← back
CVE-2000-1060

CVE-2000-1060

EPSS 0.3%
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2000-10/0022.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/5305http://www.securityfocus.com/bid/1736