XDMCP service running

Description

An X Display Manager Control Protocol (XDMCP) service is running on this host. XDMCP allows the starting of a session on an X server from the same or another computer. A display manager presents the user with a login screen which prompts for a username and password. A session starts when the user successfully enters a valid combination of username and password. An attacker may also use this service to mount a dictionary attack against the remote host to try to log in remotely. Also, all information, including passwords, is transmitted unencrypted (making it vulnerable to interception).

ShareShare on FacebookTweet about this on TwitterShare on Google+

Impact
Possible information disclosure.

Recommendation
If you are not using this service, it is recommended to disable it.

References
X display manager