Description
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ryan Lortie · textlocallinux
https://www.exploit-db.com/exploits/36966
References (3)
Core 3
Core References
Issue Tracking x_refsource_confirm
https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044
Patch, Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1399-2
Various Sources x_refsource_misc
https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff
Scores
EPSS
0.0020
EPSS Percentile
41.3%
Details
CWE
CWE-264
Status
published
Products (14)
canonical/ubuntu_linux
11.10
robert_ancell/lightdm
1.0.0
robert_ancell/lightdm
1.0.1
robert_ancell/lightdm
1.0.2
robert_ancell/lightdm
1.0.3
robert_ancell/lightdm
1.0.4
robert_ancell/lightdm
1.0.5
robert_ancell/lightdm
1.1.0
robert_ancell/lightdm
1.1.1
robert_ancell/lightdm
1.1.2
... and 4 more
Published
May 22, 2014
Tracked Since
Feb 18, 2026