An intended security policy restriction bypass was found in the way ConsoleKit
identified VNC sessions originating from remote host. A valid, authenticated
system user could use this flaw to escalate their privileges (become
member of more privileged policy group) by initiating a remote VNC session.
Upstream bug report:
This issue affects the versions of the ConsoleKit package, as shipped
with Fedora release of 11, 12, and 13.
This issue affects the version of the ConsoleKit package as shipped with Red Hat Enterprise Linux 6.
This is public via the upstream bug. I'm opening this up.
I've assigned this bug CVE-2010-4664
The Red Hat Security Response Team has rated this issue as having moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.