SecurityHome.eu [USN-1142-1] GDM vulnerability

Home / mailings PDF

[USN-1142-1] GDM vulnerability
Posted on 01 June 2011
Ubuntu Security
==========================
==========================
========================
Ubuntu Security Notice USN-1142-1
June 01, 2011

gdm vulnerability
==========================
==========================
========================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04

Summary:

GDM could be made to launch a browser and leak information about the system=
.

Software Description:
- gdm: GNOME Display Manager

Details:

Henne Vogelsang discovered that under certain PolicyKit configurations, GDM
could be made to launch a browser. A local attacker could exploit this to
gain access to files with the privileges of the gdm user. PolicyKit is not
configured in this manner in Ubuntu by default.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.04:
gdm 2.32.1-0ubuntu3.2

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
CVE-2011-1709

Package Information:
https://launchpad.net/ubuntu/+source/gdm/2.32.1-0ubuntu3.2

TOP

Mailings :

Last 20

Exploits :

Last 20