X11 MIT-MAGIC-COOKIE-1 prediction could allow remote access to arbitrary X sessions
| http-xguess-cookie (334) |  High Risk |
Description:
A vulnerability occurs in some implementations of X11 that rely on MIT-MAGIC-COOKIE-1 for security, allowing a remote attacker access to arbitrary X sessions. The vulnerability affects sites using xdm for generating keys when xdm has not been compiled to use XDM-AUTHORIZATION-1. The keys produced by xdm is cryptographically insecure and is easily guessable by an attacker.
Platforms Affected:
- SGI, IRIX
- X.Org, X11
Remedy:
Users of X11 from the X Consortium should apply, at least, up to patch #13 and preferably upgrade to X11R6.1 as listed in CIAC Information Bulletin G-04. See References.
— AND —
XFree86 users should upgrade to the latest version of XFree86 (3.1.2 or later), as listed in CIAC Information Bulletin G-04. See References.
Consequences:
Gain Access
References:
- CIAC Information Bulletin G-04, X Authentication Vulnerability at http://ciac.llnl.gov/ciac/bulletins/g-04.shtml.
- SGI Security Advisory 19960601-01-I, X Authentication Vulnerability at ftp://patches.sgi.com/support/free/security/advisories/19960601-01-I.
- CVE-1999-0241: Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
- US-CERT VU#12212: Weaknesses in MIT magic cookie and XDM X Windows authorization
Reported:
Nov 02, 1995
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net