Ubuntu Update For Lightdm USN-1262-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1262-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that Light Display Manager incorrectly handled privileges when reading .dmrc files. A local attacker could exploit this issue to read arbitrary configuration files, bypassing intended permissions. (CVE-2011-3153) It was discovered that Light Display Manager incorrectly handled links when adjusting permissions on .Xauthority files. A local attacker could exploit this issue to access arbitrary files, and possibly obtain increased privileges. In the default Ubuntu installation, this would be prevented by the Yama link restrictions. (CVE-2011-4105)

Affected

lightdm on Ubuntu 11.10

Severity

Classification

CVE CVE-2011-3153, CVE-2011-4105

CVSS	Base Score: 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for cifs-utils USN-1226-2
Ubuntu Update for puppet USN-2077-1
Ubuntu Update for dbus USN-1874-1
Ubuntu Update for qt4-x11 USN-1628-1
Ubuntu Update for linux-ti-omap4 USN-1999-1

Ubuntu Update for lightdm USN-1262-1

Take action and discover your vulnerabilities