Gentoo Security Advisory GLSA 201310-20

Gentoo Linux Local Security Checks GLSA 201310-20 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

GLSA-201310-20 : acpid2: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201310-20 acpid2: Privilege escalation acpid2 does not properly use the pidof program in powerbtn.sh. Impact : A local attacker could gain escalated privileges. Workaround : There is no known workaround at this time. %NASLMINLEVEL...

acpid2: Privilege escalation

Background acpid2 is a daemon for Advanced Configuration and Power Interface. Description acpid2 does not properly use the pidof program in powerbtn.sh. Impact A local attacker could gain escalated privileges. Workaround There is no known workaround at this time. Resolution All acpid2 users shoul...

CVE-2011-2777

CVE-2011-2777 affects acpid/acpid2 (2.0.16 and older). The flaw lies in how powerbtn.sh uses the pidof program, which can be exploited by a local attacker to gain elevated privileges by launching a program named kded4 with a crafted DBUS_SESSION_BUS_ADDRESS. Impact is local privilege escalation. ...

CVE-2011-4578

CVE-2011-4578 affects the acpid (aka acpid2) package: the file event.c executes event-handler scripts without a proper umask prior to version 2.0.11. This may allow a local attacker to either (1) write into directories created by a script or (2) read files created by a script via standard filesys...