CVE-2001-1086

Name of the Vulnerable Software and Affected Versions XFree86 versions 3.3 through 3.3.3

Description The issue allows remote attackers to gain unauthorized access to the X display via a brute force attack because XDM in XFree86 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option.

Recommendations For XFree86 versions 3.3 through 3.3.3, consider recompiling without the HasXdmXauth option as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.