Mandrake Linux Security Advisory : gdm (MDKSA-2006:100)

This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A vulnerability in gdm could allow a user to activate the gdm setup
program if the administrator configured a gdm theme that provided a
user list. The user could do so by choosing the setup option from the
menu, clicking the user list, then entering his own password instead
of root's.

The updated packages have been patched to correct this issue.

Solution :

Update the affected gdm and / or gdm-Xnest packages.

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 21716 (mandrake_MDKSA-2006-100.nasl)

Bugtraq ID: 18332

CVE ID: CVE-2006-2452

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now