CAN-2003-0793: a local DoS
Package: gdm
Version: 2.4.1.6-2
Severity: important
Tags: security
Security bug reported for about a week and not yet fixed in Debian ...
Fixed in gdm 2.4.4.4 :
http://www.gnome.org/project/shownotes.php?release_id=2355
"- SECURITY: Fixed CAN-2003-0793, a local DoS, the socket connection
is now non-blocking and limitted to the number of commands"
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux seb128 2.6.0-test6 #1 Sun Sep 28 14:08:16 CEST 2003 i686
Locale: LANG=fr_FR.ISO-8859-15, LC_CTYPE=ISO-8859-15 (ignored: LC_ALL set to fr_FR@euro)
Versions of packages gdm depends on:
ii adduser 3.51 Add and remove users and groups
ii bonobo-activation 1:2.4.0-3 Transitional package
ii debconf 1.3.15 Debian configuration management sy
ii dpkg 1.10.15 Package maintenance system for Deb
ii libart-2.0-2 2.3.16-1 Library of functions for 2D graphi
ii libatk1.0-0 1.4.1-1 The ATK accessibility toolkit
ii libaudiofile0 0.2.3-4 The Audiofile Library
ii libbonobo-activation4 1:2.4.0-3 Transitional package
ii libbonobo2-0 2.4.1-2 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.4.0-1 The Bonobo UI library
ii libbz2-1.0 1.0.2-1 A high-quality block-sorting file
ii libc6 2.3.2-8 GNU C Library: Shared libraries an
ii libesd0 0.2.29-1 Enlightened Sound Daemon - Shared
ii libgconf2-4 2.4.0.1-2 GNOME configuration database syste
ii libgcrypt1 1.1.12-4 LGPL Crypto library - runtime libr
ii libglade2-0 2.0.1-6 Library to load .glade files at ru
ii libglib2.0-0 2.2.3-1 The GLib library of C routines
ii libgnome2-0 2.4.0-2 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.4.0-1 A powerful object-oriented display
ii libgnomeui-0 2.4.0.1-2 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 2.4.1-3 The GNOME virtual file-system libr
ii libgnomevfs2-common 2.4.1-3 The GNOME virtual file-system libr
ii libgnutls7 0.8.9-2 GNU TLS library - runtime library
ii libgsf-1 1.8.2-3 Structured File Library - runtime
ii libgtk2.0-0 2.2.4-1 The GTK+ graphical user interface
ii libjpeg62 6b-9 The Independent JPEG Group's JPEG
ii liblinc1 2:1.0.3-4 library to simplify creating netwo
ii liborbit2 1:2.8.1-4 Libraries for ORBit2 - a CORBA ORB
ii libpam-modules 0.76-14 Pluggable Authentication Modules f
ii libpam-runtime 0.76-14 Runtime support for the PAM librar
ii libpam0g 0.76-14 Pluggable Authentication Modules l
ii libpango1.0-0 1.2.5-1.1 Layout and rendering of internatio
ii libpopt0 1.7-2 lib for parsing cmdline parameters
ii librsvg2-2 2.4.0-2 SAX-based renderer library for SVG
ii libtasn1-0 0.1.2-1 Manage ASN.1 structures (runtime)
ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii libxml2 2.5.11-2 GNOME XML library
ii xlibs 4.3.0-0pre1v3 X Window System client libraries
ii zlib1g 1:1.1.4-16 compression library - runtime
-- debconf information excluded
Reply to: