|
Test Kennung: | 1.3.6.1.4.1.25623.1.0.58242 |
Kategorie: | Red Hat Local Security Checks |
Titel: | RedHat Security Advisory RHSA-2007:0286 |
Zusammenfassung: | Redhat Security Advisory RHSA-2007:0286 |
Beschreibung: | Description: The remote host is missing updates announced in advisory RHSA-2007:0286. Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. Marcus Meissner discovered a race condition issue in the way Gdm modifies the permissions on the .ICEauthority file. A local attacker could exploit this flaw to gain privileges. Due to the nature of the flaw, however, a successful exploitation was unlikely. (CVE-2006-1057) This erratum also includes a bug fix to correct the pam configuration for the audit system. All users of gdm should upgrade to this updated package, which contains backported patches to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0286.html http://www.redhat.com/security/updates/classification/#low Risk factor : Medium CVSS Score: 3.7 |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-1057 Debian Security Information: DSA-1040 (Google Search) http://www.debian.org/security/2006/dsa-1040 https://www.redhat.com/archives/fedora-announce-list/2006-April/msg00160.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:083 http://www.redhat.com/support/errata/RHSA-2007-0286.html http://www.ubuntulinux.org/support/documentation/usn/usn-278-1 BugTraq ID: 17635 http://www.securityfocus.com/bid/17635 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10092 http://www.vupen.com/english/advisories/2006/1465 XForce ISS Database: gdm-slavec-symlink(26092) https://exchange.xforce.ibmcloud.com/vulnerabilities/26092 |
Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 58962 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |
|