Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1057

Overview

Vulnerability Score 3.7 3.7
CVE Id CVE-2006-1057
Last Modified 10 Aug 2011 12:00:00
Published 24 Apr 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2006-1057

Summary

Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.

Vulnerable Systems

Application

  • Gnome Gdm 2.14


References

FEDORA - FEDORA-2006-338

DEBIAN - DSA-1040

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188303

XF - gdm-slavec-symlink(26092)

VUPEN - ADV-2006-1465

UBUNTU - USN-278-1

BID - 17635

REDHAT - RHSA-2007:0286

MANDRIVA - MDKSA-2006:083

CONFIRM - http://cvs.gnome.org/viewcvs/gdm2/daemon/slave.c?r1=1.260&r2=1.261


Last Updated: 27 May 2016 10:41:54