Date: Thu, 28 Mar 2002 09:22:23 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG> To: "Karsten W. Rohrbach" <karsten@rohrbach.de> Cc: Brett Glass <brett@lariat.org>, security@FreeBSD.ORG Subject: Re: Is FreeBSD susceptible to this vulnerability? Message-ID: <20020328152223.GE1421@madman.nectar.cc> In-Reply-To: <20020328160554.B62125@mail.webmonster.de> References: <4.3.2.7.2.20020328072932.03228b20@nospam.lariat.org> <20020328160317.A62125@mail.webmonster.de> <20020328160554.B62125@mail.webmonster.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 28, 2002 at 04:05:54PM +0100, Karsten W. Rohrbach wrote: > addition: > > a short check of /usr/X11R6/lib/X11/xdm/Xaccess on 4.3-R shows, that xdm > allows xdmcp logins by default. Yes, you are right. XFree86 3.3.6 (which shipped with 4.3, 4.4, 4.5, maybe earlier) does have * #any host can get a login window * CHOOSER BROADCAST #any indirect host can get a chooser by default. Cheers, -- Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020328152223.GE1421>