Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:100 (gdm)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56949

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:100 (gdm)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to gdm
announced via advisory MDKSA-2006:100.

A vulnerability in gdm could allow a user to activate the gdm setup
program if the administrator configured a gdm theme that provided a
user list. The user could do so by choosing the setup option from
the menu, clicking the user list, then entering his own password
instead of root's.

The updated packages have been patched to correct this issue.

Affected: 2006.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:100

Risk factor : Medium

CVSS Score:
3.7

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-2452
BugTraq ID: 18332
http://www.securityfocus.com/bid/18332
Bugtraq: 20060608 rPSA-2006-0098-1 gdm (Google Search)
http://www.securityfocus.com/archive/1/436428
http://www.gentoo.org/security/en/glsa/glsa-200606-14.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:100
http://secunia.com/advisories/20532
http://secunia.com/advisories/20552
http://secunia.com/advisories/20587
http://secunia.com/advisories/20627
http://secunia.com/advisories/20636
SuSE Security Announcement: SUSE-SR:2006:013 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html
https://usn.ubuntu.com/293-1/
http://www.vupen.com/english/advisories/2006/2239
XForce ISS Database: gdm-facebrowser-security-bypass(27018)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27018

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56949
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:100 (gdm)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to gdm announced via advisory MDKSA-2006:100. A vulnerability in gdm could allow a user to activate the gdm setup program if the administrator configured a gdm theme that provided a user list. The user could do so by choosing the setup option from the menu, clicking the user list, then entering his own password instead of root's. The updated packages have been patched to correct this issue. Affected: 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:100 Risk factor : Medium CVSS Score: 3.7
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2452 BugTraq ID: 18332 http://www.securityfocus.com/bid/18332 Bugtraq: 20060608 rPSA-2006-0098-1 gdm (Google Search) http://www.securityfocus.com/archive/1/436428 http://www.gentoo.org/security/en/glsa/glsa-200606-14.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:100 http://secunia.com/advisories/20532 http://secunia.com/advisories/20552 http://secunia.com/advisories/20587 http://secunia.com/advisories/20627 http://secunia.com/advisories/20636 SuSE Security Announcement: SUSE-SR:2006:013 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html https://usn.ubuntu.com/293-1/ http://www.vupen.com/english/advisories/2006/2239 XForce ISS Database: gdm-facebrowser-security-bypass(27018) https://exchange.xforce.ibmcloud.com/vulnerabilities/27018
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com