CVE-2013-4331

NameCVE-2013-4331
DescriptionLight Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs721744

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lightdm (PTS)buster1.26.0-4fixed
bullseye1.26.0-7fixed
bookworm1.26.0-8fixed
trixie1.32.0-4fixed
sid1.32.0-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lightdmsourcewheezy(not affected)
lightdmsource(unstable)1.6.2-1721744

Notes

[wheezy] - lightdm <not-affected> (Introduced in 1.4)
Search for package or bug name: Reporting problems