ISS X-Force Database: gdm-facebrowser-security-bypass(27018): GNOME GDM "face browser" Configure Login Manager security bypass

GNOME GDM "face browser" Configure Login Manager security bypass

gdm-facebrowser-security-bypass (27018)

Medium Risk

Description:

GNOME Display Manager (GDM) could allow a local attacker to bypass security restrictions and gain unauthorized access to the "Configure Login Manager" functionality. If the "face browser" feature is enabled, an attacker could login to the "Configure Login Manager" functionality using their own password instead of the root password, which is usually required. An attacker could exploit this vulnerability to gain elevated privileges on the system.

Platforms Affected:

Canonical, Ubuntu 5.10
Canonical, Ubuntu 6.06 LTS
Gentoo, Linux
GNOME, GNOME Display Manager (GDM) 2.14.x
GNOME, GNOME Display Manager (GDM) 2.15.x
GNOME, GNOME Display Manager (GDM) 2.8.x
MandrakeSoft, Mandrake Linux 2006
MandrakeSoft, Mandrake Linux 2006 X86_64
rPath, rPath Linux 1

Remedy:

Upgrade to the latest version of GDM (2.8.0.8 or later), (2.14.8 or later) or (2.15.5 or later), available from the GNOME Web site. See References.

For Ubuntu Linux:
Refer to USN-293-1 for patch, upgrade, or suggested workaround information. See References.

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2006-06-14 for patch, upgrade, or suggested workaround information. See References.

For other distributions:
Contact your vendor for patch or upgrade information.

Consequences:

Bypass Security

References:

BugTraq Mailing List, Thu Jun 08 2006 - 09:43:30 CDT , rPSA-2006-0098-1 gdm at http://archives.neohapsis.com/archives/bugtraq/2006-06/0087.html.
GNOME Bug 343476, CRITICAL ERROR IN GDM! : GDM Allow to an ordinary user access to "Configure Login Manager..." at http://bugzilla.gnome.org/show_bug.cgi?id=343476.
GNOME Web site, Index of /pub/gnome/sources/gdm at http://ftp.gnome.org/pub/gnome/sources/gdm/.
BID-18332: GNOME Foundation GDM Configure Login Manager Authentication Bypass Vulnerability
CVE-2006-2452: GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the face browser feature is enabled, allows local users to access the Configure Login Manager functionality using their own password instead of the root password, which can be leveraged to gain additional privileges.
GLSA-200606-14: GDM: Privilege escalation
MDKSA-2006:100: Updated gdm packages fix vulnerability
SA20532: GNOME Display Manager Configuration GUI Access Vulnerability
SUSE-SR:2006:013: SUSE Security Summary Report
USN-293-1: gdm vulnerability
VUPEN/ADV-2006-2239: GNOME Display Manager Configure Login Manager Security Bypass Vulnerability

Reported:

Jun 08, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page