Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2002-1160

Disclosure Date: February 19, 2003
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user’s credentials after root uses su.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

Technical Analysis