20 matches found
SUSE CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
SUSE: Security Advisory (SUSE-SU-2015:1838-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2016-0189)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : polkit (RHSA-2016:0189)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0189 advisory. PolicyKit is a toolkit for defining and handling authorizations. A denial of service flaw was found in how polkit handled authorization requests. A...
Oracle Linux 7 : polkit (ELSA-2016-0189)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-0189 advisory. 0.112-6 - Fix CVE-2015-3256 Resolves: 1271790 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
Scientific Linux Security Update : polkit on SL7.x x86_64 (20160216)
A denial of service flaw was found in how polkit handled authorization requests. A local, unprivileged user could send malicious requests to polkit, which could then cause the polkit daemon to corrupt its memory and crash. CVE-2015-3256 The system must be rebooted for this update to take effect...
RedHat Update for polkit RHSA-2016:0189-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: polkit security update
Updated polkit packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...
polkit security update
0.112-6 - Fix CVE-2015-3256 Resolves: 1271790...
openSUSE Security Update : polkit (openSUSE-2015-711)
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2015:1838-1)
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
CVE-2015-3256
CVE-2015-3256 affects PolicyKit (polkit) until version 0.113, with a denial-of-service/privacy risk due to memory corruption and polkitd crashes, tied to javascript rule evaluation. The vulnerability is locally exploitable by unprivileged users and may enable privilege escalation. Public document...
CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
SUSE-SU-2015:1838-1 Security update for polkit
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed: Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
openSUSE: Security Advisory for polkit (openSUSE-SU-2015:1734-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : polkit (openSUSE-2015-655)
Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed : - CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 - CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...
Fedora 21 : polkit-0.113-4.fc21 (2015-11743)
Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625. Please make sure to reboot or run systemctl restart polkit.service after applying this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora Update for polkit FEDORA-2015-11058
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : polkit-0.113-1.fc22 (2015-11058)
Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...
Updated polkit package fixes security vulnerabilities
Local privilege escalation in polkit before 0.113 due to predictable authentication session cookie values CVE-2015-4625. Various memory corruption vulnerabilities in polkit before 0.113 in the use of the JavaScript interpreter, possibly leading to local privilege escalation CVE-2015-3256. Memory...