CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 1CVE-2020-28049
https://notcve.org/view.php?id=CVE-2020-28049
An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation. Se detectó un problema en SDDM versiones anteriores a 0.19.0. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00031.html https://bugzilla.suse.com/show_bug.cgi?id=CVE-2020-28049 https://github.com/sddm/sddm/blob/v0.19.0/ChangeLog https://github.com/sddm/sddm/releases https://lists.debian.org/debian-lts-announce/2020/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GT3EX5NSQJJAKY63ENSMEDX6NYZLYY3S https://security.gentoo.org/glsa/202402-02 https://www.debian.org/security/2020& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14345
https://notcve.org/view.php?id=CVE-2018-14345
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp. Se ha descubierto un problema en SDDM hasta su versión 0.17.0. • https://bugzilla.suse.com/show_bug.cgi?id=1101450 https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98 • CWE-287: Improper Authentication CWE-613: Insufficient Session Expiration •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-7271
https://notcve.org/view.php?id=CVE-2014-7271
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication. Simple Desktop Display Manager (SDDM) en versiones anteriores a la 0.10.0 permite que los usuarios locales inicien sesión como usuario "sddm" sin autenticación. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141494.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141550.html http://www.openwall.com/lists/oss-security/2014/10/06/4 http://www.securityfocus.com/bid/70767 https://bugzilla.redhat.com/show_bug.cgi?id=1149608 https://exchange.xforce.ibmcloud.com/vulnerabilities/98421 https://github.com/sddm/sddm/pull/279/files https://github.com/sddm/sddm/wiki/0.10.0-Release-Announcement • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-7272
https://notcve.org/view.php?id=CVE-2014-7272
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases). Simple Desktop Display Manager (SDDM), en versiones anteriores a la 0.10.0, permite que los usuarios locales obtengan privilegios root, ya que la ejecución de código como root realiza operaciones de escritura en un directorio de inicio del usuario y dicho usuario podría haber creado enlaces anteriormente (su explotación requiere que el usuario explote previamente una condición de carrera en ~/.Xauthority con los permisos adecuados. Nunca en otros casos). • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141494.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141550.html http://www.openwall.com/lists/oss-security/2014/10/06/4 https://bugzilla.redhat.com/show_bug.cgi?id=1149610 https://github.com/sddm/sddm/pull/280 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0856
https://notcve.org/view.php?id=CVE-2015-0856
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme. daemon/Greeter.cpp en sddm en versiones anteriores 0.13.0 no deshabilita adecuadamente el manejo de caída de KDE, lo que permite a usuarios locales obtener privilegios mediante la caída de un greeter cuando utiliza ciertos temas, según lo demostrado por el tema breeze en área de trabajo de plasma. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171443.html http://www.openwall.com/lists/oss-security/2015/10/14/2 http://www.securityfocus.com/bid/77099 https://github.com/sddm/sddm/commit/4cfed6b0a625593fb43876f04badc4dd99799d86 https://github.com/sddm/sddm/wiki/0.13.0-Release-Announcement • CWE-264: Permissions, Privileges, and Access Controls •