CVE-2017-2625 - It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. O

CVE-2017-2625

Summary

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.

References

Vulnerable Configurations

cpe:2.3:a:x.org:libxdmcp:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxdmcp:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxdmcp:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxdmcp:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 12-02-2023 - 23:29)
Impact:
Exploitability:

CWE

CWE-331

CAPEC

Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

rhsa

id	RHSA-2017:1865

rpms

drm-utils-0:2.4.74-1.el7
libICE-0:1.0.9-9.el7
libICE-debuginfo-0:1.0.9-9.el7
libICE-devel-0:1.0.9-9.el7
libX11-0:1.6.5-1.el7
libX11-common-0:1.6.5-1.el7
libX11-debuginfo-0:1.6.5-1.el7
libX11-devel-0:1.6.5-1.el7
libXaw-0:1.0.13-4.el7
libXaw-debuginfo-0:1.0.13-4.el7
libXaw-devel-0:1.0.13-4.el7
libXcursor-0:1.1.14-8.el7
libXcursor-debuginfo-0:1.1.14-8.el7
libXcursor-devel-0:1.1.14-8.el7
libXdmcp-0:1.1.2-6.el7
libXdmcp-debuginfo-0:1.1.2-6.el7
libXdmcp-devel-0:1.1.2-6.el7
libXfixes-0:5.0.3-1.el7
libXfixes-debuginfo-0:5.0.3-1.el7
libXfixes-devel-0:5.0.3-1.el7
libXfont-0:1.5.2-1.el7
libXfont-debuginfo-0:1.5.2-1.el7
libXfont-devel-0:1.5.2-1.el7
libXfont2-0:2.0.1-2.el7
libXfont2-debuginfo-0:2.0.1-2.el7
libXfont2-devel-0:2.0.1-2.el7
libXi-0:1.7.9-1.el7
libXi-debuginfo-0:1.7.9-1.el7
libXi-devel-0:1.7.9-1.el7
libXpm-0:3.5.12-1.el7
libXpm-debuginfo-0:3.5.12-1.el7
libXpm-devel-0:3.5.12-1.el7
libXrandr-0:1.5.1-2.el7
libXrandr-debuginfo-0:1.5.1-2.el7
libXrandr-devel-0:1.5.1-2.el7
libXrender-0:0.9.10-1.el7
libXrender-debuginfo-0:0.9.10-1.el7
libXrender-devel-0:0.9.10-1.el7
libXt-0:1.1.5-3.el7
libXt-debuginfo-0:1.1.5-3.el7
libXt-devel-0:1.1.5-3.el7
libXtst-0:1.2.3-1.el7
libXtst-debuginfo-0:1.2.3-1.el7
libXtst-devel-0:1.2.3-1.el7
libXv-0:1.0.11-1.el7
libXv-debuginfo-0:1.0.11-1.el7
libXv-devel-0:1.0.11-1.el7
libXvMC-0:1.0.10-1.el7
libXvMC-debuginfo-0:1.0.10-1.el7
libXvMC-devel-0:1.0.10-1.el7
libXxf86vm-0:1.1.4-1.el7
libXxf86vm-debuginfo-0:1.1.4-1.el7
libXxf86vm-devel-0:1.1.4-1.el7
libdrm-0:2.4.74-1.el7
libdrm-debuginfo-0:2.4.74-1.el7
libdrm-devel-0:2.4.74-1.el7
libepoxy-0:1.3.1-1.el7
libepoxy-debuginfo-0:1.3.1-1.el7
libepoxy-devel-0:1.3.1-1.el7
libevdev-0:1.5.6-1.el7
libevdev-debuginfo-0:1.5.6-1.el7
libevdev-devel-0:1.5.6-1.el7
libevdev-utils-0:1.5.6-1.el7
libfontenc-0:1.1.3-3.el7
libfontenc-debuginfo-0:1.1.3-3.el7
libfontenc-devel-0:1.1.3-3.el7
libinput-0:1.6.3-2.el7
libinput-debuginfo-0:1.6.3-2.el7
libinput-devel-0:1.6.3-2.el7
libvdpau-0:1.1.1-3.el7
libvdpau-debuginfo-0:1.1.1-3.el7
libvdpau-devel-0:1.1.1-3.el7
libvdpau-docs-0:1.1.1-3.el7
libwacom-0:0.24-1.el7
libwacom-data-0:0.24-1.el7
libwacom-debuginfo-0:0.24-1.el7
libwacom-devel-0:0.24-1.el7
libxcb-0:1.12-1.el7
libxcb-debuginfo-0:1.12-1.el7
libxcb-devel-0:1.12-1.el7
libxcb-doc-0:1.12-1.el7
libxkbcommon-0:0.7.1-1.el7
libxkbcommon-debuginfo-0:0.7.1-1.el7
libxkbcommon-devel-0:0.7.1-1.el7
libxkbcommon-x11-0:0.7.1-1.el7
libxkbcommon-x11-devel-0:0.7.1-1.el7
libxkbfile-0:1.0.9-3.el7
libxkbfile-debuginfo-0:1.0.9-3.el7
libxkbfile-devel-0:1.0.9-3.el7
mesa-debuginfo-0:17.0.1-6.20170307.el7
mesa-dri-drivers-0:17.0.1-6.20170307.el7
mesa-filesystem-0:17.0.1-6.20170307.el7
mesa-libEGL-0:17.0.1-6.20170307.el7
mesa-libEGL-devel-0:17.0.1-6.20170307.el7
mesa-libGL-0:17.0.1-6.20170307.el7
mesa-libGL-devel-0:17.0.1-6.20170307.el7
mesa-libGLES-0:17.0.1-6.20170307.el7
mesa-libGLES-devel-0:17.0.1-6.20170307.el7
mesa-libOSMesa-0:17.0.1-6.20170307.el7
mesa-libOSMesa-devel-0:17.0.1-6.20170307.el7
mesa-libgbm-0:17.0.1-6.20170307.el7
mesa-libgbm-devel-0:17.0.1-6.20170307.el7
mesa-libglapi-0:17.0.1-6.20170307.el7
mesa-libxatracker-0:17.0.1-6.20170307.el7
mesa-libxatracker-devel-0:17.0.1-6.20170307.el7
mesa-private-llvm-0:3.9.1-3.el7
mesa-private-llvm-debuginfo-0:3.9.1-3.el7
mesa-private-llvm-devel-0:3.9.1-3.el7
mesa-vulkan-drivers-0:17.0.1-6.20170307.el7
vulkan-0:1.0.39.1-2.el7
vulkan-debuginfo-0:1.0.39.1-2.el7
vulkan-devel-0:1.0.39.1-2.el7
vulkan-filesystem-0:1.0.39.1-2.el7
xcb-proto-0:1.12-2.el7
xkeyboard-config-0:2.20-1.el7
xkeyboard-config-devel-0:2.20-1.el7
xorg-x11-proto-devel-0:7.7-20.el7

refmap via4

bid	96480
confirm	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625 https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f
gentoo	GLSA-201704-03
misc	https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
mlist	[debian-lts-announce] 20191125 [SECURITY] [DLA 2006-1] libxdmcp security update
sectrack	1037919

Last major update

12-02-2023 - 23:29

Published

27-07-2018 - 18:29

Last modified

12-02-2023 - 23:29