Lucene search
HistoryFeb 02, 2014 - 12:55 a.m.
CVE-2013-4331
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.7
Confidence
Low
EPSS
0
Percentile
5.1%
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
Affected configurations
Node
robert_ancelllightdmMatch1.4.0
ORrobert_ancelllightdmMatch1.4.1
ORrobert_ancelllightdmMatch1.4.2
ORrobert_ancelllightdmMatch1.6.0
ORrobert_ancelllightdmMatch1.6.1
ORrobert_ancelllightdmMatch1.7.0
ORrobert_ancelllightdmMatch1.7.1
ORrobert_ancelllightdmMatch1.7.2
ORrobert_ancelllightdmMatch1.7.3
ORrobert_ancelllightdmMatch1.7.4
ORrobert_ancelllightdmMatch1.7.5
ORrobert_ancelllightdmMatch1.7.6
ORrobert_ancelllightdmMatch1.7.7
ORrobert_ancelllightdmMatch1.7.8
ORrobert_ancelllightdmMatch1.7.9
ORrobert_ancelllightdmMatch1.7.10
ORrobert_ancelllightdmMatch1.7.11
ORrobert_ancelllightdmMatch1.7.12
ORrobert_ancelllightdmMatch1.7.13
| Vendor | Product | Version | CPE |
|---|---|---|---|
| robert_ancell | lightdm | 1.4.0 | cpe:2.3:a:robert_ancell:lightdm:1.4.0:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.4.1 | cpe:2.3:a:robert_ancell:lightdm:1.4.1:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.4.2 | cpe:2.3:a:robert_ancell:lightdm:1.4.2:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.6.0 | cpe:2.3:a:robert_ancell:lightdm:1.6.0:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.6.1 | cpe:2.3:a:robert_ancell:lightdm:1.6.1:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.0 | cpe:2.3:a:robert_ancell:lightdm:1.7.0:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.1 | cpe:2.3:a:robert_ancell:lightdm:1.7.1:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.2 | cpe:2.3:a:robert_ancell:lightdm:1.7.2:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.3 | cpe:2.3:a:robert_ancell:lightdm:1.7.3:*:*:*:*:*:*:* |
| robert_ancell | lightdm | 1.7.4 | cpe:2.3:a:robert_ancell:lightdm:1.7.4:*:*:*:*:*:*:* |
References
Related
openvas
openvas
Fedora Update for lightdm FEDORA-2013-16381
2013-10-03 00:00:00
Fedora Update for lightdm FEDORA-2013-16388
2013-09-18 00:00:00
Ubuntu: Security Advisory (USN-1950-1)
2013-09-18 00:00:00
debiancve
debiancve
CVE-2013-4331
2014-02-02 00:55:04
ubuntu
ubuntu
Light Display Manager vulnerability
2013-09-12 00:00:00
securityvulns
securityvulns
lightdm weak permissions
2013-10-03 00:00:00
[USN-1950-1] Light Display Manager vulnerability
2013-10-03 00:00:00
ubuntucve
ubuntucve
CVE-2013-4331
2013-09-12 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: lightdm-1.4.3-1.fc18
2013-09-26 06:17:05
[SECURITY] Fedora 19 Update: lightdm-1.6.2-1.fc19
2013-09-16 00:31:10
mageia
mageia
Updated lightdm package fixes security vulnerability
2013-09-19 13:46:09
nessus
nessus
Ubuntu 13.04 : lightdm vulnerability (USN-1950-1)
2013-09-13 00:00:00
prion
prion
Design/Logic Flaw
2014-02-02 00:55:00
cvelist
cvelist
CVE-2013-4331
2014-02-02 00:00:00
cve
cve
CVE-2013-4331
2014-02-02 00:55:04
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.7
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2013-4331