-12-11T05:00:00
ID CVE-2000-1060
Type cve
Reporter cve@mitre.org
Modified 2018-05-03T01:29:00

Description

The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.