CVE-2017-12164
https://notcve.org/view.php?id=CVE-2017-12164
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen. Se ha descubierto una vulnerabilidad en gdm 3.24.1, en donde gdm greeter no establecía el valor booleano ran_once durante el inicio automático de sesión. Si el inicio de sesión automático estaba habilitado para una víctima, un atacante podría simplemente seleccionar "login as another user" para desbloquear su pantalla. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12164 https://gitlab.gnome.org/GNOME/gdm/commit/ff98b28 • CWE-592: DEPRECATED: Authentication Bypass Issues CWE-665: Improper Initialization •
CVE-2015-7496 – gdm: Crash when holding Escape in log screen
https://notcve.org/view.php?id=CVE-2015-7496
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. GNOME Display Manager (gdm) en versiones anteriores a 3.18.2 permite a atacantes físicamente próximos eludir la pantalla de bloqueo manteniendo pulsada la tecla Escape. It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172328.html http://www.openwall.com/lists/oss-security/2015/11/17/10 http://www.openwall.com/lists/oss-security/2015/11/17/8 https://access.redhat.com/errata/RHSA-2017:2128 https://bugzilla.gnome.org/show_bug.cgi?id=758032 https://download.gnome.org/sources/gdm/3.18/gdm-3.18.2.news https://access.redhat.com/security/cve/CVE-2015-7496 https://bugzilla.redhat.com/show_bug.cgi?id=1283279 • CWE-264: Permissions, Privileges, and Access Controls CWE-364: Signal Handler Race Condition •
CVE-2013-7273
https://notcve.org/view.php?id=CVE-2013-7273
GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name. GNOME Display Manager (gdm) 3.4.1 y anteriores, cuando "disable-user-list" está configurado como "true", permite a usuarios locales causar una denegación de servicio (incapacidad de iniciar sesión) al pulsar el botón Cancel después de escribir un nombre de usuario. • http://www.openwall.com/lists/oss-security/2014/01/07/10 http://www.openwall.com/lists/oss-security/2014/01/07/16 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338 https://bugzilla.gnome.org/show_bug.cgi?id=704284 https://bugzilla.redhat.com/show_bug.cgi?id=1050745 •
CVE-2013-4169 – gdm: TOCTTOU race condition on /tmp/.X11-unix
https://notcve.org/view.php?id=CVE-2013-4169
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. GNOME Display Manager (gdm) anteriores a 2.21.1 permiten a usuarios locales cambiar permisos de directorios arbitrarios a través de un ataque de enlaces simbólicos sobre /tmp/.X11-unix/. • http://rhn.redhat.com/errata/RHSA-2013-1213.html http://secunia.com/advisories/54661 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=988498 https://access.redhat.com/security/cve/CVE-2013-4169 https://bugzilla.redhat.com/show_bug.cgi?id=988498 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-552: Files or Directories Accessible to External Parties •
CVE-2010-2387
https://notcve.org/view.php?id=CVE-2010-2387
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs. vicious-extensions/ve-misc.c en GNOME Display Manager (GDM) v2.20.x antes de v2.20.11, cuando la depuración GDM está habilitada, registra la contraseña de usuario cuando contiene caracteres no válidos UTF8 codificados, lo que podría permitir a usuarios locales obtener privilegios mediante la lectura de la información de los registros de syslog. • https://github.com/LogSec/CVE-2010-2387 http://ftp.gnome.org/pub/GNOME/sources/gdm/2.20/gdm-2.20.11.changes http://secunia.com/advisories/40690 http://secunia.com/advisories/40780 http://www.auscert.org.au/13123 http://www.osvdb.org/66643 https://blogs.oracle.com/sunsecurity/entry/cve_2010_2387_password_disclosure https://bugzilla.gnome.org/show_bug.cgi?id=571846 https://exchange.xforce.ibmcloud.com/vulnerabilities/60642 • CWE-255: Credentials Management Errors •