24 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-4625
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the authenticationagentnewcookie function in PolicyKit aka polkit before 0.113 allows local users to gain privileges by creating a large...
RHEL 7 : polkit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - polkit: potential information disclosure vulnerability due to cookie counter wrapping CVE-2015-4625 -...
SUSE: Security Advisory (SUSE-SU-2015:1838-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : polkit (EulerOS-SA-2020-1463)
According to the versions of the polkit package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might all...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1424)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1463)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2404)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2223)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3717-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PolicyKit vulnerabilities (USN-3717-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3717-1 advisory. Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use thi...
USN-3717-1: PolicyKit vulnerabilities
Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-3218 It was discovered that PolicyKit...
openSUSE Security Update : polkit (openSUSE-2015-711)
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2015:1838-1)
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed : - Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
CVE-2015-4625
Integer overflow in the authenticationagentnewcookie function in PolicyKit aka polkit before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value...
CVE-2015-4625
Integer overflow in the authenticationagentnewcookie function in PolicyKit aka polkit before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value...
CVE-2015-4625
PolicyKit (polkit) before 0.113 is affected by an integer overflow in authentication_agent_new_cookie, which local users can exploit to gain privileges by creating many connections and triggering a duplicate cookie. This CVE (CVE-2015-4625) affects polkit across multiple distributions; remediatio...
CVE-2015-4625
Integer overflow in the authenticationagentnewcookie function in PolicyKit aka polkit before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value...
SUSE-SU-2015:1838-1 Security update for polkit
polkit was updated to the 0.113 release, fixing security issues and bugs. Security issues fixed: Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future,...
openSUSE: Security Advisory for polkit (openSUSE-SU-2015:1734-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : polkit (openSUSE-2015-655)
Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed : - CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 - CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...