Ltsp : Security Vulnerabilities, CVEs,

CVE-2019-20373

LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-01-09
Updated
2020-01-24

CVE-2008-1293

ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 (aka display :6).
Max CVSS
4.8
EPSS Score
0.45%
Published
2008-04-29
Updated
2018-10-03
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close