Solaris X Display Manager (xdm) Invalid XDMCP Request DoS

2004-08-09T00:00:00
ID OSVDB:8404
Type osvdb
Reporter OSVDB
Modified 2004-08-09T00:00:00

Description

Vulnerability Description

Solaris X Display Manager contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user issues an invalid X Display Manager Control Protocol (XDMCP) request via a UDP packet to port 177, and will result in loss of availability for the service.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun Microsystems has released a patch to address this vulnerability.

Short Description

Solaris X Display Manager contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user issues an invalid X Display Manager Control Protocol (XDMCP) request via a UDP packet to port 177, and will result in loss of availability for the service.

References:

Vendor Specific Advisory URL Secunia Advisory ID:12257 Other Advisory URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57619 ISS X-Force ID: 16940 CVE-2004-1347 CERT VU: 139504 Bugtraq ID: 10911