CVE-2006-2452

Name of the Vulnerable Software and Affected Versions: GNOME GDM versions 2.8 through 2.15

Description: The issue allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password when the "face browser" feature is enabled. This can be leveraged to gain additional privileges. Exploitation of the vulnerability may lead to a breach of confidentiality, integrity, and availability of protected information, and it can be exploited locally.

Recommendations: For GNOME GDM versions 2.8 through 2.15, consider disabling the "face browser" feature to prevent unauthorized access to the "Configure Login Manager" functionality until a patch is available. Restrict access to the "Configure Login Manager" to minimize the risk of exploitation.