CVE-2009-2697
published 2009-09-04CVE-2009-2697: The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow…
PriorityP430medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.84%
76.3th percentile
The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gnome | gdm | <= 2.16 | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
| gnome | gdm | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vf98-38qc-3w28: The Red Hat build script for the GNOME Display Manager (GDM) before 2
ghsa_unreviewed·2022-05-02·CVSS 6.0
CVE-2009-2697 [MEDIUM] CWE-287 GHSA-vf98-38qc-3w28: The Red Hat build script for the GNOME Display Manager (GDM) before 2
The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079.
Red Hat
gdm not built with tcp_wrappers
vendor_redhat·2007-05-11·CVSS 6.0
CVE-2009-2697 [MEDIUM] gdm not built with tcp_wrappers
gdm not built with tcp_wrappers
The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/36553http://www.securityfocus.com/bid/36219https://bugzilla.redhat.com/show_bug.cgi?id=239818https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9586https://rhn.redhat.com/errata/RHSA-2009-1364.htmlhttp://secunia.com/advisories/36553http://www.securityfocus.com/bid/36219https://bugzilla.redhat.com/show_bug.cgi?id=239818https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9586https://rhn.redhat.com/errata/RHSA-2009-1364.html
2009-09-04
Published