CVE-2002-1160

Loading...

General

Score:7.2/10.0
Severity:Medium
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Published on 19/02/03 - Updated on 18/10/16

Description

The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2002-1160

Exploits

SecurityFocusBID-6753

Relative technologies

VendorProduct
redhatlinux

Share this vulnerability with:

Twitter Facebook LinkedIn Mail