CVE-2011-1709
https://notcve.org/view.php?id=CVE-2011-1709
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type. GNOME Display Manager (GDM) antes de v2.32.2, cuando se utiliza glib v2.28, permite la ejecución de un navegador web con el uid de la cuenta de gdm, que permite a usuarios locales conseguir privilegios a través de vectores implican el tipo MIME x-scheme-handler/http. • http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.2.news http://git.gnome.org/browse/gdm/commit/?id=d13dd72531599ab7e4c747db3b58a8c17753e08d http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061264.html http://secunia.com/advisories/44797 http://secunia.com/advisories/44808 http://www.securityfocus.com/bid/48084 http://www.ubuntu.com/usn/USN-1142-1 https://bugzilla.redhat.com/show_bug.cgi?id=709139 https://hermes.opensuse.org/messages/8643655 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-0727 – gdm: privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2011-0727
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/. GNOME Display Manager (GDM) v2.x anterior a v2.32.1 permite a usuarios locales cambiar el propietario de archivos arbitrarios mediante un ataque de enlace simbólico en un (1) DMRC o (2) fichero de icono en /var/cache/gdm/. • http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.1.news http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057333.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057931.html http://mail.gnome.org/archives/gdm-list/2011-March/msg00020.html http://secunia.com/advisories/43714 http://secunia.com/advisories/43854 http://secunia.com/advisories/44021 http://securitytracker.com/id?1025264 http://www.debian.org/security/2011/dsa-2205& • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2007-3381 – Gdm denial of service
https://notcve.org/view.php?id=CVE-2007-3381
The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of service (persistent daemon crash) via a crafted command to the daemon's socket, related to (1) gdm.c and (2) gdmconfig.c in daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/. El demonio GDM en GNOME Display Mangager (GDM) anterior a 2.14.13, 2.16.x anterior a 2.16.7, 2.18.x anterior a 2.18.4, y 2.19.x anterir a 2.19.5 no maneja adecuadamente valores de retorno nulos (NULL) de la función g_strsplit, lo cual permite a usuarios locales provocar una denegación de servicio (caída persistente del demonio) mediante un comando manipulado hacia el socket del demonio, relacionado con (1) gdm.c y (2) gdmconfig.c en daemon/, y (3) gdmconfig.c y (4) gdmflexiserver.c en gui/. • http://ftp.gnome.org/pub/GNOME/sources/gdm/2.14/gdm-2.14.13.news http://ftp.gnome.org/pub/GNOME/sources/gdm/2.16/gdm-2.16.7.changes http://ftp.gnome.org/pub/GNOME/sources/gdm/2.18/gdm-2.18.4.news http://ftp.gnome.org/pub/GNOME/sources/gdm/2.19/gdm-2.19.5.news http://secunia.com/advisories/26313 http://secunia.com/advisories/26368 http://secunia.com/advisories/26520 http://secunia.com/advisories/26879 http://secunia.com/advisories/26900& • CWE-20: Improper Input Validation •
CVE-2006-6105
https://notcve.org/view.php?id=CVE-2006-6105
Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog. Vulnerabilidad de formato de cadena en la ventana de selección de host (gdmchooser) en GNOME Foundation Display Manager (gdm) permite a atacantes remotos ejecutar código de su elección mediante especificadores de formato de cadena en un nombre de host, que se utilizan en un mensaje de error. • http://ftp.acc.umu.se/pub/GNOME/sources/gdm/2.17/gdm-2.17.4.news http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=453 http://secunia.com/advisories/23381 http://secunia.com/advisories/23385 http://secunia.com/advisories/23387 http://secunia.com/advisories/23409 http://securitytracker.com/id?1017320 http://securitytracker.com/id?1017383 http://www.mandriva.com/security/advisories?name=MDKSA-2006:231 http://www.novell.com/linux/security/advisories/2006_29 •