Unrated severityNVD Advisory· Published Sep 4, 2009· Updated Apr 23, 2026

CVE-2009-2697

Description

The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079.

Affected products

GNOME Foundation/Gdm13 versions
cpe:2.3:a:gnome:gdm:1.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:gnome:gdm:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.13:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:*:*:*:*:*:*:*:*range: <=2.16
- cpe:2.3:a:gnome:gdm:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.15:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/36553nvdVendor Advisory
rhn.redhat.com/errata/RHSA-2009-1364.htmlnvdVendor Advisory
www.securityfocus.com/bid/36219nvd
bugzilla.redhat.com/show_bug.cginvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9586nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000