91 matches found
EUVD-2011-1034
Malware in sbrugna...
EUVD-2011-1029
Malware in sbrugna...
EUVD-2011-2174
Malware in sbrugna...
EUVD-2019-10925
Malware in sbrugna...
SUSE CVE-2011-1017
Heap-based buffer overflow in the ldmfragadd function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table...
SUSE CVE-2011-2182
The ldmfragadd function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partiti...
The vulnerability in the run-x-session script of the LDM package for the Debian GNU/Linux operating system allows a hacker to elevate their privileges to the level of the superuser.
The vulnerability in the run-x-session script of the LDM package for the Debian GNU/Linux operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to a superuser level...
USN-4533-1: LTSP Display Manager vulnerabilities
Veeti Veteläinen discovered that the LTSP Display Manager ldm incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges. CVE-2019-20373...
Debian DLA-2064-1 : ldm security update
It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. For Debian 8 'Jessie', this issue has been fixed in ldm version 2:2.2.15-2+deb8u1. We...
Debian: Security Advisory (DLA-2064-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2064-1] ldm security update
Package : ldm Version : 2:2.2.15-2+deb8u1 CVE ID : CVE-2019-20373 Debian Bug : 948538 It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. For...
Debian: Security Advisory (DSA-4601-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4601-1 : ldm - security update
It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project, incorrectly parsed responses from an SSH server, which could result in local root privilege escalation. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
Design/Logic Flaw
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
CVE-2019-20373
CVE-2019-20373 affects LTSP’s Display Manager (ldm) up to version 2.18.06. A local attacker can gain root by exploiting an empty LDM_USERNAME when a user’s shell lacks Bourne shell syntax support, via the run-x-session script. The issue is a local privilege escalation in LTSP LDM. Affected deploy...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
CVE-2019-20373
Removed by vendor...
[SECURITY] [DSA 4601-1] ldm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4601-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 09, 2020 https://www.debian.org/security/faq -...