LightDM Arbitrary File Access Vulnerability
BID:52289
Info
LightDM Arbitrary File Access Vulnerability
| Bugtraq ID: | 52289 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 05 2012 12:00AM |
| Updated: | Mar 05 2012 12:00AM |
| Credit: | Austin Clements |
| Vulnerable: |
Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 freedesktop.org LightDM 1.0.6-3 |
| Not Vulnerable: |
freedesktop.org LightDM 1.0.9-1 |
Discussion
LightDM Arbitrary File Access Vulnerability
Light Display Manager (LightDM) is prone to an arbitrary file-access vulnerability.
Local attackers can exploit this issue to read or write to arbitrary files. This may lead to further attacks.
Light Display Manager (LightDM) 1.0.6-3 is vulnerable. Other versions may also be affected.
Light Display Manager (LightDM) is prone to an arbitrary file-access vulnerability.
Local attackers can exploit this issue to read or write to arbitrary files. This may lead to further attacks.
Light Display Manager (LightDM) 1.0.6-3 is vulnerable. Other versions may also be affected.
Exploit / POC
LightDM Arbitrary File Access Vulnerability
An attacker uses readily available commands to exploit the issues.
An attacker uses readily available commands to exploit the issues.
Solution / Fix
LightDM Arbitrary File Access Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
LightDM Arbitrary File Access Vulnerability
References:
References:
- lightdm leaks FDs to child processes (Ubuntu)
- lightdm: leaks FDs to child processes (Austin Clements)
- Ubuntu Homepage (Ubuntu)