Linux X Windows flaw lets intruders in

Printable View

March 31st, 2002, 05:03 AM
gstudios

Linux X Windows flaw lets intruders in

Perhaps more of the 'experienced' linux users, already know about this, but figured to post it, to help those who hadn't disabled it, or knew about it.

From:
ExtremeTech

Linux X Windows flaw lets intruders in

Many distributions of Linux (and some other UNIX-like operating system distributions) appear to be misconfigured, by default, to allow root logins from across the network. The flaw, which was fixed by Caldera in its own software in 1999 but was recently discovered to be widespread, is in the configuration of X Windows; it allows anyone to obtain a remote console and mount a password guessing attack.

According to the advisory at the second link below, Mandrake Linux 8.0, SuSe Linux 7.2, and Irix 6.2 are affected. Solaris is partially vulnerable; it allows access but will not allow direct root logins. Red Hat 7.2 and Caldera are not vulnerable. Other UNIX-like operating system distributions may or may not be vulnerable.

Claims that this is a "Back Orifice for UNIX" are overblown, but it's still a good idea to disable remote X Windows logins from across the Internet. (The advisory at the second link below describes how to do this.) Secure Shell (SSH), which provides encryption and better authentication, can still be used if you must run X Windows sessions from afar.
March 31st, 2002, 05:08 AM
cwk9

Thanks for the info this is news to me.
April 2nd, 2002, 07:23 PM
linuxcomando

Thats why you use at least 15 alpha numeric passwd cobos ;)
You don't even know how many peoples linux boxes who have passwords like friggin redhat or drowssap
and there in shock when it takes 10 minutes to rip a dictionary password. Passwords should not be your first defense but they are your last defense. USE STRONG PASSWORDS q0d(#kdLYG&_<>. is a good password. not billybob or bobbilly.
If you use crappy passwords then your in trouble when it comes to the kind of attack like gstudios says
April 2nd, 2002, 07:26 PM
Mucolaca

thanks for the info
April 2nd, 2002, 07:50 PM
souleman

Like you said, Caldera fixed the flaw in 99. You will also notice that Irix is in the list of affected systems. Irix (for those who don't know) is SGI's version of Unix. It is, out of the box, one of the most secure versions of unix available, but it only runs an SGI hardware, so unless you are loaded...... Anyway, this has been a common and well known problem since x-windows begain. We used to play with it back in 95 on our school network, just because we could. There isn't much need for a remote x-windows session any more anyway, so I would disable it unless it is absoutely necessary (which isn't very likely).