Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0286

Preis/Funktionszusammenfassung | Bestellen | Neue Anfälligkeiten | Vertraulichkeit | Anfälligkeiten Suche

Anfälligkeitssuche		Suche in 61204 CVE Beschreibungen und 32582 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.58242

Kategorie: Red Hat Local Security Checks

Titel: RedHat Security Advisory RHSA-2007:0286

Zusammenfassung: Redhat Security Advisory RHSA-2007:0286

Beschreibung:
The remote host is missing updates announced in
advisory RHSA-2007:0286.

Gdm (the GNOME Display Manager) is a highly configurable reimplementation
of xdm, the X Display Manager. Gdm allows you to log into your system with
the X Window System running and supports running several different X
sessions on your local machine at the same time.

Marcus Meissner discovered a race condition issue in the way Gdm modifies
the permissions on the .ICEauthority file. A local attacker could exploit
this flaw to gain privileges. Due to the nature of the flaw, however, a
successful exploitation was unlikely. (CVE-2006-1057)

This erratum also includes a bug fix to correct the pam configuration for
the audit system.

All users of gdm should upgrade to this updated package, which contains
backported patches to resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0286.html
http://www.redhat.com/security/updates/classification/#low

Risk factor : Medium

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-1057
Debian Security Information: DSA-1040 (Google Search)
http://www.debian.org/security/2006/dsa-1040
https://www.redhat.com/archives/fedora-announce-list/2006-April/msg00160.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:083
http://www.redhat.com/support/errata/RHSA-2007-0286.html
http://www.ubuntulinux.org/support/documentation/usn/usn-278-1
BugTraq ID: 17635
http://www.securityfocus.com/bid/17635
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10092
http://www.vupen.com/english/advisories/2006/1465
XForce ISS Database: gdm-slavec-symlink(26092)
http://xforce.iss.net/xforce/xfdb/26092

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 32582 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:

Benutzerkennung:

Passwort:

Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.

Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.

Datenschutz

Anmeldung für registrierte Benutzer

Benutzerkennung:

Passwort:

Benutzerkennung oder Passwort vergessen?

Email/Benutzerkennung:

Test Kennung:	1.3.6.1.4.1.25623.1.0.58242
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2007:0286
Zusammenfassung:	Redhat Security Advisory RHSA-2007:0286
Beschreibung:	The remote host is missing updates announced in advisory RHSA-2007:0286. Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. Marcus Meissner discovered a race condition issue in the way Gdm modifies the permissions on the .ICEauthority file. A local attacker could exploit this flaw to gain privileges. Due to the nature of the flaw, however, a successful exploitation was unlikely. (CVE-2006-1057) This erratum also includes a bug fix to correct the pam configuration for the audit system. All users of gdm should upgrade to this updated package, which contains backported patches to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0286.html http://www.redhat.com/security/updates/classification/#low Risk factor : Medium
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1057 Debian Security Information: DSA-1040 (Google Search) http://www.debian.org/security/2006/dsa-1040 https://www.redhat.com/archives/fedora-announce-list/2006-April/msg00160.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:083 http://www.redhat.com/support/errata/RHSA-2007-0286.html http://www.ubuntulinux.org/support/documentation/usn/usn-278-1 BugTraq ID: 17635 http://www.securityfocus.com/bid/17635 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10092 http://www.vupen.com/english/advisories/2006/1465 XForce ISS Database: gdm-slavec-symlink(26092) http://xforce.iss.net/xforce/xfdb/26092
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com