gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2001-05-07T04:00:00
Updated: 2024-08-08T04:14:06.863Z
Reserved: 2001-03-08T00:00:00
Link: CVE-2001-0191
Vulnrichment
No data.
NVD
Status : Modified
Published: 2001-05-03T04:00:00.000
Modified: 2024-11-20T23:34:48.813
Link: CVE-2001-0191
Redhat