HighCheck or Attack Name: Xguesscookie
A vulnerability exists in some implementations of X11 that rely on MIT-MAGIC-COOKIE-1 for security, allowing a remote attacker access to arbitrary X sessions. The vulnerability affects sites using xdm for generating keys when xdm has not been compiled to use XDM-AUTHORIZATION-1. The keys produced by xdm will be cryptographically insecure and easily guessable by an attacker.
Users of X11 from the X Consortium should apply, at least, up to patch #13 and preferably upgrade to X11R6.1. XFree86 users should upgrade to, at least, 3.1.2 with applicable patches and preferably upgrade to the latest release available.
CERT Vendor-Initiated Bulletin VB-95:08, X Authentication Vulnerability, http://www.cert.org/ftp/cert_bulletins/VB-95%3a08.X_Authentication_Vul
Silicon Graphics Inc. Security Advisory 19960601-01-I, X Authentication Vulnerability, ftp://sgigate.sgi.com/security/19960601-01-I
CIAC Information Bulletin G-04, G-04: X Authentication Vulnerability, http://ciac.llnl.gov/ciac/bulletins/g-04.shtml
