SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  GNOME Display Manager Vendors:  Gnome Development Team
(Slackware Issues Fix) GNOME Display Manager (gdm) Lets Local Users View Files With Root Privileges
SecurityTracker Alert ID:  1007560
CVE Reference:  CAN-2003-0547   (Links to External Site)
Updated:  Dec 1 2003
Original Entry Date:  Aug 25 2003
Impact:  Denial of service via network, Disclosure of system information, Disclosure of user information
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): prior to 2.4.1.6
Description:  Several vulnerabilities were reported in the GNOME Display Manager (gdm). A local user can view arbitrary files on the system. A remote user may be able to cause the gdm daemon may crash.

It is reported that a local user can make a symbolic link (symlink) from an arbitrary file on the system to the '~/.xsession-errors' file. Then, when gdm runs and is configured with the "examine session errors" option, the local user can view the symlinked file (CVE: CAN-2003-0547). Any file can be read with root privileges, according to the report.

It is also reported that there are two vulnerabilties in the X Display Manager Control Protocol (XDMCP) implementation. A remote user can cause the gdm daemon to crash. If a host expires, the gdm daemon may crash (CVE: CAN-2003-0548). If an authorization key name is shorter then 18 bytes, the gdm daemon may crash (CVE: CAN-2003-0549).
Impact:  A local user can view arbitrary files with root privileges.

A remote user may be able to cause the daemon to crash.
Solution:  Slackware has released a fix.

Updated package for Slackware 9.0:

ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gdm-2.4.1.6-i386-1.tgz

Updat ed package for Slackware -current:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/gnome/gdm-2.4.1.6-i486-1.tgz

The MD5 signatures are:

Slackware 9.0 package:

a5939f91ac56b5dd97d4a2013f099aed gdm-2.4.1.6-i386-1.tgz

Slackware -current package:

26459fb6dec7279fe4d80aba0b3ac4ff gdm-2.4.1.6-i486-1.tgz

To install, upgrade using upgradepkg (as root):

upgradepkg gdm-2.4.1.6-i386-1.tgz
Vendor URL:  www.5z.com/jirka/gdm.html (Links to External Site)
Cause:  Access control error, Exception handling error
Underlying OS:  Linux (Slackware)
Underlying OS Comments:  9.0
Reported By:  Slackware Security Team <security@slackware.com>
Message History:   This archive entry is a follow-up to the message listed below.
Aug 21 2003 GNOME Display Manager (gdm) Lets Local Users View Files With Root Privileges


 Source Message Contents
Date:  Sun, 24 Aug 2003 15:48:28 -0700 (PDT)
From:  Slackware Security Team <security@slackware.com>
Subject:  [slackware-security] GDM security update (SSA:2003-236-01)

 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  GDM security update (SSA:2003-236-01)

Upgraded gdm packages are available for Slackware 9.0 and -current.
These fix a security issue where a local user may use GDM to read any
file on the system.


Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Sun Aug 24 14:36:29 PDT 2003
patches/packages/gdm-2.4.1.6-i386-1.tgz:  Upgraded to gdm-2.4.1.6.
  This fixes a bug where a local user may read any system file by making a
  symlink to it from $HOME/.xsession-errors and using GDM's error browser
  to read the file.
  (* Security fix *)
+--------------------------+



WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gdm-2.4.1.6-i386-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/gnome/gdm-2.4.1.6-i486-1.tgz



MD5 SIGNATURES:
+-------------+

Slackware 9.0 package:
a5939f91ac56b5dd97d4a2013f099aed  gdm-2.4.1.6-i386-1.tgz

Slackware -current package:
26459fb6dec7279fe4d80aba0b3ac4ff  gdm-2.4.1.6-i486-1.tgz



INSTALLATION INSTRUCTIONS:
+------------------------+

Upgrade using upgradepkg (as root):
upgradepkg gdm-2.4.1.6-i386-1.tgz



+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/STINakRjwEAQIjMRAlDBAJ9zkONkmlbIRF6Lzj19I34gc884YwCghoPD
ILS19+PLCWvT+zsIDm4Wcyw=
=G/E+
-----END PGP SIGNATURE-----


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2003, SecurityGlobal.net LLC