Ubuntu 11.04 : gdm vulnerability (USN-1142-1)
High Nessus Plugin ID 55105
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionHenne Vogelsang discovered that under certain PolicyKit configurations, GDM could be made to launch a browser. A local attacker could exploit this to gain access to files with the privileges of the gdm user. PolicyKit is not configured in this manner in Ubuntu by default.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected gdm package.