Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1166

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-1166
Last Modified 31 May 2014 12:09:22
Published 21 May 2014 10:55:05
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1166

Summary

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 11.04

  • Canonical Ubuntu Linux 11.10

Application

  • Canonical Ltsp Display Manager 2.2.4

  • Canonical Ltsp Display Manager 2.2.5

  • Canonical Ltsp Display Manager 2.2.6


References

CONFIRM - https://bugs.launchpad.net/ubuntu/%2Bsource/ldm/%2Bbug/953340

UBUNTU - USN-1398-1

CONFIRM - http://irclogs.ltsp.org/?d=2012-03-12


Last Updated: 27 May 2016 11:05:20