LightDM '.dmrc' File Local File Information Disclosure Vulnerability
BID:50688
Info
LightDM '.dmrc' File Local File Information Disclosure Vulnerability
| Bugtraq ID: | 50688 |
| Class: | Design Error |
| CVE: |
CVE-2011-3153 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 15 2011 12:00AM |
| Updated: | Nov 15 2011 12:00AM |
| Credit: | Reported by the vendor |
| Vulnerable: |
Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 freedesktop.org LightDM 1.0.5 freedesktop.org LightDM 1.0.4 |
| Not Vulnerable: |
freedesktop.org LightDM 1.0.6 |
Discussion
LightDM '.dmrc' File Local File Information Disclosure Vulnerability
Light Display Manager (LightDM) is prone to an information-disclosure vulnerability.
Local attackers can exploit this issue to read arbitrary files on the affected computer. This may lead to further attacks.
Light Display Manager (LightDM) is prone to an information-disclosure vulnerability.
Local attackers can exploit this issue to read arbitrary files on the affected computer. This may lead to further attacks.
Exploit / POC
LightDM '.dmrc' File Local File Information Disclosure Vulnerability
An attacker uses readily available commands to exploit the issues.
An attacker uses readily available commands to exploit the issues.
Solution / Fix
LightDM '.dmrc' File Local File Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
LightDM '.dmrc' File Local File Information Disclosure Vulnerability
References:
References:
- Ubuntu Homepage (Ubuntu)
- USN-1262-1: Light Display Manager vulnerabilities (Ubuntu)