CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 3CVE-2020-16125 – gdm3 would start gnome-initial-setup if it cannot contact accountservice
https://notcve.org/view.php?id=CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account. gdm3 versiones anteriores a 3.36.2 o 3.38.2, comenzaría la configuración inicial de gnom si gdm3 no puede ponerse en contacto con el servicio de cuentas por medio de dbus de manera oportuna; en Ubuntu (y potencialmente en sus derivados) esto podría enlazarse con un problema adicional que podría permitir a un usuario local crear una nueva cuenta privilegiada A vulnerability was found in GDM. If gdm can't contact the AccountService service via DBus in a timely manner it would default to assume there are no existing users and would allow the attacker to create a new user with high privileges. • https://github.com/za970120604/CVE-2020-16125-Reproduction https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314 https://gitlab.gnome.org/GNOME/gdm/-/issues/642 https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon https://access.redhat.com/security/cve/CVE-2020-16125 https://bugzilla.redhat.com/show_bug.cgi?id=1901994 • CWE-636: Not Failing Securely ('Failing Open') CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 1CVE-2020-24661
https://notcve.org/view.php?id=CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail. GNOME Geary versiones anteriores a 3.36.3, maneja inapropiadamente la verificación del certificado TLS anclado para servicios IMAP y SMTP usando certificados TLS no válidos (por ejemplo, certificados autofirmados) cuando el sistema cliente no está configurado para usar una tienda PKCS#11 proporcionada por el sistema. Esto permite a un atacante de tipo meddler in the middle presentar un certificado no válido diferente para interceptar el correo entrante y saliente • https://gitlab.gnome.org/GNOME/geary/-/issues/866 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G7OTYTGND6EFOKNQJWCHKKXKSN7SM73Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS6CSTOBVO5HSAR3X5CT6DS6QDHXDB26 https://tools.cisco.com/security/center/content/CiscoSeg/message/NS6CSTOBVO5HSAR3X5CT6DS6QDHXDB26 • CWE-295: Improper Certificate Validation •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1CVE-2020-17489 – gnome-shell: Password from logged-out user may be shown on login screen
https://notcve.org/view.php?id=CVE-2020-17489
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.) Se detectó un problema en determinadas configuraciones de GNOME gnome-shell versiones hasta 3.36.4. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00028.html https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2997 https://lists.debian.org/debian-lts-announce/2020/09/msg00014.html https://security.gentoo.org/glsa/202009-08 https://usn.ubuntu.com/4464-1 https://access.redhat.com/security/cve/CVE-2020-17489 https://bugzilla.redhat.com/show_bug.cgi?id=1868418 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 1CVE-2020-16117 – evolution-data-server: NULL pointer dereference related to imapx_free_capability and imapx_connect_to_server
https://notcve.org/view.php?id=CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server. En GNOME evolution-data-server versiones anteriores a 3.35.91, un servidor malicioso puede bloquear el cliente de correo con una desreferencia del puntero NULL mediante el envío de una línea CAPABILITY no válida (por ejemplo, mínima) en un intento de conexión. Esto está relacionado con las funciones imapx_free_capability e imapx_connect_to_server A NULL pointer dereference flaw was found in the GNOME evolution-data-server when a mail client parses invalid messages from a malicious server. This flaw allows an attacker who controls a mail server the ability to crash the mail clients. • https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/2cc39592b532cf0dc994fd3694b8e6bf924c9ab5 https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/627c3cdbfd077e59aa288c85ff8272950577f1d7 https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/189 https://lists.debian.org/debian-lts-announce/2020/08/msg00005.html https://access.redhat.com/security/cve/CVE-2020-16117 https://bugzilla.redhat.com/show_bug.cgi?id=1862125 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-16118
https://notcve.org/view.php?id=CVE-2020-16118
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c. En GNOME Balsa versiones anteriores a 2.6.0, un operador de servidor malicioso o un man in the middle puede desencadenar una desreferencia del puntero NULL y un bloqueo del cliente mediante el envío de una respuesta PREAUTH hacia la función imap_mbox_connect en la biblioteca libbalsa/imap/imap-handle.c • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00045.html https://gitlab.gnome.org/GNOME/balsa/-/commit/4e245d758e1c826a01080d40c22ca8706f0339e5 https://gitlab.gnome.org/GNOME/balsa/-/issues/23 • CWE-476: NULL Pointer Dereference •