Vulnerabilities > CVE-2019-20373

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
debian
ltsp
nessus

Summary

LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script.

Vulnerable Configurations

Part Description Count
OS
Debian
3
Application
Ltsp
1

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-2064.NASL
    descriptionIt was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id132776
    published2020-01-13
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132776
    titleDebian DLA-2064-1 : ldm security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4601.NASL
    descriptionIt was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project, incorrectly parsed responses from an SSH server, which could result in local root privilege escalation.
    last seen2020-06-01
    modified2020-06-02
    plugin id132761
    published2020-01-10
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132761
    titleDebian DSA-4601-1 : ldm - security update