CVE-2000-1060

2001-01-2205:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an “xhost + localhost” command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.

References

archives.neohapsis.com/archives/bugtraq/2000-10/0022.html

www.securityfocus.com/bid/1736

exchange.xforce.ibmcloud.com/vulnerabilities/5305