ID CVE-2006-2452
Summary GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:gdm:2.8
    cpe:2.3:a:gnome:gdm:2.8
  • cpe:2.3:a:gnome:gdm:2.12
    cpe:2.3:a:gnome:gdm:2.12
  • cpe:2.3:a:gnome:gdm:2.14
    cpe:2.3:a:gnome:gdm:2.14
  • cpe:2.3:a:gnome:gdm:2.15
    cpe:2.3:a:gnome:gdm:2.15
CVSS
Base: 3.7 (as of 09-06-2006 - 09:31)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200606-14.NASL
    description The remote host is affected by the vulnerability described in GLSA-200606-14 (GDM: Privilege escalation) GDM allows a normal user to access the configuration manager. Impact : When the 'face browser' in GDM is enabled, a normal user can use the 'configure login manager' with his/her own password instead of the root password, and thus gain additional privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 21707
    published 2006-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21707
    title GLSA-200606-14 : GDM: Privilege escalation
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11050.NASL
    description This update solves a bug in GDM. This bug allows to bypass root authorization to access the login configuration. (CVE-2006-2452)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 41090
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41090
    title SuSE9 Security Update : gdm (YOU Patch Number 11050)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_GDM-1582.NASL
    description This update solves a bug in GDM. This bug allows to bypass root authorization to access the login configuration. (CVE-2006-2452)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27232
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27232
    title openSUSE 10 Security Update : gdm (gdm-1582)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-293-1.NASL
    description If the admin configured a gdm theme that provided an user list, any user could activate the gdm setup program by first choosing the setup option from the menu, clicking on the user list and entering his own (instead of root's) password. This allowed normal users to configure potentially dangerous features like remote or automatic login. Please note that this does not affect a default Ubuntu installation, since the default theme does not provide an user list. In Ubuntu 6.06 you additionally have to have the 'ConfigAvailable' setting enabled in gdm.conf to be vulnerable (it is disabled by default). Ubuntu 5.04 is not affected by this flaw. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27865
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27865
    title Ubuntu 5.10 / 6.06 LTS : gdm vulnerability (USN-293-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-100.NASL
    description A vulnerability in gdm could allow a user to activate the gdm setup program if the administrator configured a gdm theme that provided a user list. The user could do so by choosing the setup option from the menu, clicking the user list, then entering his own password instead of root's. The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 21716
    published 2006-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21716
    title Mandrake Linux Security Advisory : gdm (MDKSA-2006:100)
refmap via4
bid 18332
bugtraq 20060608 rPSA-2006-0098-1 gdm
confirm http://bugzilla.gnome.org/show_bug.cgi?id=343476
gentoo GLSA-200606-14
mandriva MDKSA-2006:100
secunia
  • 20532
  • 20552
  • 20587
  • 20627
  • 20636
suse SUSE-SR:2006:013
ubuntu USN-293-1
vupen ADV-2006-2239
xf gdm-facebrowser-security-bypass(27018)
Last major update 07-03-2011 - 21:36
Published 09-06-2006 - 06:02
Last modified 03-10-2018 - 17:40
Back to Top