Lucene search
RedhatCVE-2013-4459HistoryNov 23, 2013 - 6:55 p.m.
CVE-2013-4459
2013-11-2318:55:04
CWE-264
redhat
web.nvd.nist.gov
26
cve-2013-4459
lightdm
apparmor
local users
bypass
guest account
nvd
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Affected configurations
Node
robert_ancelllightdmMatch1.7.5
ORrobert_ancelllightdmMatch1.7.6
ORrobert_ancelllightdmMatch1.7.7
ORrobert_ancelllightdmMatch1.7.8
ORrobert_ancelllightdmMatch1.7.9
ORrobert_ancelllightdmMatch1.7.10
ORrobert_ancelllightdmMatch1.7.11
ORrobert_ancelllightdmMatch1.7.12
ORrobert_ancelllightdmMatch1.7.13
ORrobert_ancelllightdmMatch1.7.14
ORrobert_ancelllightdmMatch1.7.15
ORrobert_ancelllightdmMatch1.7.16
ORrobert_ancelllightdmMatch1.7.17
ORrobert_ancelllightdmMatch1.7.18
ORrobert_ancelllightdmMatch1.8.0
ORrobert_ancelllightdmMatch1.8.1
ORrobert_ancelllightdmMatch1.8.2
ORrobert_ancelllightdmMatch1.8.3
ORrobert_ancelllightdmMatch1.9.0
ORrobert_ancelllightdmMatch1.9.1
Node
canonicalubuntu_linuxMatch13.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| robert_ancell | lightdm | 1.7.5 | cpe:2.3:a:robert_ancell:lightdm:1.7.5:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.6 | cpe:2.3:a:robert_ancell:lightdm:1.7.6:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.7 | cpe:2.3:a:robert_ancell:lightdm:1.7.7:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.8 | cpe:2.3:a:robert_ancell:lightdm:1.7.8:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.9 | cpe:2.3:a:robert_ancell:lightdm:1.7.9:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.10 | cpe:2.3:a:robert_ancell:lightdm:1.7.10:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.11 | cpe:2.3:a:robert_ancell:lightdm:1.7.11:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.12 | cpe:2.3:a:robert_ancell:lightdm:1.7.12:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.13 | cpe:2.3:a:robert_ancell:lightdm:1.7.13:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.14 | cpe:2.3:a:robert_ancell:lightdm:1.7.14:*:*:*:*:*:*:* |
Related
nessus
nessus
Ubuntu 13.10 : lightdm vulnerability (USN-2012-1)
2013-11-07 00:00:00
prion
prion
Design/Logic Flaw
2013-11-23 18:55:00
openvas
openvas
Ubuntu: Security Advisory (USN-2012-1)
2013-11-08 00:00:00
Ubuntu Update for lightdm USN-2012-1
2013-11-08 00:00:00
ubuntu
ubuntu
Light Display Manager vulnerability
2013-11-06 00:00:00
ubuntucve
ubuntucve
CVE-2013-4459
2013-10-25 00:00:00
debiancve
debiancve
CVE-2013-4459
2013-11-23 18:55:04
securityvulns
securityvulns
Light Display Manager protection bypass
2013-11-18 00:00:00
[USN-2012-1] Light Display Manager vulnerability
2013-11-18 00:00:00
cvelist
cvelist
CVE-2013-4459
2013-11-23 18:00:00
nvd
nvd
CVE-2013-4459
2013-11-23 18:55:04
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2013-4459