RSS   Podatności dla 'Gnome display manager'   RSS

2019-02-06
 
CVE-2019-3825

CWE-287
 

 
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.

 
2018-08-14
 
CVE-2018-14424

CWE-416
 

 
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.

 
2018-07-26
 
CVE-2017-12164

CWE-665
 

 
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.

 
2016-11-01
 
CVE-2016-1000002

CWE-200
 

 
gdm3 3.14.2 and possibly later has an information leak before screen lock

 
2015-11-24
 
CVE-2015-7496

CWE-264
 

 
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

 
2014-04-29
 
CVE-2013-7273

CWE-noinfo
 

 
GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.

 
2013-09-10
 
CVE-2013-4169

CWE-59
 

 
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.

 
2012-12-21
 
CVE-2010-2387

 

 
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.

 

 >>> Vendor: Gnome 78 Produkty
GDM
Gnome libs
Esound
Gnorpm
Libgtop daemon
Bonobo
Gnome-terminal
Gnome-lokkit
Gtkhtml
EOG
Batalla naval
Gdkpixbuf
GPDF
Libvte4
Libzvt2
Epiphany
Gedit
Networkmanager
Evolution
Libgda2
Dwarf http server
Screensaver
Dhcdbd
Gconf
Power manager
Ekiga
Balsa
Gnome-vfs
Gnumeric
Gnome
YELP
GLIB
Vinagre
Rhythmbox
Nautilus-python
Evolution-data-server
Gmime
Gnome-shell
Tomboy
Libsoup
Ifcfg-rh plug-in
Empathy
Update-manager-core
Gdk-pixbuf
Libgdata
At-spi2-atk
Librsvg
Gnome-keyring
Evince
Gnome display manager
Gnome online accounts
VALA
Byzanz
Eye of gnome
Libgsf
Libsocialweb
Gtk-vnc
Libcroco
Gnome-session
Libgxps
Shotwell
Librest
Nautilus
GCAB
Gthumb
Seahorse
GVFS
Gnome-desktop
Evolution-ews
Network manager vpnc
Gnome-system-log
Gnome-font-viewer
DIA
ORCA
Gnome keyring
Evolution data server
File-roller
Glib-networking


Copyright 2020, cxsecurity.com

 

Back to Top