[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2984-1 acpi-support -- acpi-support

ID: oval:org.secpod.oval:def:601727Date: (C)2014-08-01   (M)2022-10-10
Class: PATCHFamily: unix




CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script.

Platform:
Debian 7.0
Product:
acpi-support
Reference:
DSA-2984-1
CVE-2014-1419
CVE    1
CVE-2014-1419
CPE    3
cpe:/a:canonical:acpi-support:0.141
cpe:/a:canonical:acpi-support
cpe:/o:debian:debian_linux:7.x

© SecPod Technologies