|
Vulnerability X window utils Affected X window utils Description Brian Shuhart found following. During the 1999 year, he has witnessed a dramatic increase in the use of X Window utilities (Hummingbird Exceed, PC XWare, and XVision) for UNIX Admins to access their systems from an NT platform. Problem is, everyone of these packages installs exporting the NT X sessions to the world by default. Although Brian has not been able to get copies of the window images with an exploit, he has been able to capture user keystrokes. He has put an white paper describing the problem on a friends web page (www.ducktank.net/tips) that details how to determine if your system is vulnerable and fix information for Exceed. In this instance, the vulnerability is on the NT system and not the UNIX system. It is knowm that Hummingbird Exceed V6 installs vulnerable, but the other products were old installs and Brian did not get the version numbers. Solution Nothing yet.