aru Posted May 25, 2006 Report Share Posted May 25, 2006 Mandriva Advisories MDKSA-2006:083 : gdm Updated gdm package fixes symlink attack vulnerability May 9th, 2006 A race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. Packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 2006.0Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:083 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1057 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts