Vulnerabilities > CVE-2003-0794 - Local Denial Of Service vulnerability in Multiple GDM

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
low complexity
gnome
nessus

Summary

GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2003-100.NASL
    descriptionTwo vulnerabilities were discovered in gdm by Jarno Gassenbauer that would allow a local attacker to cause gdm to crash or freeze. The provided packages are patched to fix this problem.
    last seen2020-06-01
    modified2020-06-02
    plugin id14082
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14082
    titleMandrake Linux Security Advisory : gdm (MDKSA-2003:100)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2003:100. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14082);
      script_version ("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:47");
    
      script_cve_id("CVE-2003-0793", "CVE-2003-0794");
      script_xref(name:"MDKSA", value:"2003:100");
    
      script_name(english:"Mandrake Linux Security Advisory : gdm (MDKSA-2003:100)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Two vulnerabilities were discovered in gdm by Jarno Gassenbauer that
    would allow a local attacker to cause gdm to crash or freeze.
    
    The provided packages are patched to fix this problem."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected gdm and / or gdm-Xnest packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gdm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gdm-Xnest");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2003/10/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"gdm-2.4.1.6-0.4.91mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"gdm-Xnest-2.4.1.6-0.4.91mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"gdm-2.4.4.0-2.1.92mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"gdm-Xnest-2.4.4.0-2.1.92mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
      else security_note(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2003-300-01.NASL
    descriptionGDM is the GNOME Display Manager, and is commonly used to provide a graphical login for local users. Upgraded gdm packages are available for Slackware 9.0, 9.1, and -current. These fix two vulnerabilities which could allow a local user to crash or freeze gdm, preventing access to the machine until a reboot. Sites using gdm should upgrade, especially sites such as computer labs that use gdm to provide public or semi-public access.
    last seen2020-06-01
    modified2020-06-02
    plugin id18732
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18732
    titleSlackware 9.0 / 9.1 / current : gdm security update (SSA:2003-300-01)