Detections
Analytics

Fedora Core 5 : gdm-2.14.1-1.fc5.2 (2006-338)

low Nessus Plugin ID 21249

Synopsis

The remote Fedora Core host is missing a security update.

Description

(Notes taken from upstream release mail)

 - The sockets connection between the slaves and the GDM daemon is now better managed to better ensure that sockets are never left open. (Brian Cameron)

 - Corrected bug that causes a core dump when you click on gdmgreeter fields that have an id. (Brian Cameron)

 - Add new GdmXserverTimeout configuration setting so that the length of time GDM waits for the Xserver to start can be tuned, so GDM better works with Xservers that require more than 10 seconds to start. (Emilie)

 - The happygnome and happygnome-list gdmgreeter themes now use the official logo. (Brian Cameron)

 - Now GDM configure supports --with-sysconfsubdir so that GDM's configuration directory can be configured to not have '/gdm' appended to the end.

 - Fix for ensuring .ICEauthority file has proper ownership/permissions. Addresses CVE-2006-1057. (Hans Petter Jansson)

 - Fix 'Show Actions Menu' section in gdmsetup so it appears when both 'Plain' and 'Themed' style is chosen.
 (Brian Cameron, Dennis Cranston)

 - Now use LINGUAS procedure for defining languages.
 (Michiel Sikkes)

 - Now Xsession script uses '$@' instead of '$1' so it is possible to pass arguments with the command to run.
 (Brian Cameron)

 - Add Trusted Solraris support. (Niall Power)

 - One line fix to Solaris auditing logic that fixes a bug causing authentication to fail when auditing is turned on. (Brian Cameron)

 - Fixes to compile with C99 and fixes to compile under NetBSD. Remove EXPANDED_* variables from the configure.
 (Julio M. Merino Vidal)

 - Translation updates (Aygimantas Beruaka, Benoat Dejean, Laurent Dhima, Maxim Dziumanenko, Alessio Frusciante, Rhys Jones, Raphael Higino, Theppitak Karoonboonyanan, Gabor Kelmen, Priit Laes, Jordi Mallach, Kjartan Maraas, Daniel Nylander, Kostas Papdimas, Guilherme de S.
 Pastore, Ankit Patel, Ignacio Casal Quinteiro, Hendrik Richter, Jens Seidel, Francisco Javier F. Serrador, Alexander Shopov, Clytie Siddall, Ilkka Tuohela, Vincent van Adrighem, Tommi Vainikaninen)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected gdm and / or gdm-debuginfo packages.

See Also

http://www.nessus.org/u?538a4792

Plugin Details

Severity: Low

ID: 21249

File Name: fedora_2006-338.nasl

Version: 1.15

Type: local

Agent: unix

Published: 4/21/2006

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Low

Base Score: 3.7

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:gdm, cpe:/o:fedoraproject:fedora_core:5, p-cpe:/a:fedoraproject:fedora:gdm-debuginfo

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 4/19/2006

Reference Information

CVE: CVE-2006-1057

FEDORA: 2006-338