Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
- https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
- https://github.com/Fela-420/LINUX-FUNDAMENTALS
- https://github.com/nediazla/LinuxFundamentals