FreeBSD : gdm -- privilege escalation vulnerability (c6fbd447-59ed-11e0-8d04-0015f2db7bde)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Sebastian Krahmer reports :

It was discovered that the GNOME Display Manager (gdm) cleared the
cache directory, which is owned by an unprivileged user, with the
privileges of the root user. A race condition exists in gdm where a
local user could take advantage of this by writing to the cache
directory between ending the session and the signal to clean up the
session, which could lead to the execution of arbitrary code as the
root user.

See also :

http://www.nessus.org/u?78e11011
https://bugzilla.redhat.com/show_bug.cgi?id=688323
http://www.nessus.org/u?7e02c760

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 53217 ()

Bugtraq ID:

CVE ID: CVE-2011-0727

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now