Filtered by vendor Ltsp Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-20373 2 Debian, Ltsp 2 Debian Linux, Ldm 2024-11-21 7.8 High
LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script.
CVE-2008-1293 1 Ltsp 1 Linux Terminal Server Project 2024-11-21 N/A
ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 (aka display :6).