6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an βxhost + localhostβ command, which allows local users to sniff X Windows events and gain privileges.
www.linux-mandrake.com/en/security/MDKSA-2000-052.php3
www.securityfocus.com/archive/1/136495
www.securityfocus.com/bid/1735
exchange.xforce.ibmcloud.com/vulnerabilities/5305