43 matches found
EUVD-2016-1011
Malware in sbrugna...
Authentication Bypass
gdm3 is vulnerable to timing attacks. The vulnerability exists through a race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication...
CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
DEBIAN-CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
Code injection
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
CVE-2020-16125 gdm3 would start gnome-initial-setup if it cannot contact accountservice
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
CVE-2020-16125
CVE-2020-16125 affects gdm/gdm3 (GNOME Display Manager). Root cause: when gdm3 cannot reach the accountservice via D-Bus in a timely manner, gnome-initial-setup may be started, which on some distros could be chained with another issue to allow a local user to create a new privileged account. The ...
CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
Denial Of Service (DoS)
gdm3 is vulnerable to denial of service DoS. The vulnerability is in gdm3 LPE due to unresponsive accounts-daemon.this could allow a local user to create a new privileged account...
Debian: Security Advisory (DLA-2434-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-2434-1 gdm3 - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-4614-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4614-1: GDM vulnerability
Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user...
CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu and potentially derivatives this could be be chained with an additional issue that could allow a local user to create a new privileged...
Remote Code Execution (RCE)
gdm3, bionic is vulnerable to remote code execution RCE. The daemon in GDM does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a...
CVE-2016-1000002
gdm3 3.14.2 and possibly later has an information leak before screen lock...
CVE-2016-1000002
gdm3 3.14.2 and possibly later has an information leak before screen lock...
Information disclosure
gdm3 3.14.2 and possibly later has an information leak before screen lock...
UBUNTU-CVE-2016-1000002
gdm3 3.14.2 and possibly later has an information leak before screen lock...