Lucene search
UbuntuUSN-2304-1HistoryJul 31, 2014 - 12:00 a.m.
KDE-Libs vulnerability
2014-07-3100:00:00
ubuntu.com
25
8.9 High
AI Score
Confidence
High
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Releases
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- kde4libs - KDE 4 core applications and libraries
Details
It was discovered that kauth was using polkit in an unsafe manner. A local
attacker could possibly use this issue to bypass intended polkit
authorizations.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.04 | noarch | kdelibs5-plugins | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | kdelibs-bin | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | kdelibs5-dbg | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | kdelibs5-dev | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | kdoctools | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libkcmutils4 | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libkde3support4 | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libkdeclarative5 | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libkdecore5 | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libkdesu5 | < 4:4.13.2a-0ubuntu0.3 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 20 Update: kopete-4.14.1-1.fc20
2014-09-27 09:47:48
[SECURITY] Fedora 20 Update: konsole-4.14.1-2.fc20
2014-09-27 09:47:53
[SECURITY] Fedora 20 Update: akonadi-1.13.0-2.fc20
2014-09-27 09:47:42
nessus
nessus
Fedora 20 : akonadi-1.13.0-2.fc20 / amor-4.14.1-1.fc20 / analitza-4.14.1-1.fc20 / ark-4.14.1-1.fc20 / etc (2014-11448)
2014-09-29 00:00:00
Fedora 20 : polkit-qt-0.112.0-1.fc20 (2014-9641)
2014-09-22 00:00:00
openSUSE Security Update : kdelibs4 (openSUSE-SU-2014:0981-1)
2014-08-12 00:00:00
redhat
redhat
(RHSA-2014:1359) Important: polkit-qt security update
2014-10-06 00:00:00
openvas
openvas
Fedora Update for kde-print-manager FEDORA-2014-11448
2014-10-01 00:00:00
Fedora Update for filelight FEDORA-2014-11448
2014-10-01 00:00:00
Fedora Update for kdeaccessibility FEDORA-2014-11448
2014-10-01 00:00:00
debian
debian
[SECURITY] [DLA 76-1] kde4libs security update
2014-10-24 11:13:35
[SECURITY] [DSA 3004-1] kde4libs security update
2014-08-10 22:34:33
oraclelinux
oraclelinux
polkit-qt security update
2014-10-06 00:00:00
securityvulns
securityvulns
KDE restrictions bypass
2014-08-04 00:00:00
centos
centos
polkit security update
2014-10-06 18:04:24
freebsd
freebsd
kdelibs -- KAuth PID Reuse Flaw
2014-07-30 00:00:00
8.9 High
AI Score
Confidence
High
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Related for USN-2304-1