Gnome Gnome-Session Local Privilege Escalation Vulnerability
BID:9988
Info
Gnome Gnome-Session Local Privilege Escalation Vulnerability
| Bugtraq ID: | 9988 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 26 2004 12:00AM |
| Updated: | Mar 26 2004 12:00AM |
| Credit: | This issue was disclosed in the referenced Conectiva advisory. |
| Vulnerable: |
GNOME Gnome 2.4 GNOME Gnome 2.3 GNOME Gnome 2.2 GNOME Gnome 2.1 GNOME Gnome 2.0 |
| Not Vulnerable: | |
Discussion
Gnome Gnome-Session Local Privilege Escalation Vulnerability
It has been reported that gnome-session is prone to a local privilege escalation vulnerability. This issue is due to a problem with initialization of the LD_LIBRARY_PATH environment variable upon session start-up.
This issue may be leveraged locally to gain escalated privileges on the affected system.
It has been reported that gnome-session is prone to a local privilege escalation vulnerability. This issue is due to a problem with initialization of the LD_LIBRARY_PATH environment variable upon session start-up.
This issue may be leveraged locally to gain escalated privileges on the affected system.
Exploit / POC
Gnome Gnome-Session Local Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Gnome Gnome-Session Local Privilege Escalation Vulnerability
Solution:
Conectiva has released advisory CLSA-2004:823 and fixes for their Enterprise Linux distribution dealing with this issue.
GNOME Gnome 2.2
Solution:
Conectiva has released advisory CLSA-2004:823 and fixes for their Enterprise Linux distribution dealing with this issue.
GNOME Gnome 2.2
-
Conectiva gnome-session-2.0.5-222.i586.rpm
ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/gnome-session-2.0.5-22 2.i586.rpm
References
Gnome Gnome-Session Local Privilege Escalation Vulnerability
References:
References:
- CLSA-2004:823 gnome-session (Conectiva)