CVE-2002-1160 in Linuxinfo

Summary

The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user s credentials after root uses su.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Disclosure

02/19/2003

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-269

CVSS

8.4

EPSS

0.00066

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1160
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1160
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1160/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!