MidnightBSD

Advisories for lightdm_gtk+_greeter_project

CVE-2014-0979 LOW

The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.3.1
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.6.0
opensuse opensuse 12.2
lightdm_gtk+_greeter_project lightdm_gtk+_greeter *
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.1.3
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.1.5
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.1.6
opensuse opensuse 12.3
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.3.0
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.6.1
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.5.0
opensuse opensuse 13.1
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.5.2
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.1.2
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.1.4
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.1.1
lightdm_gtk+_greeter_project lightdm_gtk+_greeter 1.5.1