Launchpad CVE tracker

CVE 2012-1166

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

Related bugs and status

CVE-2012-1166 (Candidate) is related to these bugs:

Bug #953340: ldm 2.2.x (using wwm) contains a keybinding allowing the user to get a root shell

		In	Importance	Status
953340	ldm 2.2.x (using wwm) contains a keybinding allowing the user to get a root shell	ldm (Ubuntu)	High	Fix Released
953340	ldm 2.2.x (using wwm) contains a keybinding allowing the user to get a root shell	ldm (Ubuntu Natty)	High	Fix Released
953340	ldm 2.2.x (using wwm) contains a keybinding allowing the user to get a root shell	ldm (Ubuntu Oneiric)	High	Fix Released
953340	ldm 2.2.x (using wwm) contains a keybinding allowing the user to get a root shell	ldm (Ubuntu Precise)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-1166

References