CVE-2006-1057

Name of the Vulnerable Software and Affected Versions: gdm versions prior to 2.14.1

Description: A race condition issue exists in the daemon/slave.c component of gdm, allowing local users to gain privileges through a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. Additionally, multiple vulnerabilities in the gdm package of Debian GNU/Linux may lead to breaches of confidentiality, integrity, and availability of protected information, potentially exploitable by local attackers.

Recommendations: For gdm versions prior to 2.14.1, update to version 2.14.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the .ICEauthority file to minimize the risk of exploitation.