7 matches found
CVE-2022-23220
USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g., allowany=yes for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu,...
GLSA-202310-15 : USBView: root privilege escalation via insecure polkit settings
The remote host is affected by the vulnerability described in GLSA-202310-15 USBView: root privilege escalation via insecure polkit settings - USBView 2.1 before 2.2 allows some local users e.g., ones logged in via SSH to execute arbitrary code as root because certain Polkit settings e.g.,...
Fedora: Security Advisory for usbview (FEDORA-2022-421e65c5d4)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for usbview (FEDORA-2022-256142639c)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-23220
creationtimestamp| type| source ---|---|--- 2022-01-21 18:13:19+00:00| seen| https://t.me/cibsecurity/36032...
[SECURITY] [DSA 5052-1] usbview security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5052-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 21, 2022 https://www.debian.org/security/faq -...
CVE-2022-23220
USBView (firmware: Ubuntu/Debian/Gentoo package usbview) is affected by CVE-2022-23220. The root cause is insecure Polkit configuration (example: allow_any=yes for pkexec) that disables authentication, allowing local users (including those via SSH) to execute code as root. Affected version: USBVi...