CVE-2000-0668

pam_console - Unauthenticated System Reboot via XDMCP Display Manager

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0668. PoCs published by bkw1a.

AI-analyzed exploit summary The vulnerability in the Linux pam_console module allows remote attackers to reboot or perform console-limited actions via Xnest when XDMCP is enabled. It exploits improper console recognition for display :1.

Description

pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

Exploits (1)

exploitdb WRITEUP VERIFIED
by bkw1a · textremotelinux
https://www.exploit-db.com/exploits/20105

The vulnerability in the Linux pam_console module allows remote attackers to reboot or perform console-limited actions via Xnest when XDMCP is enabled. It exploits improper console recognition for display :1.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Linux pam_console module (with XDMCP-enabled display managers like gdm/kdm)
Auth required
Prerequisites: XDMCP enabled on target · Access to a remote login session (SSH or X broadcast) · Display manager (gdm/kdm) running
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5001
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1513
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-044.html

Scores

EPSS 0.0724
EPSS Percentile 93.6%

Details

Status published
Products (11)
conectiva/linux 4.0
conectiva/linux 4.0es
conectiva/linux 4.1
conectiva/linux 4.2
conectiva/linux 5.0
conectiva/linux 5.1
michael_k._johnson/pam_console 0.66
michael_k._johnson/pam_console 0.72_unpatched
redhat/linux 6.0 (3 CPE variants)
redhat/linux 6.1 (3 CPE variants)
... and 1 more
Published Jul 27, 2000
Tracked Since Feb 18, 2026