194 matches found
CVE-2011-2777
CVE-2011-2777 affects acpid/acpid2 (2.0.16 and older). The flaw lies in how powerbtn.sh uses the pidof program, which can be exploited by a local attacker to gain elevated privileges by launching a program named kded4 with a crafted DBUS_SESSION_BUS_ADDRESS. Impact is local privilege escalation. ...
CVE-2011-4578
CVE-2011-4578 affects the acpid (aka acpid2) package: the file event.c executes event-handler scripts without a proper umask prior to version 2.0.11. This may allow a local attacker to either (1) write into directories created by a script or (2) read files created by a script via standard filesys...
CVE-2011-4578
event.c in acpid aka acpid2 before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to 1 perform write operations within directories created by a script, or 2 read files created by a script, via standard filesystem system...
CVE-2011-2777
samples/powerbtn/powerbtn.sh in acpid aka acpid2 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUSSESSIONBUSADDRESS environment variable containing commands...
CVE-2011-2777
samples/powerbtn/powerbtn.sh in acpid aka acpid2 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUSSESSIONBUSADDRESS environment variable containing commands...
CVE-2011-4578
event.c in acpid aka acpid2 before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to 1 perform write operations within directories created by a script, or 2 read files created by a script, via standard filesystem system...
Mandriva Update for acpid MDVSA-2012:137 (acpid)
Check for the Version of acpid OpenVAS Vulnerability Test Mandriva Update for acpid MDVSA-2012:137 acpid Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for acpid MDVSA-2012:137 (acpid)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for acpid MDVSA-2012:086 (acpid)
Check for the Version of acpid OpenVAS Vulnerability Test Mandriva Update for acpid MDVSA-2012:086 acpid Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for acpid MDVSA-2012:086 (acpid)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Scientific Linux Security Update : acpid on SL5.x i386/x86_64
CVE-2009-4033 acpid: log file created with random permissions It was discovered that acpid could create its log file '/var/log/acpid' with random permissions on some systems. A local attacker could use this flaw to escalate their privileges if the log file was created as world-writable and with t...
Scientific Linux Security Update : acpid on SL3.x, SL4.x, SL5.x i386/x86_64
Anthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate...
Mandriva Linux Security Advisory : acpid (MDVSA-2012:086)
A vulnerability has been discovered and corrected in acpid : acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service daemon hang via a crafted application...
Debian Security Advisory DSA 2362-1 (acpid)
The remote host is missing an update to acpid announced via advisory DSA 2362-1. OpenVAS Vulnerability Test $Id: deb23621.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2362-1 acpid Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian: Security Advisory (DSA-2362-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2362-1 : acpid - several vulnerabilities
Multiple vulnerabilities were found in the ACPI Daemon, the Advanced Configuration and Power Interface event daemon : - CVE-2011-1159 Vasiliy Kulikov of OpenWall discovered that the socket handling is vulnerable to denial of service. - CVE-2011-2777 Oliver-Tobias Ripka discovered that incorrect...
[USN-1296-1] acpid vulnerabilities
========================================================================== Ubuntu Security Notice USN-1296-1 December 08, 2011 acpid vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[SECURITY] [DSA 2362-1] acpid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2362-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 10, 2011 http://www.debian.org/security/faq -...
Acpid Privilege Boundary Crossing
Exploit Title: Acpid Privilege Boundary Crossing Vulnerability Google Dork: Date: 23-11-2011 Author: otr Software Link: https://launchpad.net/ubuntu/+source/acpid Version: 1:2.0.10-1ubuntu2 Tested on: Ubuntu 11.10, Ubuntu 11.04 CVE : CVE-2011-2777 -- Safeguard this letter, it may be an IMPORTANT...
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.0411.10) - Boundary Crossing Privilege Escalation
Acpid 1:2.0.10-1ubuntu2 Ubuntu 11.0411.10 - Boundary Crossing Privilege Escalation Exploit Title: Acpid Privilege Boundary Crossing Vulnerability Google Dork: Date: 23-11-2011 Author: otr Software Link: https://launchpad.net/ubuntu/+source/acpid Version: 1:2.0.10-1ubuntu2 Tested on: Ubuntu 11.10,...