Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2205-1:42CF9
HistoryMar 28, 2011 - 7:48 p.m.

[SECURITY] [DSA 2205-1] gdm3 security update

2011-03-2819:48:21
lists.debian.org
6

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

Debian Security Advisory DSA-2205-1 [email protected]
http://www.debian.org/security/ Florian Weimer
March 28, 2011 http://www.debian.org/security/faq

Package : gdm3
Vulnerability : privilege escalation
Problem type : local
Debian-specific: no
CVE ID : CVE-2011-0727

Sebastian Krahmer discovered that the gdm3, the GNOME Desktop Manager,
does not properly drop privileges when manipulating files related to
the logged-in user. As a result, local users can gain root
privileges.

The oldstable distribution (lenny) does not contain a gdm3 package.
The gdm package is not affected by this issue.

For the stable distribution (squeeze), this problem has been fixed in
version 2.30.5-6squeeze2.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your gdm3 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6allgdm3< 2.30.5-6squeeze2gdm3_2.30.5-6squeeze2_all.deb

Related

redhat 1
nessus 12
prion 1
fedora 2
openvas 16
ubuntu 1
cve 1
securityvulns 2
oraclelinux 1
ubuntucve 1
debiancve 1
freebsd 1
cvelist 1
gentoo 1
redhat
redhat
(RHSA-2011:0395) Moderate: gdm security update
2011-03-28 00:00:00
nessus
nessus
FreeBSD : gdm -- privilege escalation vulnerability (c6fbd447-59ed-11e0-8d04-0015f2db7bde)
2011-03-30 00:00:00
Oracle Linux 6 : gdm (ELSA-2011-0395)
2013-07-12 00:00:00
Fedora 13 : gdm-2.30.2-2.fc13 (2011-4351)
2011-04-15 00:00:00
prion
prion
Design/Logic Flaw
2011-03-31 22:55:00
fedora
fedora
[SECURITY] Fedora 14 Update: gdm-2.32.1-2.fc14
2011-04-01 18:20:19
[SECURITY] Fedora 13 Update: gdm-2.30.2-2.fc13
2011-04-14 20:59:46
openvas
openvas
Mandriva Update for gdm MDVSA-2011:070 (gdm)
2011-04-11 00:00:00
Fedora Update for gdm FEDORA-2011-4335
2011-04-06 00:00:00
Debian Security Advisory DSA 2205-1 (gdm3)
2011-05-12 00:00:00
ubuntu
ubuntu
GDM vulnerability
2011-03-30 00:00:00
cve
cve
CVE-2011-0727
2011-03-31 22:55:00
securityvulns
securityvulns
GNOME Desktop Manager privilege escalation
2011-03-31 00:00:00
[SECURITY] [DSA 2205-1] gdm3 security update
2011-03-31 00:00:00
oraclelinux
oraclelinux
gdm security update
2011-03-28 00:00:00
ubuntucve
ubuntucve
CVE-2011-0727
2011-03-29 00:00:00
debiancve
debiancve
CVE-2011-0727
2011-03-31 22:55:00
freebsd
freebsd
gdm -- privilege escalation vulnerability
2011-03-28 00:00:00
cvelist
cvelist
CVE-2011-0727
2011-03-31 22:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON
Related for DEBIAN:DSA-2205-1:42CF9
redhat1nessus12prion1fedora2openvas16ubuntu1cve1securityvulns2oraclelinux1ubuntucve1debiancve1freebsd1cvelist1gentoo1