Ubuntu Update For Lightdm USN-1262-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1262-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that Light Display Manager incorrectly handled privileges when reading .dmrc files. A local attacker could exploit this issue to read arbitrary configuration files, bypassing intended permissions. (CVE-2011-3153) It was discovered that Light Display Manager incorrectly handled links when adjusting permissions on .Xauthority files. A local attacker could exploit this issue to access arbitrary files, and possibly obtain increased privileges. In the default Ubuntu installation, this would be prevented by the Yama link restrictions. (CVE-2011-4105)

Affected

lightdm on Ubuntu 11.10

Severity

Classification

CVE CVE-2011-3153, CVE-2011-4105
CVSS Base Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for linux-ti-omap4 USN-1993-1
Ubuntu Update for linux-ti-omap4 USN-1260-1
Ubuntu Update for puppet USN-2077-1
Ubuntu Update for python-httplib2 USN-1948-1
Ubuntu Update for linux-lts-backport-oneiric USN-1688-1

Ubuntu Update for lightdm USN-1262-1

Take action and discover your vulnerabilities