Linux Distros Unpatched Vulnerability : CVE-2015-3255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might allow local users to gain...

SUSE CVE-2015-3255

The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions...

SUSE: Security Advisory (SUSE-SU-2015:1838-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1463)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : polkit (EulerOS-SA-2020-1463)

According to the versions of the polkit package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might all...

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2223)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2404)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PolicyKit vulnerabilities (USN-3717-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3717-1 advisory. Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use thi...

Ubuntu: Security Advisory (USN-3717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3717-1: PolicyKit vulnerabilities

Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-3218 It was discovered that PolicyKit...

GLSA-201611-07 : polkit: Heap-corruption on duplicate IDs

The remote host is affected by the vulnerability described in GLSA-201611-07 polkit: Heap-corruption on duplicate IDs A vulnerability was discovered in polkits polkitbackendactionpoolinit function due to duplicate action IDs in action descriptions. Impact : Local attackers are able to gain...

openSUSE Security Update : polkit (openSUSE-2015-711)

polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...

SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2015:1838-1)

polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...

CVE-2015-3255

The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions...

CVE-2015-3255

The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions...

CVE-2015-3255

CVE-2015-3255 affects PolicyKit (polkit) before 0.113. The vulnerability in polkitbackend/polkitbackendactionpool.c (polkit_backend_action_pool_init) may allow local users to gain privileges via duplicate action IDs in action descriptions. Impact is local privilege escalation with partial confide...

openSUSE: Security Advisory for polkit (openSUSE-SU-2015:1734-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : polkit (openSUSE-2015-655)

Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed : - CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 - CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...

Fedora 21 : polkit-0.113-4.fc21 (2015-11743)

Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625. Please make sure to reboot or run systemctl restart polkit.service after applying this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...