CVE-2003-0794

Published: Nov 17, 2003Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results.

Affected (9)

Products: Gnome: Gdm

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Gnome Gdm	Version 2.2.5.4
Gnome Gdm	Version 2.4.1.1
Gnome Gdm	Version 2.4.1.2
Gnome Gdm	Version 2.4.1.3
Gnome Gdm	Version 2.4.1.4
Gnome Gdm	Version 2.4.1.5
Gnome Gdm	Version 2.4.1.6
Gnome Gdm	Version 2.4.1
Gnome Gdm	Version 2.4.4

References (10)

http://cvs.gnome.org/bonsai/cvsblame.cgi?file=gdm2/NEWS&rev=&root=/cvs/gnome

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000766

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2003:100

Source: cve@mitre.org

http://www.securityfocus.com/bid/8846

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/13448

Source: cve@mitre.org

http://cvs.gnome.org/bonsai/cvsblame.cgi?file=gdm2/NEWS&rev=&root=/cvs/gnome

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000766

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2003:100

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/8846

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/13448

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.