Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by attempting to log into an account whose password field contains invalid characters, as demonstrated using the crypt function from glibc 2.17 and later with (1) the "!" character in the salt portion of a password field or (2) a password that has been encrypted using DES or MD5 in FIPS-140 mode.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
X.Org XDM 加密问题漏洞
Vulnerability Description
X.org XDM是X.Org基金会的一套X.Org X显示管理器。该管理器为用户提供一个登录界面并提示输入用户和密码。 X.Org XDM 1.1.10和1.1.11版本中存在加密问题漏洞,当程序使用‘crypt API’函数实现身份验证操作时返回NULL。远程攻击者可借助带有无效字符密码字段的用户账户利用该漏洞造成拒绝服务(空指针逆向引用和程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A