iCal 2.1 Patch 2 GUI Installation Vulnerability: Remote Privilege Escalation via X Server Access Control Bypass

iCal 2.1 Patch 2 GUI Installation Vulnerability: Remote Privilege Escalation via X Server Access Control Bypass

CVE-2000-1071 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.

Learn more about our Cis Benchmark Audit For Server Software.