what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2013-4327

Status Candidate

Overview

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

Related Files

Gentoo Linux Security Advisory 201406-27
Posted Jun 27, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-27 - A race condition in polkit could allow a local attacker to gain escalated privileges. Versions less than 3.14.1 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2013-4288, CVE-2013-4311, CVE-2013-4324, CVE-2013-4325, CVE-2013-4327
SHA-256 | e25d75df9ade95871973ee8eb13ecdc5976b44c82d22212c6566220987e42d0e
Debian Security Advisory 2777-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2777-1 - Multiple security issues in systemd have been discovered by Sebastian to the bypass of Policykit restrictions and privilege escalation or denial of service through an integer overflow in journald and missing input sanitising in the processing of X keyboard extension (XKB) files.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2013-4327, CVE-2013-4391, CVE-2013-4394
SHA-256 | 317013ec0e6ce864ca057e95e8db59dc95c1c32f8d7632418eb29c25cb50f773
Mandriva Linux Security Advisory 2013-243
Posted Sep 27, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2013-4288, CVE-2013-4325, CVE-2013-4326, CVE-2013-4327
SHA-256 | 91ca06b6329364c75747c0f85a55c45bc6033f08b2e6bb7fa73577a3bf412762
Ubuntu Security Notice USN-1961-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1961-1 - It was discovered that systemd was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4327
SHA-256 | 8d3f12f496aefbcf0ee96e07388171506a6f132ca36d598b2ad413d8cf4b4c4e
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close