Download
| Alert*
oval:org.secpod.oval:def:89043592
- CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password . oval:org.secpod.oval:def:204827 PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fix: * PackageKit: authentication bypass allows to install signed packages without administrator privileges For more details about the ... oval:org.secpod.oval:def:603405 Matthias Gerstner discovered that PackageKit, a DBus abstraction layer for simple software management tasks, contains an authentication bypass flaw allowing users without privileges to install local packages. oval:org.secpod.oval:def:704055 packagekit: Provides a package management service PackageKit could be made to install or run programs as an administrator. oval:org.secpod.oval:def:502282 PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fix: * PackageKit: authentication bypass allows to install signed packages without administrator privileges For more details about the ... oval:org.secpod.oval:def:53333 Matthias Gerstner discovered that PackageKit, a DBus abstraction layer for simple software management tasks, contains an authentication bypass flaw allowing users without privileges to install local packages. oval:org.secpod.oval:def:1502186 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700031 Authentication bypass allows to install signed packages without administrator privilegesAn authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages ... |