LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| robert_ancell | lightdm | * |
| robert_ancell | lightdm | 0.2.0 |
| robert_ancell | lightdm | 1.0.4 |
| robert_ancell | lightdm | 0.2.3 |
| robert_ancell | lightdm | 0.3.3 |
| robert_ancell | lightdm | 0.9.8 |
| robert_ancell | lightdm | 0.1.2 |
| robert_ancell | lightdm | 0.9.2 |
| robert_ancell | lightdm | 1.0.1 |
| robert_ancell | lightdm | 0.4.4 |
| robert_ancell | lightdm | 0.9.4 |
| robert_ancell | lightdm | 0.3.6 |
| robert_ancell | lightdm | 1.0.3 |
| robert_ancell | lightdm | 0.3.5 |
| robert_ancell | lightdm | 0.2.1 |
| robert_ancell | lightdm | 1.1.0 |
| robert_ancell | lightdm | 0.2.2 |
| robert_ancell | lightdm | 0.3.2 |
| robert_ancell | lightdm | 0.9.3 |
| robert_ancell | lightdm | 0.0.1 |
| robert_ancell | lightdm | 0.0.3 |
| robert_ancell | lightdm | 0.4.3 |
| robert_ancell | lightdm | 1.0.0 |
| robert_ancell | lightdm | 0.9.1 |
| robert_ancell | lightdm | 0.3.0 |
| robert_ancell | lightdm | 0.1.0 |
| robert_ancell | lightdm | 0.4.0 |
| robert_ancell | lightdm | 0.3.1 |
| robert_ancell | lightdm | 0.9.0 |
| robert_ancell | lightdm | 1.0.2 |
| robert_ancell | lightdm | 0.1.1 |
| robert_ancell | lightdm | 0.0.4 |
| robert_ancell | lightdm | 0.9.7 |
| robert_ancell | lightdm | 0.4.2 |
| robert_ancell | lightdm | 0.9.5 |
| robert_ancell | lightdm | 0.0.2 |
| robert_ancell | lightdm | 0.9.6 |
| robert_ancell | lightdm | 0.4.1 |
| robert_ancell | lightdm | 0.3.4 |
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| robert_ancell | lightdm | 1.4.1 |
| robert_ancell | lightdm | 1.7.0 |
| robert_ancell | lightdm | 1.7.5 |
| robert_ancell | lightdm | 1.7.9 |
| robert_ancell | lightdm | 1.7.7 |
| robert_ancell | lightdm | 1.7.13 |
| robert_ancell | lightdm | 1.7.12 |
| robert_ancell | lightdm | 1.7.8 |
| robert_ancell | lightdm | 1.7.6 |
| robert_ancell | lightdm | 1.7.4 |
| robert_ancell | lightdm | 1.6.0 |
| robert_ancell | lightdm | 1.7.10 |
| robert_ancell | lightdm | 1.4.2 |
| robert_ancell | lightdm | 1.7.2 |
| robert_ancell | lightdm | 1.4.0 |
| robert_ancell | lightdm | 1.7.3 |
| robert_ancell | lightdm | 1.6.1 |
| robert_ancell | lightdm | 1.7.1 |
| robert_ancell | lightdm | 1.7.11 |
LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| robert_ancell | lightdm | 1.7.18 |
| robert_ancell | lightdm | 1.7.5 |
| robert_ancell | lightdm | 1.7.9 |
| canonical | ubuntu_linux | 13.10 |
| robert_ancell | lightdm | 1.7.7 |
| robert_ancell | lightdm | 1.7.13 |
| robert_ancell | lightdm | 1.7.16 |
| robert_ancell | lightdm | 1.7.12 |
| robert_ancell | lightdm | 1.7.8 |
| robert_ancell | lightdm | 1.7.6 |
| robert_ancell | lightdm | 1.7.14 |
| robert_ancell | lightdm | 1.8.3 |
| robert_ancell | lightdm | 1.7.10 |
| robert_ancell | lightdm | 1.7.17 |
| robert_ancell | lightdm | 1.9.0 |
| robert_ancell | lightdm | 1.7.15 |
| robert_ancell | lightdm | 1.8.1 |
| robert_ancell | lightdm | 1.9.1 |
| robert_ancell | lightdm | 1.7.11 |
| robert_ancell | lightdm | 1.8.0 |
| robert_ancell | lightdm | 1.8.2 |