The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.3.1 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.6.0 |
| opensuse | opensuse | 12.2 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | * |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.1.3 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.1.5 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.1.6 |
| opensuse | opensuse | 12.3 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.3.0 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.6.1 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.5.0 |
| opensuse | opensuse | 13.1 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.5.2 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.1.2 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.1.4 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.1.1 |
| lightdm_gtk+_greeter_project | lightdm_gtk+_greeter | 1.5.1 |