GNOME Display Manager (gdm) Lets Local Users View Files With Root Privileges
|
|
SecurityTracker Alert ID: 1007550
|
|
CVE Reference: CAN-2003-0547
, CAN-2003-0548
, CAN-2003-0549
(Links to External Site)
|
Updated: Dec 1 2003
|
Original Entry Date: Aug 21 2003
|
Impact: Denial of service via network, Disclosure of system information, Disclosure of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 2.4.1.6
|
Description: Several vulnerabilities were reported in the GNOME Display Manager (gdm). A local user can view arbitrary files on the system. A remote user may be able to cause the gdm daemon may crash.
It is reported that a local user can make a symbolic link (symlink) from an arbitrary file on the system to the '~/.xsession-errors'
file. Then, when gdm runs and is configured with the "examine session errors" option, the local user can view the symlinked file
(CVE: CAN-2003-0547). Any file can be read with root privileges, according to the report.
It is also reported that there are
two vulnerabilties in the X Display Manager Control Protocol (XDMCP) implementation. A remote user can cause the gdm daemon to
crash. If a host expires, the gdm daemon may crash (CVE: CAN-2003-0548). If an authorization key name is shorter then 18 bytes,
the gdm daemon may crash (CVE: CAN-2003-0549).
|
Impact: A local user can view arbitrary files with root privileges.
A remote user may be able to cause the daemon to crash.
|
Solution: The vendor has released a fixed version (2.4.1.6), available at:
http://ftp.gnome.org/pub/GNOME/sources/gdm/2.4/
|
Vendor URL: www.5z.com/jirka/gdm.html (Links to External Site)
|
Cause: Access control error, Exception handling error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Thu, 21 Aug 2003 17:06:19 -0400
Subject: GDM
|
From: gnomedisplaymanager@freshmeat.net
Newsgroups: fm.announce
Subject: Gnome Display Manager 2.4.1.6 - Gnome version of the X Display Manager (xdm).
Date: Thu, 21 Aug 2003 00:36:50 +0000 (UTC)
Organization: freshmeat.net
Lines: 45
Sender: gnomedisplaymanager@freshmeat.net
Message-ID: <1061426207@freshmeat.net>
References: <1042652410@freshmeat.net> <1006513269@freshmeat.net>
<1004670821@freshmeat.net> <1004127248@freshmeat.net> <999485449@freshmeat.net>
<997800243@freshmeat.net> <994692928@freshmeat.net> <991495505@freshmeat.net>
<990968002@freshmeat.net> <939768328@freshmeat.net>
NNTP-Posting-Host: freshmeat.net
X-Trace: mail.freshmeat.net 1061426210 14710 66.35.250.165 (21 Aug 2003 00:36:50 GMT)
X-Complaints-To: usenet@freshmeat.net
NNTP-Posting-Date: Thu, 21 Aug 2003 00:36:50 +0000 (UTC)
Gnome Display Manager 2.4.1.6
by _vicious_ (http://freshmeat.net/~vicious/)
Wednesday, August 20th 2003 17:36
About:
The Gnome Display Manager is a reimplementation of the well known xdm
program. GDM consists of a daemon and a graphical login application which
runs as an unpriviledged user. The login GUI features a face browser, an
optional logo, and language/session type selection support. The daemon
includes an XDMCP implementation for managing remote displays. Access
control relies on TCPWrappers and PAM.
Changes:
The fixes since 2.4.1.5 include three security fixes. All users are
encouraged to upgrade. The problems involved users being able to view any
file and two XDMCP DoS attacks.
Release focus: Major security fixes
License: GNU General Public License (GPL)
Project URL: http://freshmeat.net/projects/gnomedisplaymanager/
Homepage:
http://freshmeat.net/redir/gnomedisplaymanager/3444/url_homepage/gdm.html
Tar/GZ: http://freshmeat.net/redir/gnomedisplaymanager/3444/url_tgz/2.4
Tar/BZ2: http://freshmeat.net/redir/gnomedisplaymanager/3444/url_bz2/2.4
Changelog: http://freshmeat.net/redir/gnomedisplaymanager/3444/url_changelog/NEWS
RPM package:
http://freshmeat.net/redir/gnomedisplaymanager/3444/url_rpm/search.php?query=gdm&submit=Search+..
.
Debian package:
http://freshmeat.net/redir/gnomedisplaymanager/3444/url_deb/search_packages.pl?keywords=gdm&searc
hon=names&subword=1&version=all&release=all
CVS tree (cvsweb): http://freshmeat.net/redir/gnomedisplaymanager/3444/url_cvs/gdm2
Mirror site: http://freshmeat.net/redir/gnomedisplaymanager/3444/url_mirror/gdm
____________________________| Advertising |____________________________
Got the debugger blues?
Try Etnus TotalView, the Best Linux/UNIX debugger
on the planet. With superior C++ support, the best thread debugging
available, a great GUI, and more useful features than any other debugger,
TotalView helps reveal bugs faster than any other debugger. And it
provides more insight and analysis about your code and your data. So cure
the debugger
blues. Get your free 15-day trial at
http://www.etnus.com/Download/demo-tv.html
____________________________| Advertising |____________________________
|
|
