CVE-2000-0374
First published: Sun Aug 22 1999(Updated: )
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SCO OpenLinux Server | =2.2 | |
| SCO OpenLinux Server | =2.3 | |
| =2.2 | ||
| =2.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0374?
CVE-2000-0374 is considered a moderate severity vulnerability due to its potential for unauthorized access to sensitive information.
How can I fix CVE-2000-0374?
To fix CVE-2000-0374, configure the kdm settings to restrict XDMCP connections to trusted hosts only.
What systems are affected by CVE-2000-0374?
CVE-2000-0374 affects default configurations of kdm in Caldera and Mandrake Linux versions 2.2 and 2.3.
What risks does CVE-2000-0374 pose?
CVE-2000-0374 allows remote attackers to obtain sensitive information or bypass access restrictions, leading to potential data exposure.
Is CVE-2000-0374 a widespread vulnerability?
CVE-2000-0374 may not be widespread today, but its presence in legacy systems can pose a security risk if not addressed.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/caldera
- product/openlinux
- canonical/caldera openlinux
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- canonical/sco openlinux server
- version/sco openlinux server/2.2
- version/sco openlinux server/2.3