26 matches found
pkexec-exploit-2011
Linux pkexec and polkitd...
MiracleLinux 7 : polkit-0.112-26.el7 (AXSA:2020-4540:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4540:01 advisory. polkit: Improper authorization in polkitbackendinteractiveauthoritycheckauthorization function in polkitd CVE-2018-1116 Tenable has extracted the preceding...
SUSE CVE-2011-1485
Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...
SUSE CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
CentOS 7 : polkit (RHSA-2020:1135)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1135 advisory. - A flaw was found in polkit before version 0.116. The implementation of the polkitbackendinteractiveauthoritycheckauthorization function in polkitd allows to...
DEBIAN-CVE-2018-1116
A flaw was found in polkit before version 0.116. The implementation of the polkitbackendinteractiveauthoritycheckauthorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informati...
Race condition
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
Null pointer dereference
The authenticationagentnew function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit aka polkit before 0.113 allows local users to cause a denial of service NULL pointer dereference and polkitd daemon crash by calling RegisterAuthenticationAgent with an invalid object path...
CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
CVE-2015-3218
The authenticationagentnew function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit aka polkit before 0.113 allows local users to cause a denial of service NULL pointer dereference and polkitd daemon crash by calling RegisterAuthenticationAgent with an invalid object path...
Memory corruption
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
CVE-2015-3218
The authenticationagentnew function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit aka polkit before 0.113 allows local users to cause a denial of service NULL pointer dereference and polkitd daemon crash by calling RegisterAuthenticationAgent with an invalid object path...
CVE-2015-3218
CVE-2015-3218 is a local vulnerability in PolicyKit (polkit) impacting polkit’s authentication flow. The issue resides in the authentication_agent_new function path polkitbackend/polkitbackendinteractiveauthority.c and also relates to RegisterAuthenticationAgent with an invalid object path, enabl...
CVE-2015-3256
PolicyKit aka polkit before 0.113 allows local users to cause a denial of service memory corruption and polkitd daemon crash and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."...
Security update for polkit (important)
Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed: CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...
Linux PolicyKit Race Condition Privilege Escalation
A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec. Those vulnerable include RHEL6 prior to...
RedHat Update for polkit RHSA-2011:0455-01
Check for the Version of polkit OpenVAS Vulnerability Test RedHat Update for polkit RHSA-2011:0455-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Linux pkexec / polkitd 0.96 Race Condition
!/bin/sh pid; if stat procbuf, &statbuf != 0 gseterror error, POLKITERROR, POLKITERRORFAILED, "stat failed for /proc/%d: %s", process-pid, gstrerror errno; goto out; where the code only rely on stat of the pseudo filesystem src/polkit/polkitsubject.c --------- there's not enough validation to run...