gdomap Multiple Local Information Disclosure Vulnerabilities

Bugtraq ID:	40005
Class:	Design Error
CVE:	CVE-2010-1457
Remote:	No
Local:	Yes
Published:	May 07 2010 12:00AM
Updated:	Apr 13 2015 09:13PM
Credit:	Dan Rosenberg
Vulnerable:	Gentoo Linux Free Software Foundation gdomap 0
Not Vulnerable:

gdomap Multiple Local Information Disclosure Vulnerabilities

gdomap is prone to multiple local information-disclosure vulnerabilities.

Local attackers can exploit these issues to obtain sensitive information that may lead to further attacks.

gdomap Multiple Local Information Disclosure Vulnerabilities

Attackers require local, interactive access to an affected computer.

The following example commands are available:

$ gdomap -c /etc/shadow
$ gdomap -a /etc/shadow

gdomap Multiple Local Information Disclosure Vulnerabilities

Solution:
Updates are available. Please see the references for more information.

gdomap Multiple Local Information Disclosure Vulnerabilities

References:

• CVE Assignment (gnustep) (gdomap)
  
• gdomap multiple local information disclosure vulnerabilities (Jamie Strandboge)