Vulnerabilities

CVE-2017-2625

by Fred · 27/07/2018

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users’ sessions.

Date published : 2018-07-27

http://www.securityfocus.com/bid/96480

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625

Similar

Tags: Cybersecurity Alert