Main Vulnerability Database Exploits ID:8376 - Exploit for Information disclosure in GNOME Keyring - CVE-2018-20781

ID:8376 - Exploit for Information disclosure in GNOME Keyring - CVE-2018-20781

Published: September 19, 2022

Vulnerability identifier: #VU17715

Vulnerability risk: Low

CVE-ID: CVE-2018-20781

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
GNOME Keyring

Link to public exploit:

https://www.rapid7.com/db/modules/post/linux/gather/mimipenguin

Vulnerability description

The vulnerability allows a remote root privileged attacker to gain access to potentially sensitive information.

The vulnerability exists due to the LightDM daemon in the affected software stores user passwords in cleartext. A remote attacker can performa memory dump and retrieve login credentials, which can be used to conduct further attacks.

Remediation

Update to version 3.27.2.

ID:8376 - Exploit for Information disclosure in GNOME Keyring - CVE-2018-20781

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human