CVE-2003-0547 Information

Description

GDM before 2.4.1.6 when using the \examine session errors\ feature allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.

Reference

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729 http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html http://marc.info/?l=bugtraq&m=106194792924122&w=2 http://www.redhat.com/support/errata/RHSA-2003-258.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A112