CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0374

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1420%
EPSS Percentile0.58th
PublishedAug 22, 1999
Last ModifiedApr 16, 2026

Vulnerability Description

The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.

Affected Platforms (CPE)

πŸ’»
Caldera

Openlinux

= 2.2
πŸ’»
Caldera

Openlinux

= 2.3

References & Advisories

πŸ”— ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt
πŸ”— http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025
πŸ”— http://www.securityfocus.com/bid/1446
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/4856
πŸ”— ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt
πŸ”— http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025
πŸ”— http://www.securityfocus.com/bid/1446
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/4856

Related Vulnerabilities

CVE-2001-085010.0

A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which...

CVE-2002-05117.5

The default configuration of Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead o...

CVE-2003-06585.0

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that ...

CVE-2002-07595.0

bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the O_E...