[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2011:0395-01 -- Redhat gdm

ID: oval:org.secpod.oval:def:500088Date: (C)2012-01-31   (M)2021-06-02
Class: PATCHFamily: unix




The GNOME Display Manager provides the graphical login screen, shown shortly after boot up, log out, and when user-switching. A race condition flaw was found in the way GDM handled the cache directories used to store users" dmrc and face icon files. A local attacker could use this flaw to trick GDM into changing the ownership of an arbitrary file via a symbolic link attack, allowing them to escalate their privileges. Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for reporting this issue. All users should upgrade to these updated packages, which contain a backported patch to correct this issue. GDM must be restarted for this update to take effect. Rebooting achieves this, but changing the runlevel from 5 to 3 and back to 5 also restarts GDM.

Platform:
Red Hat Enterprise Linux 6
Product:
gdm
Reference:
RHSA-2011:0395-01
CVE-2011-0727
CVE    1
CVE-2011-0727
CPE    2
cpe:/o:redhat:enterprise_linux:6
cpe:/a:gdm:gdm

© SecPod Technologies