---

CVE-2017-7358 - log back

CVE-2017-7358 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Local
Type	+ Privilege escalation
Description	+ In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
References	+ http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/2478
Notes	+ We are not affected as this CVE is ubuntu-specific. The affected file (debian/guest-account.sh) is not shipped with the Arch Linux lightdm package.