Package name
gdm
Date
2001-08-20
Advisory ID
MDKSA-2001:070
Affected versions
8.0 i586

Problem description

A buffer overrun exists in the XDMCP handling code used in gdm. By sending a properly crafted XDMCP message, it is possible for a remote attacker to execute arbitrary commands as root on the susceptible machine. By default, XDMCP is disabled in gdm.conf on Mandrake Linux.

Updated packages

8.0 i586

 41c178fc24d9acb2ead1438e837f0325  8.0/RPMS/gdm-2.2.3.2-2.1mdk.i586.rpm
1688432b516b398ad1c20ac80c1d028f  8.0/SRPMS/gdm-2.2.3.2-2.1mdk.src.rpm

References