Mandrake Linux Security Advisory : gdm (MDKSA-2001:070)
Critical Nessus Plugin ID 13885
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA buffer overrun exists in the XDMCP handling code used in gdm. By sending a properly crafted XDMCP message, it is possible for a remote attacker to execute arbitrary commands as root on the susceptible machine. By default, XDMCP is disabled in gdm.conf on Mandrake Linux.
SolutionUpdate the affected gdm package.