Red Hat Bugzilla – Bug 124901
CAN-2004-0419 xdm opens random tcp sockets
Last modified: 2007-11-30 17:07:02 EST
See URL; "Even when DisplayManager.requestPort is set to 0, xdm will
open a chooserFd tcp socket on all interfaces. This apparently cannot
be disabled by configuration and presents a possible security risk."
Note that this issue does not affect upstream XFree86 4.3.0 but
affects the versions shipped with Red Hat Enterprise Linux 3 which
contained a backported patch that contains the flaw.
CAN-2004-0419 Affects: 3AS 3WS 3ES 3Desktop
This issue is minor severity as xdm is not used by default.
Is there a patch for this?
There is a patch at the URL in this bug entry.
An errata has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.