Описание
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-2387
- https://blogs.oracle.com/sunsecurity/entry/cve_2010_2387_password_disclosure
- https://bugzilla.gnome.org/show_bug.cgi?id=571846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60642
- http://ftp.gnome.org/pub/GNOME/sources/gdm/2.20/gdm-2.20.11.changes
- http://secunia.com/advisories/40690
- http://secunia.com/advisories/40780
- http://www.auscert.org.au/13123
- http://www.osvdb.org/66643
EPSS
CVE ID
Связанные уязвимости
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x bef ...
EPSS