CVE-2003-0548

GDM < 2.4.1.6 - Denial of Service via XDMCP Chosen Host Expiration

Title source: llm

Description

The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.

References (5)

Core 5

Core References

Vendor Advisory vendor-advisory x_refsource_conectiva

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2003-258.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A113

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2003-259.html

Various Sources x_refsource_confirm

http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html

Scores

EPSS 0.0060

EPSS Percentile 69.8%

Details

Status published

Products (15)

gnome/gdm 2.2.0

gnome/gdm 2.4.1

gnome/gdm 2.4.1.1

gnome/gdm 2.4.1.2

gnome/gdm 2.4.1.3

gnome/gdm 2.4.1.4

gnome/gdm 2.4.1.5

gnome/gdm 2.4.1.6

redhat/enterprise_linux 2.1 (6 CPE variants)

redhat/kdebase 2.0_beta2.45 (2 CPE variants)

... and 5 more

Published Aug 27, 2003

Tracked Since Feb 18, 2026