UbuntuUSN-1262-1Light Display Manager vulnerabilities
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Releases
- Ubuntu 11.10
Packages
- lightdm - Display Manager
Details
It was discovered that Light Display Manager incorrectly handled privileges
when reading .dmrc files. A local attacker could exploit this issue to read
arbitrary configuration files, bypassing intended permissions.
(CVE-2011-3153)
It was discovered that Light Display Manager incorrectly handled links when
adjusting permissions on .Xauthority files. A local attacker could exploit
this issue to access arbitrary files, and possibly obtain increased
privileges. In the default Ubuntu installation, this would be prevented
by the Yama link restrictions. (CVE-2011-4105)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.10 | noarch | liblightdm-gobject-1-0 | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | gir1.2-lightdm-1 | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-gobject-1-dev | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-gobject-1-doc | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-qt-1-0 | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | liblightdm-qt-1-dev | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lightdm | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lightdm-gtk-greeter | < 1.0.6-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | lightdm-qt-greeter | < 1.0.6-0ubuntu1.1 | UNKNOWN |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%