CVE-2013-4169 — MEDIUM (6.9)

Q: What is CVE-2013-4169?

CVE-2013-4169 is a vulnerability with a CVSS score of 6.9 (MEDIUM). GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.

Q: How severe is CVE-2013-4169?

CVE-2013-4169 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-4169?

Check the references section above for vendor advisories and patch information. Affected products include: Gnome Gnome Display Manager.

Vulnerability Description

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.

CVSS Score

6.9

MEDIUM

AV:L/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Gnome	Gnome Display Manager	<= 2.21

Related Weaknesses (CWE)

CWE-59

References

http://rhn.redhat.com/errata/RHSA-2013-1213.htmlVendor Advisory
http://secunia.com/advisories/54661Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=988498Patch
http://rhn.redhat.com/errata/RHSA-2013-1213.htmlVendor Advisory
http://secunia.com/advisories/54661Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=988498Patch

FAQ

What is CVE-2013-4169?

CVE-2013-4169 is a vulnerability with a CVSS score of 6.9 (MEDIUM). GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.

How severe is CVE-2013-4169?

CVE-2013-4169 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-4169?

Check the references section above for vendor advisories and patch information. Affected products include: Gnome Gnome Display Manager.