CVE-2012-0943
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Category : Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 2.1 | AV:L/AC:L/Au:N/C:N/I:N/A:P | nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 36966
Publication date : 2012-03-12 23h00 +00:00
Author : Ryan Lortie
EDB Verified : Yes
source: https://www.securityfocus.com/bid/52452/info
Light Display Manager (LightDM) is prone to a local arbitrary-file-deletion vulnerability.
A local attacker can exploit this issue to delete arbitrary files with administrator privileges.
Light Display Manager (LightDM) 1.0.6 is vulnerable. Other versions may also be affected.
/usr/sbin/guest-account has this cleanup:
# remove leftovers in /tmp
find /tmp -mindepth 1 -maxdepth 1 -uid "$UID" | xargs rm -rf || true
This runs with the cwd of the last logged in user. If the user creates a file "/tmp/x a", the file "a" gets removed from the last user's login.
Products Mentioned
Configuraton 0
Robert_ancell>>Lightdm >> Version 1.0.0
- Robert_ancell>>Lightdm >> Version 1.0.0 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.0.1
- Robert_ancell>>Lightdm >> Version 1.0.1 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.0.2
- Robert_ancell>>Lightdm >> Version 1.0.2 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.0.3
- Robert_ancell>>Lightdm >> Version 1.0.3 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.0.4
- Robert_ancell>>Lightdm >> Version 1.0.4 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.0.5
- Robert_ancell>>Lightdm >> Version 1.0.5 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.0
- Robert_ancell>>Lightdm >> Version 1.1.0 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.1
- Robert_ancell>>Lightdm >> Version 1.1.1 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.2
- Robert_ancell>>Lightdm >> Version 1.1.2 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.3
- Robert_ancell>>Lightdm >> Version 1.1.3 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.4
- Robert_ancell>>Lightdm >> Version 1.1.4 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.5
- Robert_ancell>>Lightdm >> Version 1.1.5 (Open CPE detail)
Robert_ancell>>Lightdm >> Version 1.1.6
- Robert_ancell>>Lightdm >> Version 1.1.6 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 11.10
- Canonical>>Ubuntu_linux >> Version 11.10 (Open CPE detail)
References
2025©
tesweb SA
