Vulnerability Description
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Gdm | 2.2.0 |
| Redhat | Kdebase | 2.0_beta2.45 |
| Redhat | Enterprise Linux | 2.1 |
| Redhat | Linux Advanced Workstation | 2.1 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729
- http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html
- http://www.redhat.com/support/errata/RHSA-2003-258.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-259.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729
- http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html
- http://www.redhat.com/support/errata/RHSA-2003-258.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-259.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0548?
CVE-2003-0548 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0...
How severe is CVE-2003-0548?
CVE-2003-0548 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0548?
Check the references section above for vendor advisories and patch information. Affected products include: Gnome Gdm, Redhat Kdebase, Redhat Enterprise Linux, Redhat Linux Advanced Workstation.