Mandrake Linux Security Advisory : XFree86 (MDKSA-2004:073)
High Nessus Plugin ID 14171
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionSteve Rumble discovered XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
The updated packages are patched to correct the problem.
SolutionUpdate the affected packages.