|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2007:0286|
The remote host is missing updates announced in
Gdm (the GNOME Display Manager) is a highly configurable reimplementation
of xdm, the X Display Manager. Gdm allows you to log into your system with
the X Window System running and supports running several different X
sessions on your local machine at the same time.
Marcus Meissner discovered a race condition issue in the way Gdm modifies
the permissions on the .ICEauthority file. A local attacker could exploit
this flaw to gain privileges. Due to the nature of the flaw, however, a
successful exploitation was unlikely. (CVE-2006-1057)
This erratum also includes a bug fix to correct the pam configuration for
the audit system.
All users of gdm should upgrade to this updated package, which contains
backported patches to resolve these issues.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Risk factor : Medium
Common Vulnerability Exposure (CVE) ID: CVE-2006-1057|
BugTraq ID: 17635
Debian Security Information: DSA-1040 (Google Search)
XForce ISS Database: gdm-slavec-symlink(26092)
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.