22 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3218
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The authenticationagentnew function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit aka polkit before 0.113 allows local users to cause a deni...
RHEL 7 : polkit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - polkit: potential information disclosure vulnerability due to cookie counter wrapping CVE-2015-4625 -...
SUSE: Security Advisory (SUSE-SU-2015:1838-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : polkit (EulerOS-SA-2020-1463)
According to the versions of the polkit package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might all...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1424)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1463)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2404)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2223)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PolicyKit vulnerabilities (USN-3717-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3717-1 advisory. Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use thi...
Ubuntu: Security Advisory (USN-3717-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3717-1: PolicyKit vulnerabilities
Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-3218 It was discovered that PolicyKit...
openSUSE Security Update : polkit (openSUSE-2015-711)
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2015:1838-1)
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
CVE-2015-3218
The authenticationagentnew function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit aka polkit before 0.113 allows local users to cause a denial of service NULL pointer dereference and polkitd daemon crash by calling RegisterAuthenticationAgent with an invalid object path...
CVE-2015-3218
CVE-2015-3218 is a local vulnerability in PolicyKit (polkit) impacting polkit’s authentication flow. The issue resides in the authentication_agent_new function path polkitbackend/polkitbackendinteractiveauthority.c and also relates to RegisterAuthenticationAgent with an invalid object path, enabl...
openSUSE: Security Advisory for polkit (openSUSE-SU-2015:1734-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : polkit (openSUSE-2015-655)
Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed : - CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 - CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...
Fedora 21 : polkit-0.113-4.fc21 (2015-11743)
Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625. Please make sure to reboot or run systemctl restart polkit.service after applying this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora 22 : polkit-0.113-1.fc22 (2015-11058)
Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...
Fedora Update for polkit FEDORA-2015-11058
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...