6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.3%
CentOS Errata and Security Advisory CESA-2010:0657
The GNOME Display Manager (GDM) is a configurable re-implementation of XDM,
the X Display Manager. GDM allows you to log in to your system with the X
Window System running, and supports running several different X sessions on
your local machine at the same time.
A flaw was found in the way the gdm package was built. The gdm package was
missing TCP wrappers support on 64-bit platforms, which could result in an
administrator believing they had access restrictions enabled when they did
not. (CVE-2007-5079)
This update also fixes the following bug:
All users should upgrade to this updated package, which contains backported
patches to correct these issues. GDM must be restarted for this update to
take effect. Rebooting achieves this, but changing the runlevel from 5 to 3
and back to 5 also restarts GDM.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-August/079110.html
https://lists.centos.org/pipermail/centos-announce/2010-August/079111.html
Affected packages:
gdm
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0657
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | gdm | < 2.6.0.5-7.rhel4.19.el4_8.2 | gdm-2.6.0.5-7.rhel4.19.el4_8.2.i386.rpm |
CentOS | 4 | x86_64 | gdm | < 2.6.0.5-7.rhel4.19.el4_8.2 | gdm-2.6.0.5-7.rhel4.19.el4_8.2.x86_64.rpm |