Information
X Display Manager Control Protocol (XDMCP) is designed to provide authenticated access to display management services for remote displays
XDMCP is inherently insecure.
- XDMCP is not a ciphered protocol. This may allow an attacker to capture keystrokes entered by a user
- XDMCP is vulnerable to man-in-the-middle attacks. This may allow an attacker to steal the credentials of legitimate users by impersonating the XDMCP server.
Solution
Edit the file /etc/gdm/custom.conf and remove the line
Enable=true