Lucene search
UbuntuUSN-1399-2HistoryMar 13, 2012 - 12:00 a.m.
Light Display Manager vulnerability
2012-03-1300:00:00
ubuntu.com
31
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
15.5%
Releases
- Ubuntu 11.10
Packages
- lightdm - Display Manager
Details
Ryan Lortie discovered that a guest session script bundled in the Light
Display Manager package improperly cleaned out certain guest session files.
A local attacker could use this issue to delete arbitrary files.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.10 | noarch | lightdm | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | gir1.2-lightdm-1 | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-gobject-1-0 | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-gobject-1-dev | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-gobject-1-doc | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-qt-1-0 | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-qt-1-dev | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lightdm-gtk-greeter | < 1.0.6-0ubuntu1.6 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lightdm-qt-greeter | < 1.0.6-0ubuntu1.6 | UNKNOWN |
References
Related
openvas
openvas
Ubuntu: Security Advisory (USN-1399-1)
2012-03-16 00:00:00
Ubuntu Update for gdm-guest-session USN-1399-1
2012-03-16 00:00:00
Ubuntu Update for lightdm USN-1399-2
2012-03-16 00:00:00
securityvulns
securityvulns
Light Display Manager / gdm / LTSP Display Manager file descriptor leakage
2012-03-10 00:00:00
nessus
nessus
Ubuntu 11.10 : lightdm vulnerability (USN-1399-2)
2012-03-14 00:00:00
ubuntu
ubuntu
gdm-guest-session vulnerability
2012-03-13 00:00:00
exploitdb
exploitdb
LightDM 1.0.6 - Arbitrary File Deletion
2012-03-13 00:00:00
prion
prion
Session fixation
2014-05-22 23:55:00
Design/Logic Flaw
2014-05-22 23:55:00
ubuntucve
ubuntucve
CVE-2012-0943
2012-03-13 00:00:00
CVE-2012-6648
2014-05-22 00:00:00
nvd
nvd
CVE-2012-0943
2014-05-22 23:55:02
CVE-2012-6648
2014-05-22 23:55:03
debiancve
debiancve
CVE-2012-0943
2014-05-22 23:55:02
cvelist
cvelist
CVE-2012-6648
2014-05-22 23:00:00
CVE-2012-0943
2014-05-22 23:00:00
cve
cve
CVE-2012-0943
2014-05-22 23:55:02
CVE-2012-6648
2014-05-22 23:55:03
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
15.5%
Related for USN-1399-2