Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MIT Magic cookie vulnerability automated checking?

From: Anders Thulin <Anders.Thulin () kiconsulting se>
Date: Thu, 01 Nov 2001 12:30:42 +0100
"Graham, Randy (RAW)" wrote:


not.  The latest one we are dealing with is the X MIT-Magic-cookie problem
(CIAC published the information on this on November 20, 1995, so it is an
old one).  Any system using xauth for authentication shows this as a
potential vulnerability, and ISS says to check we have to look for various
patches by vendor, or certain releases of X.


  The CIAC advisory is G-04, and it suggests that XDM is an important
component here as well.


we have to go ahead and check every one of these systems.  CIAC says there
are tools for exploiting this, but I can't find one anywhere on
SecurityFocus, PacketStorm, or through google searches.  


  ftp://ftp.technotronic.com/unix/xwin-exploits

may be a place to look. In particular, see the xcookie.txt
file, which seems to contain a discussion of the problem and
how to exploit it, with code.

-- 
Anders Thulin     Anders.Thulin () kiconsulting se       040-661 50 63
Ki Consulting & Solutions AB, Carlsgatan 6, SE-201 20 Malmö, Sweden

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: