Mandrake Linux Security Advisory : gdm (MDKSA-2006:083)
Low Nessus Plugin ID 21358
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.
Packages have been patched to correct this issue.
SolutionUpdate the affected gdm and / or gdm-Xnest packages.