Red Hat Bugzilla – Bug 55365
Perhaps a buffer overflow in gdm
Last modified: 2007-04-18 12:37:52 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.16-22 i686)
Description of problem:
On SecurityFocus and other sites a buffer overflow problem in connection
with gdm are reported. Whether the bug exist in Redhat 7.x is not clear.
The solution provided by
SecurityFocus is to disable XDMCP, - rather than fix the bug.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
gdm-2.0beta2-37 has a patch for this dated May 17 2000. According to
the source for Redhat 7.0 (gdm-2.0beta2-security2.patch, lines 67-69).
The patch is also present in gdm-2.0beta2-45.src.rpm (Redhat 7.1)
Thanks to Hanne Munkholm for solving this.