Vulnerability Description
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Gdm | 2.2.0 |
| Redhat | Kdebase | 2.0_beta2.45 |
| Redhat | Enterprise Linux | 2.1 |
| Redhat | Linux Advanced Workstation | 2.1 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729
- http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html
- http://www.redhat.com/support/errata/RHSA-2003-258.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-259.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729
- http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html
- http://www.redhat.com/support/errata/RHSA-2003-258.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-259.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0549?
CVE-2003-0549 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
How severe is CVE-2003-0549?
CVE-2003-0549 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0549?
Check the references section above for vendor advisories and patch information. Affected products include: Gnome Gdm, Redhat Kdebase, Redhat Enterprise Linux, Redhat Linux Advanced Workstation.