Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13057
HistoryJun 09, 2006 - 12:00 a.m.

rPSA-2006-0098-1 gdm

2006-06-0900:00:00
vulners.com
8
JSON

rPath Security Advisory: 2006-0098-1
Published: 2006-06-08
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Local System User Deterministic Privilege Escalation
Updated Versions:
gdm=/conary.rpath.com@rpl:devel//1/2.8.0.8-0.1-1

References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452
http://issues.rpath.com/browse/RPL-419

Description:
In previous versions of gdm, if the "face browser" feature is enabled
(it is disabled by default), any user can access the gdm configuration
screen with their own password instead of being required to provide the
root password. This is known to enable subverting other user accounts,
and may also enable subverting other system accounts, possibly including
the root account. Disabling the "face browser" feature is an effective
work-around for this vulnerability, but rPath recommends updating gdm
to resolve it.

Related

nessus 5
openvas 1
ubuntucve 1
prion 1
gentoo 1
cve 1
ubuntu 1
nessus
nessus
Mandrake Linux Security Advisory : gdm (MDKSA-2006:100)
2006-06-16 00:00:00
openSUSE 10 Security Update : gdm (gdm-1582)
2007-10-17 00:00:00
GLSA-200606-14 : GDM: Privilege escalation
2006-06-16 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200606-14 (gdm)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2006-2452
2006-06-09 00:00:00
prion
prion
Design/Logic Flaw
2006-06-09 10:02:00
gentoo
gentoo
GDM: Privilege escalation
2006-06-12 00:00:00
cve
cve
CVE-2006-2452
2006-06-09 10:02:00
ubuntu
ubuntu
gdm vulnerability
2006-06-09 00:00:00
JSON
Related for SECURITYVULNS:DOC:13057
nessus5openvas1ubuntucve1prion1gentoo1cve1ubuntu1