Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArch LinuxASA-201411-6
HistoryNov 10, 2014 - 12:00 a.m.

kdebase-workspace: local privilege escalation

2014-11-1000:00:00
Arch Linux
lists.archlinux.org
13

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.7%

JSON

KDE workspace configuration module for setting the date and time has a
helper program which runs as root for performing actions. This is
secured with polkit. This helper takes the name of the ntp utility to
run as an argument. This allows a hacker to run any arbitrary command as
root under the guise of updating the time.

OSVersionArchitecturePackageVersionFilename
anyanyanykdebase-workspace< 4.11.13-2UNKNOWN

Related

fedora 3
nessus 7
securityvulns 2
openvas 7
ubuntucve 1
gentoo 1
mageia 2
freebsd 1
ubuntu 1
cve 1
prion 1
fedora
fedora
[SECURITY] Fedora 19 Update: kde-workspace-4.11.14-1.fc19
2014-11-17 06:33:14
[SECURITY] Fedora 20 Update: kde-workspace-4.11.14-1.fc20
2014-11-15 09:09:37
[SECURITY] Fedora 21 Update: kde-workspace-4.11.14-1.fc21
2014-11-16 14:45:28
nessus
nessus
GLSA-201512-12 : KDE Systemsettings: Privilege escalation
2016-01-04 00:00:00
Ubuntu 12.04 LTS : kde-workspace vulnerabilities (USN-2402-1)
2014-11-11 00:00:00
Fedora 20 : kde-workspace-4.11.14-1.fc20 (2014-14813)
2014-11-17 00:00:00
securityvulns
securityvulns
[USN-2402-1] KDE workspace vulnerabilities
2014-12-01 00:00:00
KDE Clock KCM privilege escalation
2014-12-01 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0303-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2014-0480)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2402-1)
2014-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2014-8651
2014-11-07 00:00:00
gentoo
gentoo
KDE Systemsettings: Privilege escalation
2015-12-30 00:00:00
mageia
mageia
Updated kdebase4-workspace packages fix security vulnerability and various bugs
2014-11-21 16:38:07
Updated kdebase4-workspace packages fix security vulnerability and various bugs
2014-11-14 03:57:44
freebsd
freebsd
kde-workspace -- privilege escalation
2014-11-06 00:00:00
ubuntu
ubuntu
KDE workspace vulnerability
2014-11-11 00:00:00
cve
cve
CVE-2014-8651
2014-12-06 21:59:00
prion
prion
Code injection
2014-12-06 21:59:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for ASA-201411-6
fedora3nessus7securityvulns2openvas7ubuntucve1gentoo1mageia2freebsd1ubuntu1cve1prion1