CVE-2011-3349
published 2019-11-19CVE-2011-3349: lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite…
PriorityP338high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.36%
28.1th percentile
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | lightdm | < lightdm 0.9.6-1 (bookworm) | lightdm 0.9.6-1 (bookworm) |
| lightdm | lightdm | — | — |
| lightdm_project | lightdm | < 0.9.6 | 0.9.6 |
| lightdm_project | lightdm | >= 0 < 0.9.6-1 | 0.9.6-1 |
| lightdm_project | lightdm | >= 0 < 0.9.6-1 | 0.9.6-1 |
| lightdm_project | lightdm | >= 0 < 0.9.6-1 | 0.9.6-1 |
| lightdm_project | lightdm | >= 0 < 0.9.6-1 | 0.9.6-1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m2g2-7fc9-g232: lightdm before 0
ghsa_unreviewed·2022-04-22
CVE-2011-3349 [HIGH] CWE-269 GHSA-m2g2-7fc9-g232: lightdm before 0
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
OSV
CVE-2011-3349: lightdm before 0
osv·2019-11-19·CVSS 7.8
CVE-2011-3349 [HIGH] CVE-2011-3349: lightdm before 0
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Debian
CVE-2011-3349: lightdm - lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions...
vendor_debian·2011·CVSS 7.8
CVE-2011-3349 [HIGH] CVE-2011-3349: lightdm - lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions...
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Scope: local
bookworm: resolved (fixed in 0.9.6-1)
bullseye: resolved (fixed in 0.9.6-1)
forky: resolved (fixed in 0.9.6-1)
sid: resolved (fixed in 0.9.6-1)
trixie: resolved (fixed in 0.9.6-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://access.redhat.com/security/cve/cve-2011-3349https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639151https://bugs.launchpad.net/debian/+source/lightdm/+bug/834079https://seclists.org/oss-sec/2011/q3/393https://security-tracker.debian.org/tracker/CVE-2011-3349https://www.securityfocus.com/bid/50506https://access.redhat.com/security/cve/cve-2011-3349https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639151https://bugs.launchpad.net/debian/+source/lightdm/+bug/834079https://seclists.org/oss-sec/2011/q3/393https://security-tracker.debian.org/tracker/CVE-2011-3349https://www.securityfocus.com/bid/50506
2019-11-19
Published