Gnome: >> Gdm >> 2.4.1.6 Security Vulnerabilities
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption).
CVSS Score
2.1
EPSS Score
0.001
Published
2003-11-17
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results.
CVSS Score
2.1
EPSS Score
0.001
Published
2003-11-17
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.
CVSS Score
2.1
EPSS Score
0.001
Published
2003-08-27
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
CVSS Score
5.0
EPSS Score
0.006
Published
2003-08-27
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
CVSS Score
5.0
EPSS Score
0.006
Published
2003-08-27