← CVECheck
HomeVulnerabilities

CVE-2000-1059 — HIGH severity vulnerability (The default configuration of the Xsession file in Mandrake L)

The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.

CVE IDCVE-2000-1059
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2000-12-11
Last modified2026-04-16
DescriptionThe default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →