Oracle Linux 6 : rtkit (ELSA-2013-1282)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-1282 advisory. 0.5-2 - CVE-2013-4326 Resolves: 1007174 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

CentOS 6 : rtkit (CESA-2013:1282)

An updated rtkit package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Scientific Linux Security Update : rtkit on SL6.x i386/x86_64 (20130924)

It was found that RealtimeKit communicated with PolicyKit for authorization using a D-Bus API that is vulnerable to a race condition. This could have led to intended PolicyKit authorizations being bypassed. This update modifies RealtimeKit to communicate with PolicyKit via a different API that is...

rtkit security update

CentOS Errata and Security Advisory CESA-2013:1282 An updated rtkit package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...

rtkit: insecure calling of polkit

RealtimeKit aka rtkit 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to...

Important: Red Hat Security Advisory: rtkit security update

An updated rtkit package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Ubuntu 12.04 LTS / 12.10 / 13.04 : rtkit vulnerability (USN-1959-1)

It was discovered that RealtimeKit was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable ha...

USN-1959-1: RealtimeKit vulnerability

It was discovered that RealtimeKit was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...

CVE-2013-4326

RealtimeKit aka rtkit 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related issue to...