Veracode Vulnerability DatabaseVERACODE:23788Access Control Bypass
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
gdm is vulnerable to access control bypass. A flaw was found in the way the gdm package was built. The gdm package was missing TCP wrappers support, which could result in an administrator believing they had access restrictions enabled when they did not.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gdm | eq | 2.16.0__30.el5 | |
| gdm | eq | 2.16.0__46.el5 | |
| gdm | eq | 2.16.0__31.0.1.el5 | |
| gdm | eq | 2.16.0__30.el5 | |
| gdm | eq | 2.16.0__46.el5 | |
| gdm | eq | 2.16.0__31.0.1.el5 |
References
secunia.com/advisories/36553
www.redhat.com/security/updates/classification/#low
www.securityfocus.com/bid/36219
access.redhat.com/errata/RHSA-2009:1364
bugzilla.redhat.com/show_bug.cgi?id=239818
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9586
rhn.redhat.com/errata/RHSA-2009-1364.html
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P