PackageKit < 1.1.13 - File Existence Disclosure Exploit

Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedesktop.PackageKit" trans =...

PackageKit File Existence Disclosure

Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedeskt...

PackageKit &lt; 1.1.13 - File Existence Disclosure

Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedesktop.PackageKit" trans = aptdbusinte...

Debian DLA-2399-1 : packagekit security update

Two vulnerabilities have been discovered in packagekit, a package management service. CVE-2020-16121 Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. CVE-2020-16122 Sami Niemimki...

Debian: Security Advisory (DLA-2399-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2399-1] packagekit security update

Debian LTS Advisory DLA-2399-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez October 07, 2020 https://wiki.debian.org/LTS Package : packagekit Version : 1.1.5-2+deb9u2 CVE ID : CVE-2020-16121 CVE-2020-16122 Two vulnerabilities have been discovered in...

DLA-2399-1 packagekit - security update

Bulletin has no description...

CVE-2020-16122

PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...

CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

Ubuntu: Security Advisory (USN-4538-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4538-1: PackageKit vulnerabilities

Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. CVE-2020-16121 Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use...

USN-4538-1 packagekit vulnerabilities

Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. CVE-2020-16121 Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use...

CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

UBUNTU-CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own...

CVE-2020-16122

PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...

UBUNTU-CVE-2020-16122

PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...

PT-2020-6168 · Packagekit +3 · Packagekit +3

Name of the Vulnerable Software and Affected Versions: PackageKit affected versions not specified Description: The issue is related to PackageKit's apt backend, which incorrectly treats all local debs as trusted. This is problematic because the apt security model relies on repository trust rather...

Apple macOS Catalina PackageKit Component Elevation of Privilege Vulnerability

Apple macOS Catalina is a proprietary operating system developed by Apple for Mac computers.PackageKit is an open-source suite of applications for installing and updating Linux software. A security vulnerability exists in the PackageKit component of Apple macOS Catalina versions prior to 10.15.5...

Apple macOS Catalina PackageKit Input Validation Vulnerability Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the PackageKit component of Apple macOS Catalina versions prior to 10.15.3. The vulnerability can be exploited by an attacker to overwrite arbitrary files with the...

Huawei EulerOS: Security Advisory for PackageKit (EulerOS-SA-2018-1183)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...