SUSE CVE-2004-0419

XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions...

XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0

When the IPv6 code was added to xdm a critical test to disable xdmcp was accidentally removed. This caused xdm to create the chooser socket regardless if DisplayManager.requestPort was disabled in xdm-config or not...