Security Advisory

CVE-2019-20373

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-09 22:27:55

Last updated 2024-08-05 02:39:09

Assigner mitre

State PUBLISHED

Description

LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the users shell lacks support for Bourne shell syntax. This is related to a run-x-session script.

← Browse all CVEs View on cve.org ↗