CVE-2003-0547

Name of the Vulnerable Software and Affected Versions GDM versions prior to 2.4.1.6 GDM version 2.0beta2 GDM version 2.2.3.1

Description The issue allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file when using the "examine session errors" feature. Additionally, multiple vulnerabilities in the GDM package may lead to disruption of protected information and can be exploited remotely.

Recommendations For GDM versions prior to 2.4.1.6, update to version 2.4.1.6 or later to resolve the issue. For GDM version 2.0beta2, consider disabling the "examine session errors" feature until a patch is available. For GDM version 2.2.3.1, restrict access to the ~/.xsession-errors file to minimize the risk of exploitation.