Ubuntu 11.04 / 11.10 : ldm vulnerability (USN-1398-1)

Tenho Tuhkala discovered that the LTSP Display Manager ldm incorrectly filtered keybindings. An attacker could use the default keybindings to execute arbitrary commands as root at the login screen. Note that Tenable Network Security has extracted the preceding description block directly from the...

CVE-2008-1293

ldm in Linux Terminal Server Project LTSP 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 aka display :6...