Описание
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| lxdm | fixed | 0.5.3-1 | package |
Примечания
http://git.lxde.org/gitweb/?p=lxde/lxdm.git;a=commitdiff;h=e8f387089e241360bdc6955d3e479450722dcea3
https://bugzilla.redhat.com/show_bug.cgi?id=1268900
http://advisories.mageia.org/MGASA-2015-0411.html
https://www.openwall.com/lists/oss-security/2015/11/20/2
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 8 лет назад
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.
CVSS3: 7.8
nvd
больше 8 лет назад
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.
CVSS3: 7.8
github
больше 3 лет назад
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.