Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2001:070: gdm Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gdm package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2001:070 (gdm).
A buffer overrun exists in the XDMCP handling code used in gdm. By sending a
properly crafted XDMCP message, it is possible for a remote attacker to execute
arbitrary commands as root on the susceptible machine. By default, XDMCP is
disabled in gdm.conf on Mandrake Linux.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2001:070
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.