#VU32096 Key management errors in xcmsdb - CVE-2017-2625
Published: July 27, 2018 / Updated: July 28, 2020
Vulnerability identifier: #VU32096
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-2625
CWE-ID: CWE-320
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
xcmsdb
xcmsdb
Software vendor:
xorg.freedesktop.org
xorg.freedesktop.org
Description
The vulnerability allows a local authenticated user to gain access to sensitive information.
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
Remediation
Install update from vendor's website.
External links
- http://www.securityfocus.com/bid/96480
- http://www.securitytracker.com/id/1037919
- https://access.redhat.com/errata/RHSA-2017:1865
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625
- https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f
- https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html
- https://security.gentoo.org/glsa/201704-03
- https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/