Fedora Core 5 : gdm-2.14.1-1.fc5.2 (2006-338)

This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora Core host is missing a security update.

Description :

(Notes taken from upstream release mail)

- The sockets connection between the slaves and the GDM
daemon is now better managed to better ensure that
sockets are never left open. (Brian Cameron)

- Corrected bug that causes a core dump when you click on
gdmgreeter fields that have an id. (Brian Cameron)

- Add new GdmXserverTimeout configuration setting so that
the length of time GDM waits for the Xserver to start
can be tuned, so GDM better works with Xservers that
require more than 10 seconds to start. (Emilie)

- The happygnome and happygnome-list gdmgreeter themes now
use the official logo. (Brian Cameron)

- Now GDM configure supports --with-sysconfsubdir so that
GDM's configuration directory can be configured to not
have '/gdm' appended to the end.

- Fix for ensuring .ICEauthority file has proper
ownership/permissions. Addresses CVE-2006-1057. (Hans
Petter Jansson)

- Fix 'Show Actions Menu' section in gdmsetup so it
appears when both 'Plain' and 'Themed' style is chosen.
(Brian Cameron, Dennis Cranston)

- Now use LINGUAS procedure for defining languages.
(Michiel Sikkes)

- Now Xsession script uses '[email protected]' instead of '$1' so it is
possible to pass arguments with the command to run.
(Brian Cameron)

- Add Trusted Solraris support. (Niall Power)

- One line fix to Solaris auditing logic that fixes a bug
causing authentication to fail when auditing is turned
on. (Brian Cameron)

- Fixes to compile with C99 and fixes to compile under
NetBSD. Remove EXPANDED_* variables from the configure.
(Julio M. Merino Vidal)

- Translation updates (Aygimantas Beruaka, Benoat Dejean,
Laurent Dhima, Maxim Dziumanenko, Alessio Frusciante,
Rhys Jones, Raphael Higino, Theppitak Karoonboonyanan,
Gabor Kelmen, Priit Laes, Jordi Mallach, Kjartan Maraas,
Daniel Nylander, Kostas Papdimas, Guilherme de S.
Pastore, Ankit Patel, Ignacio Casal Quinteiro, Hendrik
Richter, Jens Seidel, Francisco Javier F. Serrador,
Alexander Shopov, Clytie Siddall, Ilkka Tuohela, Vincent
van Adrighem, Tommi Vainikaninen)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?538a4792

Solution :

Update the affected gdm and / or gdm-debuginfo packages.

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)

Family: Fedora Local Security Checks

Nessus Plugin ID: 21249 (fedora_2006-338.nasl)

Bugtraq ID:

CVE ID: CVE-2006-1057

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now