ID OPENVAS:1361412562310881798 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for rtkit CESA-2013:1282 centos6
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.881798");
script_version("$Revision: 14222 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)");
script_cve_id("CVE-2013-4326");
script_tag(name:"cvss_base", value:"4.6");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_name("CentOS Update for rtkit CESA-2013:1282 centos6");
script_tag(name:"affected", value:"rtkit on CentOS 6");
script_tag(name:"insight", value:"RealtimeKit is a D-Bus system service that changes the scheduling policy of
user processes/threads to SCHED_RR (that is, realtime scheduling mode) on
request. It is intended to be used as a secure mechanism to allow real-time
scheduling to be used by normal user processes.
It was found that RealtimeKit communicated with PolicyKit for authorization
using a D-Bus API that is vulnerable to a race condition. This could have
led to intended PolicyKit authorizations being bypassed. This update
modifies RealtimeKit to communicate with PolicyKit via a different API that
is not vulnerable to the race condition. (CVE-2013-4326)
All rtkit users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"CESA", value:"2013:1282");
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html");
script_tag(name:"summary", value:"The remote host is missing an update for the 'rtkit'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS6");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS6")
{
if ((res = isrpmvuln(pkg:"rtkit", rpm:"rtkit~0.5~2.el6_4", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310881798", "bulletinFamily": "scanner", "title": "CentOS Update for rtkit CESA-2013:1282 centos6", "description": "The remote host is missing an update for the ", "published": "2013-10-03T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881798", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["2013:1282", "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html"], "cvelist": ["CVE-2013-4326"], "type": "openvas", "lastseen": "2019-05-29T18:37:48", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-4326"], "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The remote host is missing an update for the ", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-03-18T14:38:31", "references": [{"idList": ["USN-1959-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:29838", "SECURITYVULNS:VULN:13295", "SECURITYVULNS:VULN:13316"], "type": "securityvulns"}, {"idList": ["OPENVAS:866951", "OPENVAS:1361412562310866951", "OPENVAS:841568", "OPENVAS:881798", "OPENVAS:1361412562310871046", "OPENVAS:1361412562310841568", "OPENVAS:871046", "OPENVAS:1361412562310123568", "OPENVAS:1361412562310866963", "OPENVAS:866963"], "type": "openvas"}, {"idList": ["CVE-2013-4326"], "type": "cve"}, {"idList": ["ELSA-2013-1282"], "type": "oraclelinux"}, {"idList": ["CESA-2013:1282"], "type": "centos"}, {"idList": ["RHSA-2013:1282"], "type": "redhat"}, {"idList": ["OPENSUSE-2013-755.NASL", "CENTOS_RHSA-2013-1282.NASL", "REDHAT-RHSA-2013-1282.NASL", "SL_20130924_RTKIT_ON_SL6_X.NASL", "FEDORA_2013-17529.NASL", "FEDORA_2013-18442.NASL", "MANDRIVA_MDVSA-2013-243.NASL", "UBUNTU_USN-1959-1.NASL", "FEDORA_2013-17583.NASL", "ORACLELINUX_ELSA-2013-1282.NASL"], "type": "nessus"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "c52597163d841df7a6a677ad8420152ac784ff06f64e4ceb9c3892e592ec0329", "hashmap": [{"hash": "1693b96dcccf4fbcd463bf8baaa2bf3f", "key": "description"}, {"hash": "d6a10b31eef322cc0afa5e908f9945ad", "key": "title"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "67770dd55cf96cc0227155314adb0563", "key": "cvelist"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "2485c453acdeb9f194b81ad98367df51", "key": "sourceData"}, {"hash": "568ca543a70f798495caffb6b1e8dfc3", "key": "href"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "4525bc09d1c4c408a417a5eb7b850972", "key": "modified"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}, {"hash": "113ec1f3f2efda4969e292b80719bfd9", "key": "published"}, {"hash": "addd7e46745fb958498ce8da1aac4db2", "key": "pluginID"}, {"hash": "6e4df602b5f4149346a80ccf10e9a656", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881798", "id": "OPENVAS:1361412562310881798", "lastseen": "2019-03-18T14:38:31", "modified": "2019-03-15T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310881798", "published": "2013-10-03T00:00:00", "references": ["2013:1282", "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881798\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6\");\n\n script_tag(name:\"affected\", value:\"rtkit on CentOS 6\");\n script_tag(name:\"insight\", value:\"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2013:1282\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rtkit'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "title": "CentOS Update for rtkit CESA-2013:1282 centos6", "type": "openvas", "viewCount": 1}, "differentElements": ["cvss"], "edition": 7, "lastseen": "2019-03-18T14:38:31"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-4326"], "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check for the Version of rtkit", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-03-08T14:10:34", "references": [{"idList": ["USN-1959-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:DOC:29838", "SECURITYVULNS:VULN:13295", "SECURITYVULNS:VULN:13316"], "type": "securityvulns"}, {"idList": ["OPENVAS:866951", "OPENVAS:1361412562310866951", "OPENVAS:841568", "OPENVAS:881798", "OPENVAS:1361412562310871046", "OPENVAS:1361412562310841568", "OPENVAS:871046", "OPENVAS:1361412562310123568", "OPENVAS:1361412562310866963", "OPENVAS:866963"], "type": "openvas"}, {"idList": ["CVE-2013-4326"], "type": "cve"}, {"idList": ["ELSA-2013-1282"], "type": "oraclelinux"}, {"idList": ["CESA-2013:1282"], "type": "centos"}, {"idList": ["RHSA-2013:1282"], "type": "redhat"}, {"idList": ["OPENSUSE-2013-755.NASL", "CENTOS_RHSA-2013-1282.NASL", "REDHAT-RHSA-2013-1282.NASL", "SL_20130924_RTKIT_ON_SL6_X.NASL", "FEDORA_2013-17529.NASL", "FEDORA_2013-18442.NASL", "MANDRIVA_MDVSA-2013-243.NASL", "UBUNTU_USN-1959-1.NASL", "FEDORA_2013-17583.NASL", "ORACLELINUX_ELSA-2013-1282.NASL"], "type": "nessus"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "5b7b9d5916c3b5ac1b33b8c506828b26a32f9c0d7db104238b6f2916db891ec9", "hashmap": [{"hash": "32b3e5462350c6f10af66756c626c5ca", "key": "description"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "15d262e491b46676ca0cd6e9f1a0e45e", "key": "title"}, {"hash": "ecbe9d16f6a6e342e317b2b4714ba558", "key": "modified"}, {"hash": "67770dd55cf96cc0227155314adb0563", "key": "cvelist"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "568ca543a70f798495caffb6b1e8dfc3", "key": "href"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}, {"hash": "11fd4d5137c03984db523f90eceb9ad2", "key": "sourceData"}, {"hash": "113ec1f3f2efda4969e292b80719bfd9", "key": "published"}, {"hash": "addd7e46745fb958498ce8da1aac4db2", "key": "pluginID"}, {"hash": "6e4df602b5f4149346a80ccf10e9a656", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881798", "id": "OPENVAS:1361412562310881798", "lastseen": "2019-03-08T14:10:34", "modified": "2019-03-08T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310881798", "published": "2013-10-03T00:00:00", "references": ["2013:1282", "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881798\");\n script_version(\"$Revision: 14050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 10:08:09 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6 \");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\";\n\n tag_affected = \"rtkit on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:1282\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "CentOS Update for rtkit CESA-2013:1282 centos6 ", "type": "openvas", "viewCount": 0}, "differentElements": ["description", "sourceData", "title"], "edition": 5, "lastseen": "2019-03-08T14:10:34"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-4326"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Check for the Version of rtkit", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "61853f91b5a96c2c4a8cddf02d0b0c64a7a39e7ea4a468f6cca85cf4fcfbb91b", "hashmap": [{"hash": "32b3e5462350c6f10af66756c626c5ca", "key": "description"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "74980c149d11cc529c4b862a1dfd565f", "key": "sourceData"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "15d262e491b46676ca0cd6e9f1a0e45e", "key": "title"}, {"hash": "67770dd55cf96cc0227155314adb0563", "key": "cvelist"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "568ca543a70f798495caffb6b1e8dfc3", "key": "href"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "113ec1f3f2efda4969e292b80719bfd9", "key": "published"}, {"hash": "addd7e46745fb958498ce8da1aac4db2", "key": "pluginID"}, {"hash": "6e4df602b5f4149346a80ccf10e9a656", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881798", "id": "OPENVAS:1361412562310881798", "lastseen": "2018-08-30T19:24:18", "modified": "2018-04-06T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310881798", "published": "2013-10-03T00:00:00", "references": ["2013:1282", "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881798\");\n script_version(\"$Revision: 9372 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:56:37 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6 \");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\";\n\n tag_affected = \"rtkit on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:1282\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "CentOS Update for rtkit CESA-2013:1282 centos6 ", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:24:18"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-4326"], "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check for the Version of rtkit", "edition": 1, "enchantments": {"score": {"modified": "2018-04-06T11:20:55", "value": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N/"}}, "hash": "1b9a5f94a3905f77cf1f9dedbe81d8a4ccb21d68c27f8be4e1514d214a8362cf", "hashmap": [{"hash": "32b3e5462350c6f10af66756c626c5ca", "key": "description"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "15d262e491b46676ca0cd6e9f1a0e45e", "key": "title"}, {"hash": "67770dd55cf96cc0227155314adb0563", "key": "cvelist"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "568ca543a70f798495caffb6b1e8dfc3", "key": "href"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "743db2906dbd30b467454179077af224", "key": "sourceData"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}, {"hash": "113ec1f3f2efda4969e292b80719bfd9", "key": "published"}, {"hash": "addd7e46745fb958498ce8da1aac4db2", "key": "pluginID"}, {"hash": "6e4df602b5f4149346a80ccf10e9a656", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881798", "id": "OPENVAS:1361412562310881798", "lastseen": "2018-04-06T11:20:55", "modified": "2018-04-06T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310881798", "published": "2013-10-03T00:00:00", "references": ["2013:1282", "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881798\");\n script_version(\"$Revision: 9353 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6 \");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\";\n\n tag_affected = \"rtkit on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:1282\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_summary(\"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "CentOS Update for rtkit CESA-2013:1282 centos6 ", "type": "openvas", "viewCount": 0}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2018-04-06T11:20:55"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-4326"], "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check for the Version of rtkit", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "2c945b067ef226e51cda81005f74a0ab49e41e9769c845e358ff5f72b6db694d", "hashmap": [{"hash": "32b3e5462350c6f10af66756c626c5ca", "key": "description"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "74980c149d11cc529c4b862a1dfd565f", "key": "sourceData"}, {"hash": "8f8213e8b86855939d5beea715ce3045", "key": "naslFamily"}, {"hash": "15d262e491b46676ca0cd6e9f1a0e45e", "key": "title"}, {"hash": "67770dd55cf96cc0227155314adb0563", "key": "cvelist"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "568ca543a70f798495caffb6b1e8dfc3", "key": "href"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}, {"hash": "113ec1f3f2efda4969e292b80719bfd9", "key": "published"}, {"hash": "addd7e46745fb958498ce8da1aac4db2", "key": "pluginID"}, {"hash": "6e4df602b5f4149346a80ccf10e9a656", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881798", "id": "OPENVAS:1361412562310881798", "lastseen": "2018-04-09T11:21:47", "modified": "2018-04-06T00:00:00", "naslFamily": "CentOS Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310881798", "published": "2013-10-03T00:00:00", "references": ["2013:1282", "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881798\");\n script_version(\"$Revision: 9372 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:56:37 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6 \");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\";\n\n tag_affected = \"rtkit on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:1282\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "CentOS Update for rtkit CESA-2013:1282 centos6 ", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-04-09T11:21:47"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "67770dd55cf96cc0227155314adb0563"}, {"key": "cvss", "hash": "6f6410364e4cee78bd47ed1fc3d8dd5b"}, {"key": "description", "hash": "1693b96dcccf4fbcd463bf8baaa2bf3f"}, {"key": "href", "hash": "568ca543a70f798495caffb6b1e8dfc3"}, {"key": "modified", "hash": "4525bc09d1c4c408a417a5eb7b850972"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "pluginID", "hash": "addd7e46745fb958498ce8da1aac4db2"}, {"key": "published", "hash": "113ec1f3f2efda4969e292b80719bfd9"}, {"key": "references", "hash": "6e4df602b5f4149346a80ccf10e9a656"}, {"key": "reporter", "hash": "1a99a5f9a50e5bac3b749d8558d5e46b"}, {"key": "sourceData", "hash": "2485c453acdeb9f194b81ad98367df51"}, {"key": "title", "hash": "d6a10b31eef322cc0afa5e908f9945ad"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "247b1666b3e36c23397592246d594846dac6741634aa3ca5d0da53c486439b26", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-4326"]}, {"type": "nessus", "idList": ["FEDORA_2013-17583.NASL", "OPENSUSE-2013-755.NASL", "SL_20130924_RTKIT_ON_SL6_X.NASL", "FEDORA_2013-17529.NASL", "ORACLELINUX_ELSA-2013-1282.NASL", "FEDORA_2013-18442.NASL", "UBUNTU_USN-1959-1.NASL", "REDHAT-RHSA-2013-1282.NASL", "CENTOS_RHSA-2013-1282.NASL", "MANDRIVA_MDVSA-2013-243.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310871046", "OPENVAS:1361412562310866951", "OPENVAS:1361412562310841568", "OPENVAS:871046", "OPENVAS:841568", "OPENVAS:1361412562310123568", "OPENVAS:881798", "OPENVAS:866951", "OPENVAS:1361412562310866963", "OPENVAS:866963"]}, {"type": "centos", "idList": ["CESA-2013:1282"]}, {"type": "redhat", "idList": ["RHSA-2013:1282"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-1282"]}, {"type": "ubuntu", "idList": ["USN-1959-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29838", "SECURITYVULNS:VULN:13295", "SECURITYVULNS:VULN:13316"]}], "modified": "2019-05-29T18:37:48"}, "score": {"value": 5.8, "vector": "NONE", "modified": "2019-05-29T18:37:48"}, "vulnersScore": 5.8}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881798\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6\");\n\n script_tag(name:\"affected\", value:\"rtkit on CentOS 6\");\n script_tag(name:\"insight\", value:\"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2013:1282\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rtkit'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks", "pluginID": "1361412562310881798", "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:13:04", "bulletinFamily": "NVD", "description": "RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.", "modified": "2019-04-22T17:48:00", "id": "CVE-2013-4326", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4326", "published": "2013-10-03T21:55:00", "title": "CVE-2013-4326", "type": "cve", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-01-26T11:09:24", "bulletinFamily": "scanner", "description": "Check for the Version of rtkit", "modified": "2018-01-25T00:00:00", "published": "2013-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841568", "id": "OPENVAS:841568", "title": "Ubuntu Update for rtkit USN-1959-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1959_1.nasl 8526 2018-01-25 06:57:37Z teissa $\n#\n# Ubuntu Update for rtkit USN-1959-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841568);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-24 11:49:16 +0530 (Tue, 24 Sep 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for rtkit USN-1959-1\");\n\n tag_insight = \"It was discovered that RealtimeKit was using polkit in an unsafe manner. A\nlocal attacker could possibly use this issue to bypass intended polkit\nauthorizations.\";\n\n tag_affected = \"rtkit on Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1959-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1959-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rtkit\", ver:\"0.10-2ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rtkit\", ver:\"0.10-2ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rtkit\", ver:\"0.10-2ubuntu0.13.04.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:09:42", "bulletinFamily": "scanner", "description": "Check for the Version of rtkit", "modified": "2018-01-17T00:00:00", "published": "2013-10-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=871046", "id": "OPENVAS:871046", "title": "RedHat Update for rtkit RHSA-2013:1282-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rtkit RHSA-2013:1282-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871046);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:17:20 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for rtkit RHSA-2013:1282-01\");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\";\n\n tag_affected = \"rtkit on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2013:1282-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-September/msg00035.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtkit-debuginfo\", rpm:\"rtkit-debuginfo~0.5~2.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:11", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-24T00:00:00", "id": "OPENVAS:1361412562310841568", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841568", "title": "Ubuntu Update for rtkit USN-1959-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1959_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for rtkit USN-1959-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841568\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-24 11:49:16 +0530 (Tue, 24 Sep 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for rtkit USN-1959-1\");\n\n script_tag(name:\"affected\", value:\"rtkit on Ubuntu 13.04,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"It was discovered that RealtimeKit was using polkit in an unsafe manner. A\nlocal attacker could possibly use this issue to bypass intended polkit\nauthorizations.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1959-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1959-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rtkit'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|12\\.10|13\\.04)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rtkit\", ver:\"0.10-2ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rtkit\", ver:\"0.10-2ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rtkit\", ver:\"0.10-2ubuntu0.13.04.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:1361412562310866951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866951", "title": "Fedora Update for rtkit FEDORA-2013-17529", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rtkit FEDORA-2013-17529\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866951\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:15:12 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for rtkit FEDORA-2013-17529\");\n\n\n script_tag(name:\"affected\", value:\"rtkit on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-17529\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/116906.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rtkit'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.11~7.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:28", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:1361412562310871046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871046", "title": "RedHat Update for rtkit RHSA-2013:1282-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rtkit RHSA-2013:1282-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871046\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:17:20 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for rtkit RHSA-2013:1282-01\");\n\n\n script_tag(name:\"affected\", value:\"rtkit on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2013:1282-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-September/msg00035.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rtkit'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtkit-debuginfo\", rpm:\"rtkit-debuginfo~0.5~2.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:01", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2013-1282", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123568", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123568", "title": "Oracle Linux Local Check: ELSA-2013-1282", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-1282.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123568\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:05:38 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-1282\");\n script_tag(name:\"insight\", value:\"ELSA-2013-1282 - rtkit security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-1282\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-1282.html\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:51:27", "bulletinFamily": "scanner", "description": "Check for the Version of rtkit", "modified": "2017-07-10T00:00:00", "published": "2013-10-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881798", "id": "OPENVAS:881798", "title": "CentOS Update for rtkit CESA-2013:1282 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rtkit CESA-2013:1282 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(881798);\n script_version(\"$Revision: 6655 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:48:58 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:18:34 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for rtkit CESA-2013:1282 centos6 \");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\";\n\n tag_affected = \"rtkit on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:1282\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\");\n script_summary(\"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.5~2.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-26T11:09:49", "bulletinFamily": "scanner", "description": "Check for the Version of rtkit", "modified": "2018-01-25T00:00:00", "published": "2013-10-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=866951", "id": "OPENVAS:866951", "title": "Fedora Update for rtkit FEDORA-2013-17529", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rtkit FEDORA-2013-17529\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866951);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:15:12 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for rtkit FEDORA-2013-17529\");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the\nscheduling policy of user processes/threads to SCHED_RR (i.e. realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\";\n\n tag_affected = \"rtkit on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-17529\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/116906.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.11~7.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:10:32", "bulletinFamily": "scanner", "description": "Check for the Version of rtkit", "modified": "2018-01-23T00:00:00", "published": "2013-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=866963", "id": "OPENVAS:866963", "title": "Fedora Update for rtkit FEDORA-2013-17583", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rtkit FEDORA-2013-17583\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866963);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-11 09:57:11 +0530 (Fri, 11 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for rtkit FEDORA-2013-17583\");\n\n tag_insight = \"RealtimeKit is a D-Bus system service that changes the\nscheduling policy of user processes/threads to SCHED_RR (i.e. realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\";\n\n tag_affected = \"rtkit on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-17583\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-October/118584.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of rtkit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.11~7.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:16", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-10-11T00:00:00", "id": "OPENVAS:1361412562310866963", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866963", "title": "Fedora Update for rtkit FEDORA-2013-17583", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rtkit FEDORA-2013-17583\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866963\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-11 09:57:11 +0530 (Fri, 11 Oct 2013)\");\n script_cve_id(\"CVE-2013-4326\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for rtkit FEDORA-2013-17583\");\n\n\n script_tag(name:\"affected\", value:\"rtkit on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-17583\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-October/118584.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rtkit'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rtkit\", rpm:\"rtkit~0.11~7.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:35:14", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:1282\n\n\nRealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\n\n**Affected packages:**\nrtkit\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1282.html", "modified": "2013-09-24T20:31:04", "published": "2013-09-24T20:31:04", "href": "http://lists.centos.org/pipermail/centos-announce/2013-September/019955.html", "id": "CESA-2013:1282", "title": "rtkit security update", "type": "centos", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2019-11-01T02:27:05", "bulletinFamily": "scanner", "description": "This update fixes :\n\n - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of\n polkit [fedora-all]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2013-18442.NASL", "href": "https://www.tenable.com/plugins/nessus/70407", "published": "2013-10-13T00:00:00", "title": "Fedora 20 : rtkit-0.11-7.fc20 (2013-18442)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-18442.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70407);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 21:37:38 $\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_bugtraq_id(62505);\n script_xref(name:\"FEDORA\", value:\"2013-18442\");\n\n script_name(english:\"Fedora 20 : rtkit-0.11-7.fc20 (2013-18442)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes :\n\n - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of\n polkit [fedora-all]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1009543\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-October/118916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a803ceeb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rtkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"rtkit-0.11-7.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:27:05", "bulletinFamily": "scanner", "description": "This update fixes :\n\n - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of\n polkit [fedora-all]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2013-17529.NASL", "href": "https://www.tenable.com/plugins/nessus/70159", "published": "2013-09-27T00:00:00", "title": "Fedora 19 : rtkit-0.11-7.fc19 (2013-17529)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-17529.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70159);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 21:37:38 $\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_bugtraq_id(62505);\n script_xref(name:\"FEDORA\", value:\"2013-17529\");\n\n script_name(english:\"Fedora 19 : rtkit-0.11-7.fc19 (2013-17529)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes :\n\n - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of\n polkit [fedora-all]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1009543\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-September/116906.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3434a95b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rtkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"rtkit-0.11-7.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:27:05", "bulletinFamily": "scanner", "description": "This update fixes :\n\n - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of\n polkit [fedora-all]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2013-17583.NASL", "href": "https://www.tenable.com/plugins/nessus/70358", "published": "2013-10-10T00:00:00", "title": "Fedora 18 : rtkit-0.11-7.fc18 (2013-17583)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-17583.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70358);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 21:37:38 $\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_bugtraq_id(62505);\n script_xref(name:\"FEDORA\", value:\"2013-17583\");\n\n script_name(english:\"Fedora 18 : rtkit-0.11-7.fc18 (2013-17583)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes :\n\n - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of\n polkit [fedora-all]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1009543\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-October/118584.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0aa5e731\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rtkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"rtkit-0.11-7.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T03:14:26", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2013:1282 :\n\nAn updated rtkit package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nRealtimeKit is a D-Bus system service that changes the scheduling\npolicy of user processes/threads to SCHED_RR (that is, realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\nIt was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.", "modified": "2019-11-02T00:00:00", "id": "ORACLELINUX_ELSA-2013-1282.NASL", "href": "https://www.tenable.com/plugins/nessus/70113", "published": "2013-09-25T00:00:00", "title": "Oracle Linux 6 : rtkit (ELSA-2013-1282)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:1282 and \n# Oracle Linux Security Advisory ELSA-2013-1282 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70113);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/30 10:58:18\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_bugtraq_id(62505);\n script_xref(name:\"RHSA\", value:\"2013:1282\");\n\n script_name(english:\"Oracle Linux 6 : rtkit (ELSA-2013-1282)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:1282 :\n\nAn updated rtkit package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nRealtimeKit is a D-Bus system service that changes the scheduling\npolicy of user processes/threads to SCHED_RR (that is, realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\nIt was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-September/003683.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rtkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"rtkit-0.5-2.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T03:00:37", "bulletinFamily": "scanner", "description": "rtkit was fixed to avoid a TOCTOU race condition that might have\nallowed local attackers to gain realtime rights they should not have.\n(CVE-2013-4326)", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2013-755.NASL", "href": "https://www.tenable.com/plugins/nessus/75164", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : rtkit (openSUSE-SU-2013:1548-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-755.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75164);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-4326\");\n\n script_name(english:\"openSUSE Security Update : rtkit (openSUSE-SU-2013:1548-1)\");\n script_summary(english:\"Check for the openSUSE-2013-755 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"rtkit was fixed to avoid a TOCTOU race condition that might have\nallowed local attackers to gain realtime rights they should not have.\n(CVE-2013-4326)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836939\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rtkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rtkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rtkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rtkit-0.10_git201107141740-9.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rtkit-debuginfo-0.10_git201107141740-9.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"rtkit-debugsource-0.10_git201107141740-9.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"rtkit-0.11_git201205151338-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"rtkit-debuginfo-0.11_git201205151338-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"rtkit-debugsource-0.11_git201205151338-3.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-03T12:13:01", "bulletinFamily": "scanner", "description": "It was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)", "modified": "2019-11-02T00:00:00", "id": "SL_20130924_RTKIT_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/70115", "published": "2013-09-25T00:00:00", "title": "Scientific Linux Security Update : rtkit on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70115);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/31 11:35:01\");\n\n script_cve_id(\"CVE-2013-4326\");\n\n script_name(english:\"Scientific Linux Security Update : rtkit on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1309&L=scientific-linux-errata&T=0&P=1707\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6a08979\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rtkit and / or rtkit-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"rtkit-0.5-2.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rtkit-debuginfo-0.5-2.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T03:20:45", "bulletinFamily": "scanner", "description": "An updated rtkit package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nRealtimeKit is a D-Bus system service that changes the scheduling\npolicy of user processes/threads to SCHED_RR (that is, realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\nIt was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.", "modified": "2019-11-02T00:00:00", "id": "REDHAT-RHSA-2013-1282.NASL", "href": "https://www.tenable.com/plugins/nessus/70114", "published": "2013-09-25T00:00:00", "title": "RHEL 6 : rtkit (RHSA-2013:1282)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1282. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70114);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:37\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_bugtraq_id(62505);\n script_xref(name:\"RHSA\", value:\"2013:1282\");\n\n script_name(english:\"RHEL 6 : rtkit (RHSA-2013:1282)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated rtkit package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nRealtimeKit is a D-Bus system service that changes the scheduling\npolicy of user processes/threads to SCHED_RR (that is, realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\nIt was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-4326\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rtkit and / or rtkit-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rtkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1282\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rtkit-0.5-2.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rtkit-0.5-2.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rtkit-0.5-2.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rtkit-debuginfo-0.5-2.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rtkit-debuginfo-0.5-2.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rtkit-debuginfo-0.5-2.el6_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit / rtkit-debuginfo\");\n }\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:15:21", "bulletinFamily": "scanner", "description": "An updated rtkit package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nRealtimeKit is a D-Bus system service that changes the scheduling\npolicy of user processes/threads to SCHED_RR (that is, realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\nIt was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.", "modified": "2019-11-02T00:00:00", "id": "CENTOS_RHSA-2013-1282.NASL", "href": "https://www.tenable.com/plugins/nessus/70104", "published": "2013-09-25T00:00:00", "title": "CentOS 6 : rtkit (CESA-2013:1282)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1282 and \n# CentOS Errata and Security Advisory 2013:1282 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70104);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/02 15:30:18\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_bugtraq_id(62505);\n script_xref(name:\"RHSA\", value:\"2013:1282\");\n\n script_name(english:\"CentOS 6 : rtkit (CESA-2013:1282)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated rtkit package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nRealtimeKit is a D-Bus system service that changes the scheduling\npolicy of user processes/threads to SCHED_RR (that is, realtime\nscheduling mode) on request. It is intended to be used as a secure\nmechanism to allow real-time scheduling to be used by normal user\nprocesses.\n\nIt was found that RealtimeKit communicated with PolicyKit for\nauthorization using a D-Bus API that is vulnerable to a race\ncondition. This could have led to intended PolicyKit authorizations\nbeing bypassed. This update modifies RealtimeKit to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-September/019955.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e8320e9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rtkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"rtkit-0.5-2.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-03T12:30:46", "bulletinFamily": "scanner", "description": "It was discovered that RealtimeKit was using polkit in an unsafe\nmanner. A local attacker could possibly use this issue to bypass\nintended polkit authorizations.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "UBUNTU_USN-1959-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69977", "published": "2013-09-19T00:00:00", "title": "Ubuntu 12.04 LTS / 12.10 / 13.04 : rtkit vulnerability (USN-1959-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1959-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69977);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-4326\");\n script_xref(name:\"USN\", value:\"1959-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 12.10 / 13.04 : rtkit vulnerability (USN-1959-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that RealtimeKit was using polkit in an unsafe\nmanner. A local attacker could possibly use this issue to bypass\nintended polkit authorizations.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1959-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rtkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|12\\.10|13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 12.10 / 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"rtkit\", pkgver:\"0.10-2ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"rtkit\", pkgver:\"0.10-2ubuntu0.12.10.1\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"rtkit\", pkgver:\"0.10-2ubuntu0.13.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rtkit\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:55:15", "bulletinFamily": "scanner", "description": "Updated polkit packages fix security vulnerability :\n\nA race condition was found in the way the PolicyKit pkcheck utility\nchecked process authorization when the process was specified by its\nprocess ID via the --process option. A local user could use this flaw\nto bypass intended PolicyKit authorizations and escalate their\nprivileges (CVE-2013-4288).\n\nNote: Applications that invoke pkcheck with the --process option need\nto be modified to use the pid,pid-start-time,uid argument for that\noption, to allow pkcheck to check process authorization correctly.\n\nBecause of the change in the PolicyKit API, hplip (CVE-2013-4325),\nrtkit (CVE-2013-4326), and systemd (CVE-2013-4327) packages have been\nupdated to use a different API that is not affected by this PolicyKit\nvulnerability.", "modified": "2019-11-02T00:00:00", "id": "MANDRIVA_MDVSA-2013-243.NASL", "href": "https://www.tenable.com/plugins/nessus/70185", "published": "2013-09-28T00:00:00", "title": "Mandriva Linux Security Advisory : polkit (MDVSA-2013:243)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:243. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70185);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2013-4288\", \"CVE-2013-4325\", \"CVE-2013-4326\", \"CVE-2013-4327\");\n script_bugtraq_id(62499, 62503, 62505, 62511);\n script_xref(name:\"MDVSA\", value:\"2013:243\");\n\n script_name(english:\"Mandriva Linux Security Advisory : polkit (MDVSA-2013:243)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated polkit packages fix security vulnerability :\n\nA race condition was found in the way the PolicyKit pkcheck utility\nchecked process authorization when the process was specified by its\nprocess ID via the --process option. A local user could use this flaw\nto bypass intended PolicyKit authorizations and escalate their\nprivileges (CVE-2013-4288).\n\nNote: Applications that invoke pkcheck with the --process option need\nto be modified to use the pid,pid-start-time,uid argument for that\noption, to allow pkcheck to check process authorization correctly.\n\nBecause of the change in the PolicyKit API, hplip (CVE-2013-4325),\nrtkit (CVE-2013-4326), and systemd (CVE-2013-4327) packages have been\nupdated to use a different API that is not affected by this PolicyKit\nvulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mageia.org/show_bug.cgi?id=11260\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hplip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hplip-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hplip-hpijs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hplip-hpijs-ppds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hplip-model-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64hpip0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64hpip0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64polkit-gir1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64polkit1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64polkit1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sane-hpaio1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-daemon0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-daemon0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-id1280\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-id1280-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-journal0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-journal0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-login0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64systemd-login0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:polkit-desktop-policy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:systemd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:systemd-units\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"hplip-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"hplip-doc-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"hplip-hpijs-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"hplip-hpijs-ppds-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"hplip-model-data-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64hpip0-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64hpip0-devel-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64polkit-gir1.0-0.104-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64polkit1-devel-0.104-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64polkit1_0-0.104-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sane-hpaio1-3.12.4-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-daemon0-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-daemon0-devel-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-id1280-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-id1280-devel-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-journal0-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-journal0-devel-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-login0-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64systemd-login0-devel-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"polkit-0.104-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"polkit-desktop-policy-0.104-6.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"rtkit-0.10-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"systemd-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"systemd-sysvinit-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"systemd-tools-44-16.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"systemd-units-44-16.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "unix", "description": "[0.5-2]\n- CVE-2013-4326\n Resolves: #1007174", "modified": "2013-09-24T00:00:00", "published": "2013-09-24T00:00:00", "id": "ELSA-2013-1282", "href": "http://linux.oracle.com/errata/ELSA-2013-1282.html", "title": "rtkit security update", "type": "oraclelinux", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T17:22:10", "bulletinFamily": "unix", "description": "It was discovered that RealtimeKit was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.", "modified": "2013-09-18T00:00:00", "published": "2013-09-18T00:00:00", "id": "USN-1959-1", "href": "https://usn.ubuntu.com/1959-1/", "title": "RealtimeKit vulnerability", "type": "ubuntu", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:35", "bulletinFamily": "unix", "description": "RealtimeKit is a D-Bus system service that changes the scheduling policy of\nuser processes/threads to SCHED_RR (that is, realtime scheduling mode) on\nrequest. It is intended to be used as a secure mechanism to allow real-time\nscheduling to be used by normal user processes.\n\nIt was found that RealtimeKit communicated with PolicyKit for authorization\nusing a D-Bus API that is vulnerable to a race condition. This could have\nled to intended PolicyKit authorizations being bypassed. This update\nmodifies RealtimeKit to communicate with PolicyKit via a different API that\nis not vulnerable to the race condition. (CVE-2013-4326)\n\nAll rtkit users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n", "modified": "2018-06-06T20:24:06", "published": "2013-09-24T04:00:00", "id": "RHSA-2013:1282", "href": "https://access.redhat.com/errata/RHSA-2013:1282", "type": "redhat", "title": "(RHSA-2013:1282) Important: rtkit security update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:243\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : polkit\r\n Date : September 27, 2013\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated polkit packages fix security vulnerability:\r\n \r\n A race condition was found in the way the PolicyKit pkcheck utility\r\n checked process authorization when the process was specified by its\r\n process ID via the --process option. A local user could use this\r\n flaw to bypass intended PolicyKit authorizations and escalate their\r\n privileges (CVE-2013-4288).\r\n \r\n Note: Applications that invoke pkcheck with the --process option need\r\n to be modified to use the pid,pid-start-time,uid argument for that\r\n option, to allow pkcheck to check process authorization correctly.\r\n \r\n Because of the change in the PolicyKit API, hplip (CVE-2013-4325),\r\n rtkit (CVE-2013-4326), and systemd (CVE-2013-4327) packages have\r\n been updated to use a different API that is not affected by this\r\n PolicyKit vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4326\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327\r\n https://bugs.mageia.org/show_bug.cgi?id=11260\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n a505f84a730fe73329a47e34c63a7dbe mbs1/x86_64/hplip-3.12.4-1.1.mbs1.x86_64.rpm\r\n 3a4ba0c6f598df5d0a895e92d86bdee6 mbs1/x86_64/hplip-doc-3.12.4-1.1.mbs1.x86_64.rpm\r\n 5ff79b31c0d10f328cb3a33e73ee443f mbs1/x86_64/hplip-hpijs-3.12.4-1.1.mbs1.x86_64.rpm\r\n 06ad03c60671fdc268f68c19abccdead mbs1/x86_64/hplip-hpijs-ppds-3.12.4-1.1.mbs1.x86_64.rpm\r\n 464c910aa533f8a8bb2f2c3022127339 mbs1/x86_64/hplip-model-data-3.12.4-1.1.mbs1.x86_64.rpm\r\n c868787d3990ecfdae81124e449b9fe5 mbs1/x86_64/lib64hpip0-3.12.4-1.1.mbs1.x86_64.rpm\r\n 16b802096b39e33c3c2e048e5034f6ee mbs1/x86_64/lib64hpip0-devel-3.12.4-1.1.mbs1.x86_64.rpm\r\n d9832f1d43a46d48de126d112744a63f mbs1/x86_64/lib64polkit1_0-0.104-6.1.mbs1.x86_64.rpm\r\n 7cb376fc2241b8ef5d9fec5d56f8b44e mbs1/x86_64/lib64polkit1-devel-0.104-6.1.mbs1.x86_64.rpm\r\n 6bd18537f831797178c8d8797ddb38c8 mbs1/x86_64/lib64polkit-gir1.0-0.104-6.1.mbs1.x86_64.rpm\r\n bf1d4dfcde5c3268d93d3410686390cf mbs1/x86_64/lib64sane-hpaio1-3.12.4-1.1.mbs1.x86_64.rpm\r\n 03c53c95ae85aa80d715eba6cb0a568e mbs1/x86_64/lib64systemd-daemon0-44-16.1.mbs1.x86_64.rpm\r\n 3d652b24d8237db4354232c58da626f7 mbs1/x86_64/lib64systemd-daemon0-devel-44-16.1.mbs1.x86_64.rpm\r\n 720ca216bd163136e6157fae2ce3a8ce mbs1/x86_64/lib64systemd-id1280-44-16.1.mbs1.x86_64.rpm\r\n 3dec561fc60e5670f775759d279b73f9 mbs1/x86_64/lib64systemd-id1280-devel-44-16.1.mbs1.x86_64.rpm\r\n a5f09de0fe35f59d4f03c44d60706fc8 mbs1/x86_64/lib64systemd-journal0-44-16.1.mbs1.x86_64.rpm\r\n 1aa5d342f5e1ea17ad23a3adcb846b67 mbs1/x86_64/lib64systemd-journal0-devel-44-16.1.mbs1.x86_64.rpm\r\n 989d00585eda3757067bd7757760d21f mbs1/x86_64/lib64systemd-login0-44-16.1.mbs1.x86_64.rpm\r\n a64fbbeaf21c77c50bda1fff4278a34c mbs1/x86_64/lib64systemd-login0-devel-44-16.1.mbs1.x86_64.rpm\r\n 03ba458caeb642419984d0984ea156b9 mbs1/x86_64/polkit-0.104-6.1.mbs1.x86_64.rpm\r\n f58526b0a6b7dd710d6ae50c401f3ca1 mbs1/x86_64/polkit-desktop-policy-0.104-6.1.mbs1.noarch.rpm\r\n 535391c9d869772e68cd13adac519113 mbs1/x86_64/rtkit-0.10-3.1.mbs1.x86_64.rpm\r\n 867308654e786d01f4c66054cca07ab5 mbs1/x86_64/systemd-44-16.1.mbs1.x86_64.rpm\r\n 52e155e8f9d39745da50bd8bcea8cd54 mbs1/x86_64/systemd-sysvinit-44-16.1.mbs1.x86_64.rpm\r\n f71f9b8a5f1676bc3af636e510f9c7a8 mbs1/x86_64/systemd-tools-44-16.1.mbs1.x86_64.rpm\r\n 959a6d57120d110fc44178581105eb55 mbs1/x86_64/systemd-units-44-16.1.mbs1.x86_64.rpm \r\n 119ee4665dda5c72402c2fdf7d6c5298 mbs1/SRPMS/hplip-3.12.4-1.1.mbs1.src.rpm\r\n f78ac8cf2fc3c60849ae806c1de0c4dd mbs1/SRPMS/polkit-0.104-6.1.mbs1.src.rpm\r\n 0af0c0abd85fc991c6592365cc93dd6e mbs1/SRPMS/rtkit-0.10-3.1.mbs1.src.rpm\r\n 3ac52aac654aaf3f3fefde1207e827e4 mbs1/SRPMS/systemd-44-16.1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFSRU8kmqjQ0CJFipgRAkXbAJ9iPmTMQKsKPm+OWXqRInATopCCmwCfRdXV\r\nkMysjzhFrsiR+UU4aedRnfM=\r\n=1TYz\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2013-10-01T00:00:00", "published": "2013-10-01T00:00:00", "id": "SECURITYVULNS:DOC:29838", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29838", "title": "[ MDVSA-2013:243 ] polkit", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:52", "bulletinFamily": "software", "description": "pkcheck race conditions.", "modified": "2013-10-01T00:00:00", "published": "2013-10-01T00:00:00", "id": "SECURITYVULNS:VULN:13295", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13295", "title": "PolicyKit protection bypass", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:53", "bulletinFamily": "software", "description": "Invalid Policy Kit authorization usage.", "modified": "2013-10-03T00:00:00", "published": "2013-10-03T00:00:00", "id": "SECURITYVULNS:VULN:13316", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13316", "title": "polkit authorization bypass in multiple application", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
