Home > Vulnerability Database > CVE-2004-0419

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2004-0419

Date: June 2, 2004

XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.

Severity Score

7.3

Related Resources (14)

Url: http://secunia.com/advisories/12019

Url: https://nvd.nist.gov/vuln/detail/CVE-2004-0419

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10161

Url: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:073

Url: http://www.redhat.com/support/errata/RHSA-2004-478.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/16264

Url: http://securitytracker.com/id?1010306

Url: http://bugs.xfree86.org/show_bug.cgi?id=1376

Url: http://www.gentoo.org/security/en/glsa/glsa-200407-05.xml

Url: http://www.securityfocus.com/bid/10423

Url: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124900

Url: http://www.ciac.org/ciac/bulletins/p-001.shtml

Url: http://www.openbsd.org/errata.html#xdm

Url: https://www.mend.io/vulnerability-database/CVE-2004-0419

Severity Score

7.3

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us