CVE-2015-8316

CVE-2015-8316 affects LightDM. The vuln is an array index error in LightDM when the XDMCP server is enabled, allowing a remote attacker to cause a denial of service (process crash). Impact is described for affected versions: LightDM 1.14.3 and 1.16.x before 1.16.6 . The entry notes the attack is ...

CVE-2015-8316

Array index error in LightDM aka Light Display Manager 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service process crash via an XDMCP request packet with no address...

LightDM Security Bypass Vulnerability

LightDM is a set of desktop display managers for Linux desktops. A security bypass vulnerability exists in LightDM. An attacker could use this vulnerability to bypass established security restrictions and perform unauthorized operations...

Session fixation

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session...

CVE-2017-8900

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session...

CVE-2017-8900

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session...

CVE-2017-8900

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session...

CVE-2017-8900

CVE-2017-8900 affects LightDM up to version 1.22.0 when used with systemd on Ubuntu 16.10 and 17.x. A physically proximate attacker can establish a guest session and bypass AppArmor restrictions to access arbitrary users’ home directories, exposing confidential data. The issue is documented in mu...

CVE-2017-8900

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session...

USN-3285-1: LightDM vulnerability

Tyler Hicks discovered that LightDM did not confine the user session for guest users. An attacker with physical access could use this issue to access files and other resources that they should not be able to access. In the default installation, this includes files in the home directories of other...

Ubuntu: Security Advisory (USN-3285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.10 / 17.04 : lightdm vulnerability (USN-3285-1)

Tyler Hicks discovered that LightDM did not confine the user session for guest users. An attacker with physical access could use this issue to access files and other resources that they should not be able to access. In the default installation, this includes files in the home directories of other...

CVE-2017-8900

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session...

LightDM (Ubuntu 16.04/16.10) Privilege Escalation

Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform that runs everywhere from IoT devices, the smartphone...

LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation

Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform that runs everywhere from IoT devices, the smartphone...

Ubuntu 16.10 / 16.04 LTS - LightDM Guest Account Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform...

LightDM (Ubuntu 16.0416.10) - Guest Account Local Privilege Escalation

LightDM Ubuntu 16.0416.10 - Guest Account Local Privilege Escalation Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source...

SSD Advisory – Ubuntu LightDM Guest Account Local Privilege Escalation（CVE-2017-7358）

Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform that runs everywhere from IoT devices, the smartphone, the tablet and the PC to the server and the cloud. LightDM ...

LightDM Directory Traversal Vulnerability

LightDM is a set of desktop display managers for Linux desktops. A directory traversal vulnerability exists in the debian/guest-account.sh file in LightDM 1.22.0 and earlier versions. A local attacker can use this vulnerability to obtain the location of an arbitrary directory path and elevate...

Directory traversal

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out...