CVE-2006-1057

Currently unrated

Key Information:

Vendor: Gnome
Status: Gdm
Vendor: CVE Published:; 25 April 2006

Summary

Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26092

vdb-entryx_refsource_XF

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188303

x_refsource_CONFIRM

http://cvs.gnome.org/viewcvs/gdm2/daemon/slave.c?r1=1.260...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 25, 2006
Vulnerability Reserved
Mar 7, 2006