CVE-2011-0727
openSUSE 11.3,openSUSE 11.4
CVE-2011-0727, security advisory, novell, suse linux, suse, security, cve

CVE-2011-0727

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-0727 at MITRE

Description

GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.89
Vector AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 679786 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.3
  • gdm-debuginfo >= 2.30.2-6.3.1
  • gdm-debugsource >= 2.30.2-6.3.1
  • gnome-applets-gdm-debuginfo >= 2.30.2-6.3.1
openSUSE 11.3
  • gdm >= 2.30.2-6.3.1
  • gdm-branding-upstream >= 2.30.2-6.3.1
  • gdm-lang >= 2.30.2-6.3.1
  • gnome-applets-gdm >= 2.30.2-6.3.1
openSUSE 11.4
  • gdm >= 2.32.0-9.14.1
  • gdm-branding-upstream >= 2.32.0-9.14.1
  • gdm-lang >= 2.32.0-9.14.1
  • gnome-applets-gdm >= 2.32.0-9.14.1
openSUSE 11.4
  • gdm >= 2.32.0-9.14.1
  • gdm-branding-upstream >= 2.32.0-9.14.1
  • gdm-debuginfo >= 2.32.0-9.14.1
  • gdm-debugsource >= 2.32.0-9.14.1
  • gdm-lang >= 2.32.0-9.14.1
  • gnome-applets-gdm >= 2.32.0-9.14.1
  • gnome-applets-gdm-debuginfo >= 2.32.0-9.14.1
Patchnames:
gdm