In association with heise online

15 December 2006, 13:49

Elevated rights through vulnerability in the Gnome Display Manager

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

An update for the Gnome Display Manager (GDM) currently being distributed by the Linux distributors, removes a vulnerability that allowed registered users to achieve elevated rights. The vulnerability stems from a format string bug in the GNOME Display Manager Host Chooser Window (gdmchooser) and could allow attackers to use dialog boxes to plant arbitrary code and execute it with gdm rights. The display manager uses gdmchooser to support the X Display Manager Control Protocol (XDMCP) to interact with other systems on the network.

Tests of Red Hat systems, by iDefense, showed that users could not, by default, access gdmchooser, but this is not necessarily the case for all Linux systems, since certain pre-set display settings make gdmchooser available. The error has been removed in versions 2.14.11, 2.16.4 and 2.17.4 of the GNOME Display Manager.

In early December, distributors were forced to issue a new package for the GNOME Display Manager to eliminate a buffer overflow in the libgsf library.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit