← voltar
CVE-2011-3349

CVE-2011-3349

EPSS 0.4%
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Produtos afetados
lightdm · lightdm

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/security/cve/cve-2011-3349https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639151https://bugs.launchpad.net/debian/+source/lightdm/+bug/834079https://seclists.org/oss-sec/2011/q3/393https://security-tracker.debian.org/tracker/CVE-2011-3349https://www.securityfocus.com/bid/50506