 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59321 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 5 FEDORA-2006-692 (gdm) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to gdm announced via advisory FEDORA-2006-692. Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. Update Information: This update addresses a moderate security issue where the user can enter the GDM configuration GUI with a user password when the Face Browser is enabled. Refer to bugzilla.gnome.org bug #343476. This update also upgrades GDM to version 2.14.8. * Thu Jun 8 2006 Ray Strode - 1:2.14.8-1 - Update to 2.14.8 - Fixes CVE-2006-2452 (bug 343476). * Wed Jun 7 2006 Ray Strode - 1:2.14.4-1.fc5.3 - Add BuildRequires on xorg-x11-server-Xorg (bug 194295) * Tue Jun 6 2006 Matthias Clasen - 1:2.14.4-1.fc.2 - Require system-logos, not fedora-logos - Add missing BuildRequires Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2006-692 Risk factor : Medium CVSS Score: 3.7 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-2452 BugTraq ID: 18332 http://www.securityfocus.com/bid/18332 Bugtraq: 20060608 rPSA-2006-0098-1 gdm (Google Search) http://www.securityfocus.com/archive/1/436428 http://www.gentoo.org/security/en/glsa/glsa-200606-14.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:100 http://secunia.com/advisories/20532 http://secunia.com/advisories/20552 http://secunia.com/advisories/20587 http://secunia.com/advisories/20627 http://secunia.com/advisories/20636 SuSE Security Announcement: SUSE-SR:2006:013 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html https://usn.ubuntu.com/293-1/ http://www.vupen.com/english/advisories/2006/2239 XForce ISS Database: gdm-facebrowser-security-bypass(27018) https://exchange.xforce.ibmcloud.com/vulnerabilities/27018 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |