Red Hat Bugzilla – Bug 124900
CAN-2004-0419 xdm opens random tcp sockets
Last modified: 2007-11-30 17:10:43 EST
See URL; "Even when DisplayManager.requestPort is set to 0, xdm will
open a chooserFd tcp socket on all interfaces. This apparently cannot
be disabled by configuration and presents a possible security risk."
Note that this issue does not affect upstream XFree86 4.3.0 but
affects the versions shipped with Fedora Core 1 and 2 which contained
a backported patch that contains the flaw.
CAN-2004-0419 Affects: FC1
CAN-2004-0419 Affects: FC2
This issue is minor severity as xdm is not used by default.
This can be closed once erratum is released.