Slackware Local Security Checks : Slackware: Security Advisory (SSA:2003-300-01)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.53879

Kategorie: Slackware Local Security Checks

Titel: Slackware: Security Advisory (SSA:2003-300-01)

Zusammenfassung: The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory.

Vulnerability Insight:
GDM is the GNOME Display Manager, and is commonly used to provide
a graphical login for local users.

Upgraded gdm packages are available for Slackware 9.0, 9.1,
and -current. These fix two vulnerabilities which could allow a local
user to crash or freeze gdm, preventing access to the machine until a
reboot. Sites using gdm should upgrade, especially sites such as
computer labs that use gdm to provide public or semi-public access.

More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

[links moved to references]

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Oct 22 12:10:11 PDT 2003
patches/packages/gdm-2.4.4.5-i486-1.tgz: Upgraded to gdm-2.4.4.5. This
fixes a bug which can allow a local user to crash gdm, preventing
access until the machine is rebooted.
(* Security fix *)
+--------------------------+

Affected Software/OS:
'gdm' package(s) on Slackware 9.0, Slackware 9.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2003-0793
BugTraq ID: 8846
http://www.securityfocus.com/bid/8846
Conectiva Linux advisory: CLA-2003:766
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000766
http://www.mandriva.com/security/advisories?name=MDKSA-2003:100
XForce ISS Database: gdm-dos(13447)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13447
Common Vulnerability Exposure (CVE) ID: CVE-2003-0794
XForce ISS Database: gdm-command-dos(13448)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13448

Copyright Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.53879
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2003-300-01)
Zusammenfassung:	The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory. Vulnerability Insight: GDM is the GNOME Display Manager, and is commonly used to provide a graphical login for local users. Upgraded gdm packages are available for Slackware 9.0, 9.1, and -current. These fix two vulnerabilities which could allow a local user to crash or freeze gdm, preventing access to the machine until a reboot. Sites using gdm should upgrade, especially sites such as computer labs that use gdm to provide public or semi-public access. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Oct 22 12:10:11 PDT 2003 patches/packages/gdm-2.4.4.5-i486-1.tgz: Upgraded to gdm-2.4.4.5. This fixes a bug which can allow a local user to crash gdm, preventing access until the machine is rebooted. (* Security fix *) +--------------------------+ Affected Software/OS: 'gdm' package(s) on Slackware 9.0, Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0793 BugTraq ID: 8846 http://www.securityfocus.com/bid/8846 Conectiva Linux advisory: CLA-2003:766 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000766 http://www.mandriva.com/security/advisories?name=MDKSA-2003:100 XForce ISS Database: gdm-dos(13447) https://exchange.xforce.ibmcloud.com/vulnerabilities/13447 Common Vulnerability Exposure (CVE) ID: CVE-2003-0794 XForce ISS Database: gdm-command-dos(13448) https://exchange.xforce.ibmcloud.com/vulnerabilities/13448
Copyright	Copyright (C) 2012 Greenbone AG