Download
| Alert*
oval:org.secpod.oval:def:1801744
polkit is installed oval:org.secpod.oval:def:106661 polkit is installed oval:org.secpod.oval:def:500109 PolicyKit is a toolkit for defining and handling authorizations. A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those command ... oval:org.secpod.oval:def:501764 PolicyKit is a toolkit for defining and handling authorizations. A denial of service flaw was found in how polkit handled authorization requests. A local, unprivileged user could send malicious requests to polkit, which could then cause the polkit daemon to corrupt its memory and crash. All polkit ... oval:org.secpod.oval:def:109350 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:109279 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:1802004 A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informa ... oval:org.secpod.oval:def:1500243 Updated polkit packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:105873 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:501108 PolicyKit is a toolkit for defining and handling authorizations. A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit ... oval:org.secpod.oval:def:202946 PolicyKit is a toolkit for defining and handling authorizations. A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit ... oval:org.secpod.oval:def:1801743 In PolicyKit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. oval:org.secpod.oval:def:1801749 In PolicyKit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. |