7 matches found
Researchers Unveil New Linux Malware Linked to Chinese Hackers
Cybersecurity researchers on Wednesday shed light on a new sophisticated backdoor targeting Linux endpoints and servers that's believed to be the work of Chinese nation-state actors. Dubbed "RedXOR" by Intezer, the backdoor masquerades as a polkit daemon, with similarities found between the malwa...
polkit: Improper authorization in polkit_backend_interactive_authority_check_authorization function in polkitd
It was found that Polkit's CheckAuthorization and RegisterAuthenticationAgent D-Bus calls did not validate the client provided UID. A specially crafted program could use this flaw to submit arbitrary UIDs, triggering various denial of service or minor disclosures, such as which authentication is...
Ubuntu Update for hplip USN-2085-1
Check for the Version of hplip OpenVAS Vulnerability Test $Id: gbubuntuUSN20851.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for hplip USN-2085-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...
Ubuntu: Security Advisory (USN-2085-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : hplip (MDVSA-2014:023)
Updated hplip packages fix security vulnerabilities : It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files CVE-2013-6402. It was discovered that HPLIP contained an upgrade tool that would...
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : hplip vulnerabilities (USN-2085-1)
It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and higher, this should be prevented by the Yama link restrictions. CVE-2013-6402 It was...
polkit: polkitd/pkexec vulnerability
Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...