Slackware Local Security Checks : Slackware: Security Advisory (SSA:2003-300-01)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53879

Categoría: Slackware Local Security Checks

Título: Slackware: Security Advisory (SSA:2003-300-01)

Resumen: The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory.

Descripción: Summary:
The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory.

Vulnerability Insight:
GDM is the GNOME Display Manager, and is commonly used to provide
a graphical login for local users.

Upgraded gdm packages are available for Slackware 9.0, 9.1,
and -current. These fix two vulnerabilities which could allow a local
user to crash or freeze gdm, preventing access to the machine until a
reboot. Sites using gdm should upgrade, especially sites such as
computer labs that use gdm to provide public or semi-public access.

More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

[links moved to references]

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Oct 22 12:10:11 PDT 2003
patches/packages/gdm-2.4.4.5-i486-1.tgz: Upgraded to gdm-2.4.4.5. This
fixes a bug which can allow a local user to crash gdm, preventing
access until the machine is rebooted.
(* Security fix *)
+--------------------------+

Affected Software/OS:
'gdm' package(s) on Slackware 9.0, Slackware 9.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0793
BugTraq ID: 8846
http://www.securityfocus.com/bid/8846
Conectiva Linux advisory: CLA-2003:766
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000766
http://www.mandriva.com/security/advisories?name=MDKSA-2003:100
XForce ISS Database: gdm-dos(13447)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13447
Common Vulnerability Exposure (CVE) ID: CVE-2003-0794
XForce ISS Database: gdm-command-dos(13448)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13448

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53879
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2003-300-01)
Resumen:	The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gdm' package(s) announced via the SSA:2003-300-01 advisory. Vulnerability Insight: GDM is the GNOME Display Manager, and is commonly used to provide a graphical login for local users. Upgraded gdm packages are available for Slackware 9.0, 9.1, and -current. These fix two vulnerabilities which could allow a local user to crash or freeze gdm, preventing access to the machine until a reboot. Sites using gdm should upgrade, especially sites such as computer labs that use gdm to provide public or semi-public access. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Oct 22 12:10:11 PDT 2003 patches/packages/gdm-2.4.4.5-i486-1.tgz: Upgraded to gdm-2.4.4.5. This fixes a bug which can allow a local user to crash gdm, preventing access until the machine is rebooted. (* Security fix *) +--------------------------+ Affected Software/OS: 'gdm' package(s) on Slackware 9.0, Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0793 BugTraq ID: 8846 http://www.securityfocus.com/bid/8846 Conectiva Linux advisory: CLA-2003:766 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000766 http://www.mandriva.com/security/advisories?name=MDKSA-2003:100 XForce ISS Database: gdm-dos(13447) https://exchange.xforce.ibmcloud.com/vulnerabilities/13447 Common Vulnerability Exposure (CVE) ID: CVE-2003-0794 XForce ISS Database: gdm-command-dos(13448) https://exchange.xforce.ibmcloud.com/vulnerabilities/13448
Copyright	Copyright (C) 2012 Greenbone AG