CVE-2008-1293

Publication date 29 April 2008

Last updated 24 July 2024

Ubuntu priority

ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 (aka display :6).

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
ltsp	8.04 LTS hardy	Not affected
	7.10 gutsy	Fixed 5.0.39.1
	7.04 feisty	Fixed 5.0.7.1
	6.06 LTS dapper	Fixed 0.87.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-610-1
LTSP vulnerability
6 May 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2008-1293