Vulnerability Assessment & Network Security Forums
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.
Vulnerability Assessment Details
Check for the version of the gdm package
Detailed Explanation for this Vulnerability Assessment
The remote host is missing the patch for the advisory FEDORA-2006-338 (gdm).
Gdm (the GNOME Display Manager) is a highly configurable
reimplementation of xdm, the X Display Manager. Gdm permits you to log
into your system with the X Window System running and supports running
several different X sessions on your local machine at the same time.
(Notes taken from upstream release mail)
- The sockets connection between the slaves and the GDM
daemon is now
better managed to better ensure that sockets are never left
- Corrected bug that causes a core dump when you click on
fields that have an id. (Brian Cameron)
- Add new GdmXserverTimeout configuration setting so that
the length of
time GDM waits for the Xserver to start can be tuned, so
works with Xservers that require more than 10 seconds to start.
- The happygnome and happygnome-list gdmgreeter themes now
official logo. (Brian Cameron)
- Now GDM configure supports --with-sysconfsubdir so that GDM's
configuration directory can be configured to not have
to the end.
- Fix for ensuring .ICEauthority file has proper
Addresses CVE-2006-1057. (Hans Petter Jansson)
- Fix 'Show Actions Menu' section in gdmsetup so it appears
'Plain' and 'Themed' style is chosen. (Brian Cameron, Dennis
- Now use LINGUAS procedure for defining languages.
- Now Xsession script uses '$@' instead of '$1' so it is
pass arguments with the command to run. (Brian Cameron)
- Add Trusted Solraris support. (Niall Power)
- One line fix to Solaris auditing logic that fixes a bug
authentication to fail when auditing is turned on. (Brian
- Fixes to compile with C99 and fixes to compile under NetBSD.
Remove EXPANDED_* variables from the configure. (Julio M.
- Translation updates (├┬Żygimantas Beru├┬ka,
Dejean, Laurent Dhima, Maxim Dziumanenko, Alessio
Jones, Raphael Higino, Theppitak Karoonboonyanan, Gabor Kelmen,
Priit Laes, Jordi Mallach, Kjartan Maraas, Daniel Nylander,
Papdimas, Guilherme de S. Pastore, Ankit Patel, Ignacio Casal
Quinteiro, Hendrik Richter, Jens Seidel, Francisco Javier
Alexander Shopov, Clytie Siddall, Ilkka Tuohela, Vincent
Solution : Get the newest Fedora Updates
Network Security Threat Level: High
Networks Security ID:
Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security
|Dell Juniper EX4500 4Port 10Gbe SFP + Uplink Module 1Y3RF / 711-028852
|Cisco Catalyst WS-C3750-48PS-S 48-Port 10/100 PoE + 4 Gig SFP Managed Switch
|Cisco Catalyst 3560 V2 Series PoE-48 Port Switch-(WS-C3560V2-48PS-S) 4 SFP Ports
|HPE OfficeConnect 1910 48 Port Switch JG540A with Fiber Channel SFP'S Included
No Discussions have been posted on this vulnerability.