CVE-2002-1510

Name of the Vulnerable Software and Affected Versions XFree86-xdm version 4.1.0 XFree86-Xnest version 4.1.0 XFree86-fonts version 4.1.0 XFree86-ISO8859-2-75dpi-fonts version 4.1.0 XFree86 version 4.1.0 XFree86-doc version 4.1.0 XFree86-libs version 4.1.0 XFree86-ISO8859-9-75dpi-fonts version 4.1.0 XFree86-cyrillic-fonts version 4.1.0 XFree86-devel version 4.1.0 XFree86-ISO8859-15-75dpi-fonts version 4.1.0 XFree86-tools version 4.1.0 XFree86-xfs version 4.1.0 XFree86-ISO8859-2-100dpi-fonts version 4.1.0 XFree86-75dpi-fonts version 4.1.0 XFree86-Xvfb version 4.1.0 XFree86-twm version 4.1.0 XFree86-ISO8859-15-100dpi-fonts version 4.1.0 XFree86-xf86cfg version 4.1.0 XFree86-ISO8859-9-100dpi-fonts version 4.1.0 XFree86-100dpi-fonts version 4.1.0

Description The issue affects multiple packages of the XFree86 software in the Red Hat Linux operating system, allowing remote exploitation that may lead to a breach of confidentiality, integrity, and availability of protected information. Specifically, with xdm and the authComplain variable set to false, arbitrary attackers can connect to the X server if the xdm auth directory does not exist.

Recommendations For XFree86-xdm version 4.1.0, ensure the xdm auth directory exists to prevent unauthorized access. For XFree86-Xnest version 4.1.0, restrict access to minimize the risk of exploitation. For XFree86-fonts version 4.1.0, avoid using vulnerable fonts until the issue is resolved. For XFree86-ISO8859-2-75dpi-fonts version 4.1.0, consider disabling the use of these fonts as a temporary workaround. For XFree86 version 4.1.0, update configuration to prevent remote exploitation. For XFree86-doc version 4.1.0, restrict access to documentation to minimize risk. For XFree86-libs version 4.1.0, avoid using vulnerable libraries until a fix is available. For XFree86-ISO8859-9-75dpi-fonts version 4.1.0, restrict font usage to prevent exploitation. For XFree86-cyrillic-fonts version 4.1.0, consider temporary removal of these fonts. For XFree86-devel version 4.1.0, restrict development activities to prevent the issue's exploitation. For XFree86-ISO8859-15-75dpi-fonts version 4.1.0, disable the use of these fonts as a mitigation measure. For XFree86-tools version 4.1.0, limit tool usage to authorized personnel. For XFree86-xfs version 4.1.0, restrict file system access to prevent exploitation. For XFree86-ISO8859-2-100dpi-fonts version 4.1.0, avoid using these fonts until the issue is fixed. For XFree86-75dpi-fonts version 4.1.0, consider disabling these fonts temporarily. For XFree86-Xvfb version 4.1.0, restrict virtual frame buffer access. For XFree86-twm version 4.1.0, limit window manager usage to authorized users. For XFree86-ISO8859-15-100dpi-fonts version 4.1.0, restrict font access to prevent exploitation. For XFree86-xf86cfg version 4.1.0, limit configuration access to authorized personnel. For XFree86-ISO8859-9-100dpi-fonts version 4.1.0, consider temporary removal of these fonts. For XFree86-100dpi-fonts version 4.1.0, restrict the use of these fonts to minimize risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.