PRIOn knowledge basePRION:CVE-2006-2452Design/Logic Flaw
6.7 Medium
AI Score
Confidence
Low
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
12.7%
GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the “face browser” feature is enabled, allows local users to access the “Configure Login Manager” functionality using their own password instead of the root password, which can be leveraged to gain additional privileges.
References
bugzilla.gnome.org/show_bug.cgi?id=343476
lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html
secunia.com/advisories/20532
secunia.com/advisories/20552
secunia.com/advisories/20587
secunia.com/advisories/20627
secunia.com/advisories/20636
www.gentoo.org/security/en/glsa/glsa-200606-14.xml
www.mandriva.com/security/advisories?name=MDKSA-2006:100
www.securityfocus.com/archive/1/436428
www.securityfocus.com/bid/18332
www.vupen.com/english/advisories/2006/2239
exchange.xforce.ibmcloud.com/vulnerabilities/27018
usn.ubuntu.com/293-1/
Related
6.7 Medium
AI Score
Confidence
Low
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
12.7%