Local Privilege Escalation Vulnerability in GNOME Display Manager
CVE-2006-2452

Currently unrated

Key Information:

Vendor: Gnome
Status: Gdm
Vendor: CVE Published:; 9 June 2006

Summary

The GNOME Display Manager (GDM) versions 2.8, 2.12, 2.14, and 2.15 possess a vulnerability linked to the 'face browser' feature. This flaw permits a local user to manipulate the 'Configure Login Manager' functionality by using their own password instead of the required root password, consequently opening a path for privilege escalation. Such access may allow unauthorized configuration changes that compromise system security.

References

http://secunia.com/advisories/20532

third-party-advisoryx_refsource_SECUNIA

http://lists.suse.com/archive/suse-security-announce/2006...

vendor-advisoryx_refsource_SUSE

http://secunia.com/advisories/20627

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 9, 2006
Vulnerability Reserved
May 18, 2006