Insecure Permissions in LightDM's Temporary .Xauthority File

Insecure Permissions in LightDM's Temporary .Xauthority File

CVE-2013-4331 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.

Learn more about our User Device Pen Test.