An intended security policy restriction bypass was found in the way ConsoleKit
identified VNC sessions originating from remote host. A valid, authenticated
system user could use this flaw to escalate their privileges (become
member of more privileged policy group) by initiating a remote VNC session.
Upstream bug report:
This issue affects the versions of the ConsoleKit package, as shipped
with Fedora release of 11, 12, and 13.
This issue affects the version of the ConsoleKit package as shipped with Red Hat Enterprise Linux 6.
This is public via the upstream bug. I'm opening this up.
I've assigned this bug CVE-2010-4664