CVE-2010-2387

Name of the Vulnerable Software and Affected Versions GNOME Display Manager versions 2.20.x through 2.20.10

Description The issue allows local users to potentially gain privileges by reading information from syslog logs when GDM debug is enabled and the user password contains invalid UTF8 encoded characters.

Recommendations For GNOME Display Manager versions 2.20.x through 2.20.10, update to version 2.20.11 or later to resolve the issue. As a temporary workaround, consider disabling GDM debug to minimize the risk of exploitation. Restrict access to syslog logs to prevent unauthorized users from reading the sensitive information.