Search
Find a vulnerability
Search criteria
12 vulnerabilities by robert_ancell
CVE-2012-1111 (GCVE-0-2012-1111)
Vulnerability from nvd – Published: 2014-10-27 20:00 – Updated: 2024-08-06 18:45
VLAI
Summary
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/lightdm… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2012-0… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.novell.com/show_bug.cgi?id=745339 | x_refsource_CONFIRM |
| http://seclists.org/oss-sec/2012/q1/566 | mailing-listx_refsource_MLIST |
| http://seclists.org/oss-sec/2012/q1/557 | mailing-listx_refsource_MLIST |
Date Public
2012-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060"
},
{
"name": "openSUSE-SU-2012:0354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=745339"
},
{
"name": "[oss-security] 20120305 Re: CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2012/q1/566"
},
{
"name": "[oss-security] 20120305 CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2012/q1/557"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-27T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060"
},
{
"name": "openSUSE-SU-2012:0354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=745339"
},
{
"name": "[oss-security] 20120305 Re: CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2012/q1/566"
},
{
"name": "[oss-security] 20120305 CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2012/q1/557"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060"
},
{
"name": "openSUSE-SU-2012:0354",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.html"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=745339",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=745339"
},
{
"name": "[oss-security] 20120305 Re: CVE Request: lightdm",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2012/q1/566"
},
{
"name": "[oss-security] 20120305 CVE Request: lightdm",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2012/q1/557"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1111",
"datePublished": "2014-10-27T20:00:00.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:27.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0943 (GCVE-0-2012-0943)
Vulnerability from nvd – Published: 2014-05-22 23:00 – Updated: 2024-08-06 18:45
VLAI
Summary
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/%2Bsource/light… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-1399-2 | vendor-advisoryx_refsource_UBUNTU |
| https://launchpadlibrarian.net/96471251/lightdm.s… | x_refsource_MISC |
Date Public
2012-03-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:25.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name": "USN-1399-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1399-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-22T22:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name": "USN-1399-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1399-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2012-0943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name": "USN-1399-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1399-2"
},
{
"name": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff",
"refsource": "MISC",
"url": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2012-0943",
"datePublished": "2014-05-22T23:00:00.000Z",
"dateReserved": "2012-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:25.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3153 (GCVE-0-2011-3153)
Vulnerability from nvd – Published: 2014-03-06 15:00 – Updated: 2024-08-06 23:22
VLAI
Summary
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/%2Bsource/light… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-1262-1 | vendor-advisoryx_refsource_UBUNTU |
| http://bazaar.launchpad.net/~lightdm-team/lightdm… | x_refsource_CONFIRM |
Date Public
2011-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:22:27.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865"
},
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-06T14:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865"
},
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865"
},
{
"name": "USN-1262-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299",
"refsource": "CONFIRM",
"url": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3153",
"datePublished": "2014-03-06T15:00:00.000Z",
"dateReserved": "2011-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:22:27.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4331 (GCVE-0-2013-4331)
Vulnerability from nvd – Published: 2014-02-02 00:00 – Updated: 2024-08-06 16:38
VLAI
Summary
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/lightdm/%2Bbug/685212 | x_refsource_CONFIRM |
Date Public
2013-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:02.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/lightdm/%2Bbug/685212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-01T23:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/lightdm/%2Bbug/685212"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4331",
"datePublished": "2014-02-02T00:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:02.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4459 (GCVE-0-2013-4459)
Vulnerability from nvd – Published: 2013-11-23 18:00 – Updated: 2024-08-06 16:45
VLAI
Summary
LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2012-1 | vendor-advisoryx_refsource_UBUNTU |
| https://bugs.launchpad.net/ubuntu/%2Bsource/light… | x_refsource_MISC |
| http://lists.freedesktop.org/archives/lightdm/201… | mailing-listx_refsource_MLIST |
| http://lists.freedesktop.org/archives/lightdm/201… | mailing-listx_refsource_MLIST |
Date Public
2013-10-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2012-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2012-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/1243339"
},
{
"name": "[LightDM] 20131030 lightdm 1.9.2 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000471.html"
},
{
"name": "[LightDM] 20131031 lightdm 1.8.4 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000472.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-23T18:28:53.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2012-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2012-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/1243339"
},
{
"name": "[LightDM] 20131030 lightdm 1.9.2 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000471.html"
},
{
"name": "[LightDM] 20131031 lightdm 1.8.4 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000472.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4459",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4105 (GCVE-0-2011-4105)
Vulnerability from nvd – Published: 2012-02-17 23:00 – Updated: 2024-08-07 00:01
VLAI
Summary
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-1262-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2011/11/02/9 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2011/1… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2011/11/02/6 | mailing-listx_refsource_MLIST |
| http://lists.freedesktop.org/archives/lightdm/201… | mailing-listx_refsource_MLIST |
Date Public
2011-11-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:50.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/9"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/10"
},
{
"name": "[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/6"
},
{
"name": "[LightDM] 20111102 Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2011-November/000178.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-06T14:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/9"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/10"
},
{
"name": "[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/6"
},
{
"name": "[LightDM] 20111102 Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2011-November/000178.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-1262-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/9"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/10"
},
{
"name": "[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/6"
},
{
"name": "[LightDM] 20111102 Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/lightdm/2011-November/000178.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4105",
"datePublished": "2012-02-17T23:00:00.000Z",
"dateReserved": "2011-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:01:50.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1111 (GCVE-0-2012-1111)
Vulnerability from cvelistv5 – Published: 2014-10-27 20:00 – Updated: 2024-08-06 18:45
VLAI
Summary
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/lightdm… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2012-0… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.novell.com/show_bug.cgi?id=745339 | x_refsource_CONFIRM |
| http://seclists.org/oss-sec/2012/q1/566 | mailing-listx_refsource_MLIST |
| http://seclists.org/oss-sec/2012/q1/557 | mailing-listx_refsource_MLIST |
Date Public
2012-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060"
},
{
"name": "openSUSE-SU-2012:0354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=745339"
},
{
"name": "[oss-security] 20120305 Re: CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2012/q1/566"
},
{
"name": "[oss-security] 20120305 CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2012/q1/557"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-27T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060"
},
{
"name": "openSUSE-SU-2012:0354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=745339"
},
{
"name": "[oss-security] 20120305 Re: CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2012/q1/566"
},
{
"name": "[oss-security] 20120305 CVE Request: lightdm",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2012/q1/557"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060"
},
{
"name": "openSUSE-SU-2012:0354",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.html"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=745339",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=745339"
},
{
"name": "[oss-security] 20120305 Re: CVE Request: lightdm",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2012/q1/566"
},
{
"name": "[oss-security] 20120305 CVE Request: lightdm",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2012/q1/557"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1111",
"datePublished": "2014-10-27T20:00:00.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:27.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0943 (GCVE-0-2012-0943)
Vulnerability from cvelistv5 – Published: 2014-05-22 23:00 – Updated: 2024-08-06 18:45
VLAI
Summary
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/%2Bsource/light… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-1399-2 | vendor-advisoryx_refsource_UBUNTU |
| https://launchpadlibrarian.net/96471251/lightdm.s… | x_refsource_MISC |
Date Public
2012-03-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:25.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name": "USN-1399-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1399-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-22T22:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name": "USN-1399-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1399-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2012-0943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044"
},
{
"name": "USN-1399-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1399-2"
},
{
"name": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff",
"refsource": "MISC",
"url": "https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2012-0943",
"datePublished": "2014-05-22T23:00:00.000Z",
"dateReserved": "2012-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:25.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3153 (GCVE-0-2011-3153)
Vulnerability from cvelistv5 – Published: 2014-03-06 15:00 – Updated: 2024-08-06 23:22
VLAI
Summary
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/%2Bsource/light… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-1262-1 | vendor-advisoryx_refsource_UBUNTU |
| http://bazaar.launchpad.net/~lightdm-team/lightdm… | x_refsource_CONFIRM |
Date Public
2011-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:22:27.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865"
},
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-06T14:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865"
},
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865"
},
{
"name": "USN-1262-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299",
"refsource": "CONFIRM",
"url": "http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3153",
"datePublished": "2014-03-06T15:00:00.000Z",
"dateReserved": "2011-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:22:27.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4331 (GCVE-0-2013-4331)
Vulnerability from cvelistv5 – Published: 2014-02-02 00:00 – Updated: 2024-08-06 16:38
VLAI
Summary
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/lightdm/%2Bbug/685212 | x_refsource_CONFIRM |
Date Public
2013-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:02.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/lightdm/%2Bbug/685212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-01T23:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/lightdm/%2Bbug/685212"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4331",
"datePublished": "2014-02-02T00:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:02.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4459 (GCVE-0-2013-4459)
Vulnerability from cvelistv5 – Published: 2013-11-23 18:00 – Updated: 2024-08-06 16:45
VLAI
Summary
LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2012-1 | vendor-advisoryx_refsource_UBUNTU |
| https://bugs.launchpad.net/ubuntu/%2Bsource/light… | x_refsource_MISC |
| http://lists.freedesktop.org/archives/lightdm/201… | mailing-listx_refsource_MLIST |
| http://lists.freedesktop.org/archives/lightdm/201… | mailing-listx_refsource_MLIST |
Date Public
2013-10-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2012-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2012-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/1243339"
},
{
"name": "[LightDM] 20131030 lightdm 1.9.2 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000471.html"
},
{
"name": "[LightDM] 20131031 lightdm 1.8.4 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000472.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-23T18:28:53.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2012-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2012-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/1243339"
},
{
"name": "[LightDM] 20131030 lightdm 1.9.2 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000471.html"
},
{
"name": "[LightDM] 20131031 lightdm 1.8.4 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2013-October/000472.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4459",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4105 (GCVE-0-2011-4105)
Vulnerability from cvelistv5 – Published: 2012-02-17 23:00 – Updated: 2024-08-07 00:01
VLAI
Summary
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-1262-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2011/11/02/9 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2011/1… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2011/11/02/6 | mailing-listx_refsource_MLIST |
| http://lists.freedesktop.org/archives/lightdm/201… | mailing-listx_refsource_MLIST |
Date Public
2011-11-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:50.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/9"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/10"
},
{
"name": "[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/6"
},
{
"name": "[LightDM] 20111102 Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2011-November/000178.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-06T14:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/9"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/10"
},
{
"name": "[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/6"
},
{
"name": "[LightDM] 20111102 Version 1.0.6 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/lightdm/2011-November/000178.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-1262-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1262-1"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/9"
},
{
"name": "[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/10"
},
{
"name": "[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/6"
},
{
"name": "[LightDM] 20111102 Version 1.0.6 released",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/lightdm/2011-November/000178.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4105",
"datePublished": "2012-02-17T23:00:00.000Z",
"dateReserved": "2011-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:01:50.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}